Classification of PVS-Studio warnings according to the Common Weakness Enumeration (CWE)


The Common Weakness Enumeration (CWE) is a category system for software weaknesses and vulnerabilities. It is sustained by a community project with the goals of understanding flaws in software and creating automated tools that can be used to identify, fix, and prevent those flaws.

CCR (Coverage Claims Representation) for PVS-Studio is available here.

Error CodeError DescriptionCWE ID
V501There are identical sub-expressions to the left and to the right of the 'foo' operator.CWE-570, CWE-571
V502Perhaps the '?:' operator works in a different way than it was expected. The '?:' operator has a lower priority than the 'foo' operator.CWE-783
V503This is a nonsensical comparison: pointer < 0.CWE-697
V504It is highly probable that the semicolon ';' is missing after 'return' keyword.CWE-841
V505The 'alloca' function is used inside the loop. This can quickly overflow stack.CWE-770
V506Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid.CWE-562
V507Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid.CWE-562
V508The use of 'new type(n)' pattern was detected. Probably meant: 'new type[n]'.CWE-480
V509Exceptions that were raised inside noexcept functions must be wrapped in a try..catch block.CWE-248, CWE-703
V510The 'Foo' function is not expected to receive class-type variable as 'N' actual argument.CWE-686
V511The sizeof() operator returns size of the pointer, and not of the array, in given expression.CWE-467
V512A call of the 'Foo' function will lead to a buffer overflow or underflow.CWE-682, CWE-467, CWE-193, CWE-806, CWE-787, CWE-125, CWE-119
V513Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions.CWE-676
V514Dividing sizeof a pointer by another value. There is a probability of logical error presence.CWE-131
V515The 'delete' operator is applied to non-pointer.CWE-763
V516Consider inspecting an odd expression. Non-null function pointer is compared to null.CWE-570, CWE-571
V517The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.CWE-570
V518The 'malloc' function allocates strange amount of memory calculated by 'strlen(expr)'. Perhaps the correct variant is strlen(expr) + 1.CWE-131
V519The 'x' variable is assigned values twice successively. Perhaps this is a mistake.CWE-563
V520The comma operator ',' in array index expression.CWE-480
V521Such expressions using the ',' operator are dangerous. Make sure the expression is correct.CWE-480
V522Dereferencing of the null pointer might take place.CWE-476, CWE-690
V523The 'then' statement is equivalent to the 'else' statement.CWE-691
V525The code contains the collection of similar blocks. Check items X, Y, Z, ... in lines N1, N2, N3, ...CWE-682
V527It is odd that the 'zero' value is assigned to pointer. Probably meant: *ptr = zero.CWE-351
V528It is odd that pointer is compared with the 'zero' value. Probably meant: *ptr != zero.CWE-697
V529Odd semicolon ';' after 'if/for/while' operator.CWE-670
V530The return value of function 'Foo' is required to be utilized.CWE-252
V531It is odd that a sizeof() operator is multiplied by sizeof().CWE-131
V532Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'.CWE-480
V533It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'.CWE-691
V534It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'.CWE-691
V535The variable 'X' is being used for this loop and for the outer loop.CWE-691
V536Be advised that the utilized constant value is represented by an octal form.CWE-682
V537Consider reviewing the correctness of 'X' item's usage.CWE-682
V539Consider inspecting iterators which are being passed as arguments to function 'Foo'.CWE-688
V540Member 'x' should point to string terminated by two 0 characters.CWE-628
V541It is dangerous to print a string into itself.CWE-628
V542Consider inspecting an odd type cast: 'Type1' to ' Type2'.CWE-704
V543It is odd that value 'X' is assigned to the variable 'Y' of HRESULT type.CWE-704
V544It is odd that the value 'X' of HRESULT type is compared with 'Y'.CWE-253
V545Such conditional expression of 'if' statement is incorrect for the HRESULT type value 'Foo'. The SUCCEEDED or FAILED macro should be used instead.CWE-253
V546Member of a class is initialized with itself: 'Foo(Foo)'.CWE-665
V547Expression is always true/false.CWE-570, CWE-571
V548Consider reviewing type casting. TYPE X[][] is not equivalent to TYPE **X.CWE-704
V549The 'first' argument of 'Foo' function is equal to the 'second' argument.CWE-688
V550An odd precise comparison. It's probably better to use a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon.CWE-682
V551The code under this 'case' label is unreachable.CWE-561
V554Incorrect use of smart pointer.CWE-762
V556The values of different enum types are compared.CWE-697
V557Array overrun is possible.CWE-119, CWE-125, CWE-787
V558Function returns the pointer/reference to temporary local object.CWE-562
V559Suspicious assignment inside the conditional expression of 'if/while/for' statement.CWE-481
