metrica
Мы используем куки, чтобы пользоваться сайтом было удобно.
Хорошо
to the top
close form

Заполните форму в два простых шага ниже:

Ваши контактные данные:

Шаг 1
Поздравляем! У вас есть промокод!

Тип желаемой лицензии:

Шаг 2
Team license
Enterprise license
** Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности
close form
Запросите информацию о ценах
Новая лицензия
Продление лицензии
--Выберите валюту--
USD
EUR
RUB
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Бесплатная лицензия PVS‑Studio для специалистов Microsoft MVP
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Для получения лицензии для вашего открытого
проекта заполните, пожалуйста, эту форму
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Мне интересно попробовать плагин на:
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
check circle
Ваше сообщение отправлено.

Мы ответим вам на


Если вы так и не получили ответ, пожалуйста, проверьте папку
Spam/Junk и нажмите на письме кнопку "Не спам".
Так Вы не пропустите ответы от нашей команды.

Вебинар: Трудности при интеграции SAST, как с ними справляться - 04.04

>
>
>
Примеры ошибок, обнаруженных с помощью …

Примеры ошибок, обнаруженных с помощью диагностики V567

V567. Modification of variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior.


Fennec Media

V567 Undefined behavior. The 'm_nCurrentBitIndex' variable is modified while being used twice at single sequence point. MACLib unbitarrayold.cpp 78


uint32 CUnBitArrayOld::DecodeValueRiceUnsigned(uint32 k)
{
  ....
  while (!(m_pBitArray[m_nCurrentBitIndex >> 5] &
     Powers_of_Two_Reversed[m_nCurrentBitIndex++ & 31])) {}
  ....
}

SAGA GIS

V567 Undefined behavior. The 'iFloater' variable is modified while being used twice between sequence points. shapes_lines line_simplification.cpp 248


bool CLine_Simplification::Simplify(
  CSG_Shape *pLine, int iPart, bool *Keep)
{
  ....
  Keep[iFloater--] = iAnchor == 0 && iFloater ==
    pLine->Get_Point_Count(iPart) - 1;
  ....
}

Miranda IM

V567 Undefined behavior. The 's' variable is modified while being used twice between sequence points. msn ezxml.c 371


short ezxml_internal_dtd(ezxml_root_t root, char *s,
  size_t len)
{
  ....
  while (*(n = ++s + strspn(s, EZXML_WS)) && *n != '>') {
  ....
}

It's not guaranteed that 's' will be incremented before calling the strspn function.


IPP Samples

V567 Undefined behavior. The 'pTemp' variable is modified while being used twice between sequence points. me umc_me_cost_func.h 168


template<typename T, Ipp32s size> void HadamardFwdFast(
  ...., Ipp16s* pDst)
{
  Ipp32s *pTemp;
  ....
  for(j=0;j<4;j++) {
    a[0] = pTemp[0*4] + pTemp[1*4];
    a[1] = pTemp[0*4] - pTemp[1*4];
    a[2] = pTemp[2*4] + pTemp[3*4];
    a[3] = pTemp[2*4] - pTemp[3*4];
    pTemp = pTemp++;

    pDst[0*4] = (Ipp16s)(a[0] + a[2]);
    pDst[1*4] = (Ipp16s)(a[1] + a[3]);
    pDst[2*4] = (Ipp16s)(a[0] - a[2]);
    pDst[3*4] = (Ipp16s)(a[1] - a[3]);
    pDst = pDst++;
  }
  ....
}

Typical Undefined behavior!

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'pDst' variable is modified while being used twice between sequence points. me umc_me_cost_func.h 174
  • V567 Undefined behavior. The 'pTemp' variable is modified while being used twice between sequence points. me umc_me_cost_func.h 219
  • V567 Undefined behavior. The 'pDst' variable is modified while being used twice between sequence points. me umc_me_cost_func.h 238

IPP Samples

V567 Undefined behavior. The 'm_curIndex' variable is modified while being used twice between sequence points. vc1_enc umc_vc1_enc_planes.h 630


bool MoveOnNextFrame()
{
  if (m_nFrames>0)
  {
    m_pFrame[m_curIndex] = 0;
    m_curIndex = (++m_curIndex)%m_maxN;
    m_nFrames--;
    return true;
  }
  return false;
}

IPP Samples

V567 Undefined behavior. The 'm_Quant.LimIQuant' variable is modified while being used twice between sequence points. vc1_enc umc_vc1_enc_brc_gop.cpp 241


void VC1BRC_I::CompleteFrame(ePType picType)
{
  ....
  m_Quant.LimIQuant = m_Quant.LimIQuant--;
  ....
  m_Quant.IQuant = m_Quant.IQuant--;
  ....
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'm_Quant.IQuant' variable is modified while being used twice between sequence points. vc1_enc umc_vc1_enc_brc_gop.cpp 243

Doom 3

V567 Undefined behavior. The 'dir_cache_index' variable is modified while being used twice between sequence points. TypeInfo filesystem.cpp 1877


int idFileSystemLocal::ListOSFiles(....)
{
  ....
  dir_cache_index = (++dir_cache_index) % MAX_CACHED_DIRS;
  ....
}

This is what should have been written here: dir_cache_index = (dir_cache_index + 1) % MAX_CACHED_DIRS;


ffdshow

V567 Undefined behavior. The 'm_Offset' variable is modified while being used twice between sequence points. quicksyncutils.h 257


inline bool PopFront(T& res, DWORD dwMiliSecs)
{
  ....
  m_Offset = ++m_Offset % m_Capacity;
  ....
}

Network Security Services (NSS)

V567 Undefined behavior. The 'j' variable is modified while being used twice between sequence points. pk11slot.c 1926


PK11SlotList *
PK11_GetAllTokens(....)
{
  ....
  int j = 0;
  PRInt32 waste[16];
  ....
#if defined( XP_WIN32 )
  /* This is works around some horrible cache/page thrashing
  ** problems on Win32.  Without this, this loop can take up to
  ** 6 seconds at 100% CPU on a Pentium-Pro 200.  The thing this
  ** changes is to increase the size of the stack frame and
  ** modify it. Moving the loop code itself seems to have no
  ** effect. Dunno why this combination makes a difference,
  ** but it does.
  */
  waste[j & 0xf] = j++;
#endif
  ....
}

AssaultCube Reloaded

V567 Undefined behavior. The 'fullconsole' variable is modified while being used twice between sequence points. console.h 12


template<class LINE> struct consolebuffer
{
  void toggleconsole()
  {
    extern int altconsize;
    if(!fullconsole) fullconsole = altconsize ? 1 : 2;
    else fullconsole = ++fullconsole % 3;
  }
  ....
};

Snes9x

V567 Undefined behavior. The 'outputOffset' variable is modified while being used twice between sequence points. memmap.cpp 3926


static bool8 ReadBPSPatch (Stream *r, long, int32 &rom_size)
{
  ....
  while(length--)
    patched_rom[outputOffset++] = Memory.ROM[outputOffset];
  ....
}

Source Engine SDK

V567 Undefined behavior. The 'm_nNewSequenceParity' variable is modified while being used twice between sequence points. Client (HL2) c_baseanimating.cpp 5301


int m_nNewSequenceParity;
int m_nResetEventsParity;

void C_BaseAnimating::ResetSequenceInfo( void )
{
  ....
  m_nNewSequenceParity =
    ( ++m_nNewSequenceParity ) & EF_PARITY_MASK;
  m_nResetEventsParity =
    ( ++m_nResetEventsParity ) & EF_PARITY_MASK;
  ....
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'm_nResetEventsParity' variable is modified while being used twice between sequence points. Client (HL2) c_baseanimating.cpp 5302

Rhino (JavaScript engine)

V567 Undefined behavior. The 'currentMap' variable is modified while being used twice between sequence points. aossessionmanager.cpp 140


u4 AOSSessionManager::threadprocSessionManager(AThread& thread)
{
  ....
  currentMap = ((++currentMap) % pThis->m_HolderSize);
  ....
}