V560A part of conditional expression is always true/false.CWE-570, CWE-571
V561It's probably better to assign value to 'foo' variable than to declare it anew.CWE-563
V562It's odd to compare a bool type value with a value of N.CWE-563
V563It is possible that this 'else' branch must apply to the previous 'if' statement.CWE-670
V564The '&' or '|' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' or '||' operator.CWE-480
V565An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing.CWE-544
V566The integer constant is converted to pointer. Possibly an error or a bad coding style.CWE-587
V567The modification of a variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior.CWE-758
V569Truncation of constant value.CWE-197
V571Recurring check. This condition was already verified in previous line.CWE-571
V573Uninitialized variable 'Foo' was used. The variable was used to initialize itself.CWE-457
V575Function receives an odd argument.CWE-628
V576Incorrect format. Consider checking the N actual argument of the 'Foo' function.CWE-628, CWE-687, CWE-685, CWE-686
V577Label is present inside a switch(). It is possible that these are misprints and 'default:' operator should be used instead.CWE-478
V579The 'Foo' function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the N argument.CWE-467
V580An odd explicit type casting. Consider verifying it.CWE-843
V582Consider reviewing the source code which operates the container.CWE-119, CWE-125, CWE-787
V583The '?:' operator, regardless of its conditional expression, always returns one and the same value.CWE-783
V585An attempt to release the memory in which the 'Foo' local variable is stored.CWE-762
V586The 'Foo' function is called twice for deallocation of the same resource.CWE-675, CWE-415
V588The expression of the 'A =+ B' kind is utilized. Consider reviewing it, as it is possible that 'A += B' was meant.CWE-480
V589The expression of the 'A =- B' kind is utilized. Consider reviewing it, as it is possible that 'A -= B' was meant.CWE-480
V590Consider inspecting this expression. The expression is excessive or contains a misprint.CWE-571
V591Non-void function should return a value.CWE-393
V593Consider reviewing the expression of the 'A = B == C' kind. The expression is calculated as following: 'A = (B == C)'.CWE-783
V594The pointer steps out of array's bounds.CWE-823
V595The pointer was utilized before it was verified against nullptr. Check lines: N1, N2.CWE-476
V596The object was created but it is not being used. The 'throw' keyword could be missing.CWE-390
V597The compiler could delete the 'memset' function call, which is used to flush 'Foo' buffer. The RtlSecureZeroMemory() function should be used to erase the private data.CWE-14
V598The 'memset/memcpy' function is used to nullify/copy the fields of 'Foo' class. Virtual table pointer will be damaged by this.CWE-665
V600Consider inspecting the condition. The 'Foo' pointer is always not equal to NULL.CWE-570, CWE-571
V601An odd implicit type casting.CWE-704
V602Consider inspecting this expression. '<' possibly should be replaced with '<<'.CWE-480
V603The object was created but it is not being used. If you wish to call constructor, 'this->Foo::Foo(....)' should be used.CWE-665
V604It is odd that the number of iterations in the loop equals to the size of the pointer.CWE-682
V605Consider verifying the expression. An unsigned value is compared to the number - NN.CWE-682
V607Ownerless expression 'Foo'.CWE-482
V609Divide or mod by zero.CWE-369
V610Undefined behavior. Check the shift operator.CWE-758
V611The memory allocation and deallocation methods are incompatible.CWE-762, CWE-590
V612An unconditional 'break/continue/return/goto' within a loop.CWE-670
V613Strange pointer arithmetic with 'malloc/new'.CWE-761
V614Uninitialized variable 'Foo' used.CWE-457, CWE-824
V615An odd explicit conversion from 'float *' type to 'double *' type.CWE-704
V616The 'Foo' named constant with the value of 0 is used in the bitwise operation.CWE-480
V617Consider inspecting the condition. An argument of the '|' bitwise operation always contains a non-zero value.CWE-480
V618It's dangerous to call the 'Foo' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str);CWE-134
V620It's unusual that the expression of sizeof(T)*N kind is being summed with the pointer to T type.CWE-682
V621Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all.CWE-835
V622Consider inspecting the 'switch' statement. It's possible that the first 'case' operator is missing.CWE-478
V623Consider inspecting the '?:' operator. A temporary object is being created and subsequently destroyed.CWE-416
V625Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.CWE-691
V626Consider checking for misprints. It's possible that ',' should be replaced by ';'.CWE-483
V627Consider inspecting the expression. The argument of sizeof() is the macro which expands to a number.CWE-682