Steamworks SDK

V567 Undefined behavior. The 'm_nCurrentLeaderboard' variable is modified while being used twice between sequence points. leaderboards.cpp 201


int m_nCurrentLeaderboard;

void CLeaderboards::OnMenuSelection(....)
{
  ....
  m_nCurrentLeaderboard = ++m_nCurrentLeaderboard % 2;
  ....
}

CryEngine 3 SDK

V567 Undefined behavior. The 'm_index' variable is modified while being used twice between sequence points. inetwork.h 2303


void AddSample( T x )
{
  m_index = ++m_index % N;
  ....
}

Scilab

V567 Undefined behavior. The 's' variable is modified while being used twice between sequence points. ezxml.c 385


short ezxml_internal_dtd(ezxml_root_t root, char *s, size_t len)
{
  ....
  while (*(n = ++s + strspn(s, EZXML_WS)) && *n != '>') {
  ....
}

Scilab

V567 Undefined behavior. The 'i' variable is modified while being used twice between sequence points. csvread.c 620


static char **replaceStrings(....)
{
  ....
  int i = 0;
  ....
  for (i = 0; i < nr; i = i++)
  ....
}

Word for Windows 1.1a

V567 Undefined behavior. The 'iBitmap' variable is modified while being used twice between sequence points. ddedit.c 107


CmdBitmap()
{
  static int  iBitmap = 0;
  ....
  iBitmap = ++iBitmap % MAXBITMAP;
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'iIcon' variable is modified while being used twice between sequence points. ddedit.c 132
  • V567 Undefined behavior. The 'iCursor' variable is modified while being used twice between sequence points. ddedit.c 150

Tesseract

V567 Undefined behavior. The 'num_deleted_boxes' variable is modified while being used twice between sequence points. libtesseract303 tabvector.cpp 735


void TabVector::Evaluate(....) {
  ....
  int num_deleted_boxes = 0;
  ....
  ++num_deleted_boxes = true;
  ....
}

Chromium

V567 Undefined behavior. The 'g_color_index' variable is modified while being used twice between sequence points. window_type_launcher.cc 60


int g_color_index = 0;

explicit ModalWindow(ui::ModalType modal_type) : ....
{
  ++g_color_index %= arraysize(g_colors);
  ....
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'g_color_index' variable is modified while being used twice between sequence points. window_type_launcher.cc 123

VNL

V567 Undefined behavior. The 'mz_array_position' variable is modified while being used twice between sequence points. vnl_random.cxx 174


unsigned long vnl_random::lrand32()
{
  ....
  mz_array_position = (++mz_array_position) %
                      vnl_random_array_size;
  return p2;
}

Oracle VM Virtual Box

V567 Undefined behavior. The 'curg' variable is modified while being used twice between sequence points. consoleevents.h 75


template<class C> class ConsoleEventBuffer
{
public:
  ....
  C get()
  {
    C c;
    if (full || curg != curp)
    {
      c = buf[curg];
      ++curg %= sz;             // <=
      full = false;
    }
    return c;
  }
....
};

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'curp' variable is modified while being used twice between sequence points. consoleevents.h 95
  • V567 Undefined behavior. The 'curp' variable is modified while being used twice between sequence points. consoleevents.h 122

Miranda NG

V567 Undefined behavior. The 'i' variable is modified while being used twice between sequence points. Facebook connection.cpp 191


void FacebookProto::UpdateLoop(void *)
{
  ....
  for (int i = -1; !isOffline(); i = ++i % 50)
  ....
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The order of argument evaluation is not defined for 'mir_snwprintf' function. The 'timeout' variable is modified while being used twice between sequence points. WhenWasIt dlg_handlers.cpp 883

Godot Engine

V567 Undefined behavior. The 'selected_track' variable is modified while being used twice between sequence points. animation_editor.cpp 1378


void AnimationKeyEditor::_track_editor_input_event(....)
{
  ....
  if (v_scroll->is_visible() && p_input.is_action("ui_page_up"))
    selected_track=selected_track--;;
  ....
}