V628It's possible that the line was commented out improperly, thus altering the program's operation logics.CWE-670
V629Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type.CWE-190
V631Consider inspecting the 'Foo' function call. Defining an absolute path to the file or directory is considered a poor style.CWE-37, CWE-39
V632Consider inspecting the NN argument of the 'Foo' function. It is odd that the argument is of the 'T' type.CWE-686
V633Consider inspecting the expression. Probably the '!=' should be used here.CWE-480
V634The priority of the '+' operation is higher than that of the '<<' operation. It's possible that parentheses should be used in the expression.CWE-783
V635Consider inspecting the expression. The length should probably be multiplied by the sizeof(wchar_t).CWE-135
V636The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid overflow or loss of a fractional part.CWE-682
V637Two opposite conditions were encountered. The second condition is always false.CWE-570
V638A terminal null is present inside a string. The '\0xNN' characters were encountered. Probably meant: '\xNN'.CWE-665
V639Consider inspecting the expression for function call. It is possible that one of the closing ')' parentheses was positioned incorrectly.CWE-685
V640The code's operational logic does not correspond with its formatting.CWE-483
V641The buffer size is not a multiple of the element size.CWE-704
V642Saving the function result inside the 'byte' type variable is inappropriate. The significant bits could be lost breaking the program's logic.CWE-197
V643Unusual pointer arithmetic. The value of the 'char' type is being added to the string pointer.CWE-480
V644A suspicious function declaration. It is possible that the T type object was meant to be created.CWE-664
V645The function call could lead to the buffer overflow. The bounds should not contain the size of the buffer, but a number of characters it can hold.CWE-787, CWE-193
V646Consider inspecting the application's logic. It's possible that 'else' keyword is missing.CWE-670
V647The value of 'A' type is assigned to the pointer of 'B' type.CWE-587
V649There are two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless.CWE-561
V650Type casting operation is utilized 2 times in succession. Next, the '+' operation is executed. Probably meant: (T1)((T2)a + b).CWE-468
V651An odd operation of the 'sizeof(X)/sizeof(T)' kind is performed, where 'X' is of the 'class' type.CWE-682
V653A suspicious string consisting of two parts is used for the initialization. It is possible that a comma is missing.CWE-665
V654The condition of loop is always true/false.CWE-834
V655The strings were concatenated but are not utilized. Consider inspecting the expression.CWE-480
V657It's odd that this function always returns one and the same value of NN.CWE-393
V658A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.CWE-190
V662Consider inspecting the loop expression. Different containers are utilized for setting up initial and final values of the iterator.CWE-758
V663Infinite loop is possible. The 'cin.eof()' condition is insufficient to break from the loop. Consider adding the 'cin.fail()' function call to the conditional expression.CWE-834
V664The pointer is being dereferenced on the initialization list before it is verified against null inside the body of the constructor function.CWE-476
V666Consider inspecting NN argument of the function 'Foo'. It is possible that the value does not correspond with the length of a string which was passed with the YY argument.CWE-805
V667The 'throw' operator does not possess any arguments and is not situated within the 'catch' block.CWE-480
V668There is no sense in testing the pointer against null, as the memory was allocated using the 'new' operator. The exception will be generated in the case of memory allocation error.CWE-570, CWE-571
V670An uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class.CWE-457
V671It is possible that the 'swap' function interchanges a variable with itself.CWE-687
V673More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits.CWE-190
V674The expression contains a suspicious mix of integer and real types.CWE-682
V676It is incorrect to compare the variable of BOOL type with TRUE.CWE-253
V679The 'X' variable was not initialized. This variable is passed by a reference to the 'Foo' function in which its value will be utilized.CWE-457
V680The 'delete A, B' expression only destroys the 'A' object. Then the ',' operator returns a resulting value from the right side of the expression.CWE-401
V681The language standard does not define an order in which the 'Foo' functions will be called during evaluation of arguments.CWE-758
V683Consider inspecting the loop expression. It is possible that the 'i' variable should be incremented instead of the 'n' variable.CWE-190
V684A value of variable is not modified. Consider inspecting the expression. It is possible that '1' should be present instead of '0'.CWE-682