Godot Engine

V567 Undefined behavior. The 't' variable is modified while being used twice between sequence points. tween_interpolaters.cpp 265


static real_t out(real_t t, real_t b, real_t c, real_t d)
{
  return c * ((t = t / d - 1) * t * t + 1) + b;
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 't' variable is modified while being used twice between sequence points. tween_interpolaters.cpp 271
  • V567 Undefined behavior. The 't' variable is modified while being used twice between sequence points. tween_interpolaters.cpp 367

Unreal Engine 4

V567 Undefined behavior. The 'NextSampleIndex' variable is modified while being used twice between sequence points. performancemonitor.h 77


void Tick(double CurrentTime, float Value)
{
  ....
  NextSampleIndex = ++NextSampleIndex % SampleSize;
  ....
}

Apple II emulator

V567 Undefined behavior. The 'addr' variable is modified while being used twice between sequence points. cpu.cpp 564


void CpuSetupBenchmark ()
{
  ....
  *(mem+addr++) =
      (opcode >= BENCHOPCODES) ? 0x00 : ((addr >> 4)+1) << 4;
  ....
}

Gamer_Z eXtreme Party

V567 Undefined behavior. The 'readOffset' variable is modified while being used twice between sequence points. bitstream.h 952


template <>
  inline bool BitStream::Read(bool &var)
{
  if ( readOffset + 1 > numberOfBitsUsed )
    return false;

  if (data[ readOffset >> 3 ] & ( 0x80 >> ( readOffset++ % 8 ) ))
    var = true;
  else
    var = false;

  return true;
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'bitStream->readOffset' variable is modified while being used twice between sequence points. bitstream.cpp 194
  • V567 Undefined behavior. The 'bitStream->readOffset' variable is modified while being used twice between sequence points. bitstream.cpp 208

FreeSWITCH

V567 Unspecified behavior. The order of argument evaluation is not defined for 'strtol' function. Consider inspecting the 'exp' variable. switch_utils.c 3759


SWITCH_DECLARE(int) switch_number_cmp(const char *exp, int val)
{
  for (;; ++exp) {
    int a = strtol(exp, (char **)&exp, 10);
    if (*exp != '-') {
      if (a == val)
        return 1;
    } else {
      int b = strtol(++exp, (char **)&exp, 10);        // <=
      ....
    }
    if (*exp != ',')
      return 0;
  }
}

CryEngine V

V567 Undefined behavior. The 'm_current' variable is modified while being used twice between sequence points. operatorqueue.cpp 105


bool COperatorQueue::Prepare(....)
{
  ++m_current &= 1;
  m_ops[m_current].clear();
  return true;
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'itail' variable is modified while being used twice between sequence points. trimesh.cpp 3101
  • V567 Undefined behavior. The 'ihead' variable is modified while being used twice between sequence points. trimesh.cpp 3108
  • V567 Undefined behavior. The 'ivtx' variable is modified while being used twice between sequence points. boolean3d.cpp 1194
  • And 5 additional diagnostic messages.

CMaNGOS

V567 Undefined behavior. The 'm_uiMovePoint' variable is modified while being used twice between sequence points. boss_onyxia.cpp 405


void UpdateAI(const uint32 uiDiff) override
{
  ....
  switch (urand(0, 2))
  {
    case 0:
      ....
    case 1:
    {
        // C++ is stupid, so add -1 with +7
        m_uiMovePoint += NUM_MOVE_POINT - 1;
        m_uiMovePoint %= NUM_MOVE_POINT;
        break;
    }
    case 2:
        ++m_uiMovePoint %= NUM_MOVE_POINT; // <=
        break;
  }
  ....
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'm_uiCrystalPosition' variable is modified while being used twice between sequence points. boss_ossirian.cpp 150

Far2l

V567 Undefined behavior. The 'Item[FocusPos]->Selected' variable is modified while being used twice between sequence points. dialog.cpp 3827


int Dialog::Do_ProcessSpace()
{
  ....
  if (Item[FocusPos]->Flags&DIF_3STATE)
    (++Item[FocusPos]->Selected)%=3;         // <=
  else
    Item[FocusPos]->Selected = !Item[FocusPos]->Selected;
  ....
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The '::ViewerID' variable is modified while being used twice between sequence points. viewer.cpp 117

Steinberg SDKs

V567 Undefined behavior. The 'p' variable is modified while being used twice between sequence points. mdaAmbienceProcessor.cpp 151


void AmbienceProcessor::doProcessing (ProcessData& data)
{
  ....
  ++p  &= 1023;
  ++d1 &= 1023;
  ++d2 &= 1023;
  ++d3 &= 1023;
  ++d4 &= 1023;
  ....
}

ofPennerEasing

V567 CWE-758 The modification of the 't' variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. easing_equations.cpp 201


static real_t in_out(real_t t, real_t b, real_t c, real_t d) {
  if ((t /= d / 2) < 1) return c / 2 * t * t * t + b;
  return c / 2 * ((t -= 2) * t * t + 2) + b;
}

Similar errors can be found in some other places:

  • V567 CWE-758 The modification of the 't' variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. easing_equations.cpp 274

LibreOffice

V567 The modification of the 'nCount' variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. stgio.cxx 214


FatError EasyFat::Mark(....)
{
  if( nCount > 0 )
  {
    --nCount /= GetPageSize();
    nCount++;
  }
  ....
}

Doom 1

V567 [CWE-758] Undefined behavior. The 'eventhead' variable is modified while being used twice between sequence points. d_main.c 153


void D_PostEvent (event_t* ev)
{
  events[eventhead] = *ev;
  eventhead = (++eventhead)&(MAXEVENTS-1);
}

void D_ProcessEvents (void)
{
  ....
  for ( ; ....; eventtail = (++eventtail)&(MAXEVENTS-1) )
  {
    ....
  }
}

void CheckAbort (void)
{
  ....
  for ( ; ....; eventtail = (++eventtail)&(MAXEVENTS-1) )
  {
    ....
  }
}

Similar errors can be found in some other places:

  • V567 [CWE-758] Undefined behavior. The 'eventtail' variable is modified while being used twice between sequence points. d_main.c 170
  • V567 [CWE-758] Undefined behavior. The 'eventtail' variable is modified while being used twice between sequence points. d_net.c 464

glTF library

V567 The modification of the 'position.chars_read_current_line' variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. json.hpp 3832


struct position_t
{
  ....
  std::size_t chars_read_current_line = 0;
  ....
};

std::char_traits<char>::int_type get()
{
  ++position.chars_read_total;
  ++position.chars_read_current_line;
  ....
  if (current == '\n')
  {
    ++position.lines_read;
    ++position.chars_read_current_line = 0;  // <=
  }
  return current;
}

LLVM/Clang

V567 Unspecified behavior. The order of argument evaluation is not defined for 'addSection' function. Consider inspecting the 'SecNo' variable. Object.cpp 1223


void IHexELFBuilder::addDataSections() {
  ....
  uint32_t SecNo = 1;
  ....
  Section = &Obj->addSection<OwnedDataSection>(
      ".sec" + std::to_string(SecNo++), RecAddr,
      ELF::SHF_ALLOC | ELF::SHF_WRITE, SecNo);
  ....
}

Darwin-XNU

V567 Undefined behavior. The 'ucsp' variable is modified while being used twice between sequence points. vfs_utfconv.c 298


int
utf8_encodestr(....)
{
  u_int16_t ucs_ch;
  int swapbytes = ....;
  ....
  ucs_ch = swapbytes ? OSSwapInt16(*ucsp++) : *ucsp++;
  ....
}

Darwin-XNU

V567 Undefined behavior. The 'pf_status.stateid' variable is modified while being used twice between sequence points. pf.c 1440


struct pf_status pf_status;

int
pf_insert_state(struct pf_state *s, ....)
{
  ....
  if (....) {
    s->id = htobe64(pf_status.stateid++);
    ....
  }
  ....
}

Similar errors can be found in some other places:

  • V567 Undefined behavior. The 'ip_id' variable is modified while being used twice between sequence points. ip_id.c 186
  • V567 Undefined behavior. The 'lp' variable is modified while being used twice between sequence points. nfs_boot.c 505
  • V567 Undefined behavior. The 'lp' variable is modified while being used twice between sequence points. nfs_boot.c 497
  • And 3 additional diagnostic messages.