V686A pattern was detected: A || (A && ...). The expression is excessive or contains a logical error.CWE-571
V687Size of an array calculated by the sizeof() operator was added to a pointer. It is possible that the number of elements should be calculated by sizeof(A)/sizeof(A[0]).CWE-682
V689The destructor of the 'Foo' class is not declared as a virtual. It is possible that a smart pointer will not destroy an object correctly.CWE-404
V692An inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, a string ending with a null terminator should be used in the first place.CWE-788
V693Consider inspecting conditional expression of the loop. It is possible that 'i < X.size()' should be used instead of 'X.size()'.CWE-835
V694The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant.CWE-571
V695Range intersections are possible within conditional expressions.CWE-561, CWE-670
V696The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false.CWE-670
V697A number of elements in the allocated array is equal to size of a pointer in bytes.CWE-682
V698strcmp()-like functions can return not only the values -1, 0 and 1, but any values.CWE-253
V699Consider inspecting the 'foo = bar = baz ? .... : ....' expression. It is possible that 'foo = bar == baz ? .... : ....' should be used here instead.CWE-481
V701realloc() possible leak: when realloc() fails in allocating memory, original pointer is lost. Consider assigning realloc() to a temporary pointer.CWE-401
V702Classes should always be derived from std::exception (and alike) as 'public'.CWE-544
V704'this == 0' comparison should be avoided - this comparison is always false on newer compilers.CWE-570, CWE-571
V705It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.CWE-691
V706Suspicious division: sizeof(X) / Value. Size of every element in X array does not equal to divisor.CWE-682
V708Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior.CWE-758
V709Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'.CWE-682
V712Be advised that compiler may delete this cycle or make it infinity. Use volatile variable(s) or synchronization primitives to avoid this.CWE-835
V713The pointer was utilized in the logical expression before it was verified against nullptr in the same logical expression.CWE-476
V714Variable is not passed into foreach loop by a reference, but its value is changed inside of the loop.CWE-563
V715The 'while' operator has empty body. Suspicious pattern detected.CWE-691
V716Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT).CWE-704
V717It is suspicious to cast object of base class V to derived class U.CWE-843
V721The VARIANT_BOOL type is utilized incorrectly. The true value (VARIANT_TRUE) is defined as -1.CWE-697, CWE-665
V722An abnormality within similar comparisons. It is possible that a typo is present inside the expression.CWE-697
V723Function returns a pointer to the internal string buffer of a local object, which will be destroyed.CWE-416
V724Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'.CWE-197
V725A dangerous cast of 'this' to 'void*' type in the 'Base' class, as it is followed by a subsequent cast to 'Class' type.CWE-704
V726An attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function.CWE-761
V727Return value of 'wcslen' function is not multiplied by 'sizeof(wchar_t)'CWE-783
V728An excessive check can be simplified. The '||' operator is surrounded by opposite expressions 'x' and '!x'.CWE-570
V730Not all members of a class are initialized inside the constructor.CWE-457
V731The variable of char type is compared with pointer to string.CWE-665
V733It is possible that macro expansion resulted in incorrect evaluation order.CWE-783
V736The behavior is undefined for arithmetic or comparisons with pointers that do not point to members of the same array.CWE-758
V737It is possible that ',' comma is missing at the end of the string.CWE-665
V738Temporary anonymous object is used.CWE-672
V739EOF should not be compared with a value of the 'char' type. Consider using the 'int' type.CWE-20
V741The following pattern is used: throw (a, b);. It is possible that type name was omitted: throw MyException(a, b);.CWE-480
V742Function receives an address of a 'char' type variable instead of pointer to a buffer.CWE-170
V743The memory areas must not overlap. Use 'memmove' function.CWE-475
V744Temporary object is immediately destroyed after being created. Consider naming the object.CWE-664
V745A 'wchar_t *' type string is incorrectly converted to 'BSTR' type string.CWE-704
V747An odd expression inside parenthesis. It is possible that a function name is missing.CWE-480
V748Memory for 'getline' function should be allocated only by 'malloc' or 'realloc' functions. Consider inspecting the first parameter of 'getline' function.CWE-762
V749Destructor of the object will be invoked a second time after leaving the object's scope.CWE-675
V752Creating an object with placement new requires a buffer of large size.CWE-788
V753The '&=' operation always sets a value of 'Foo' variable to zero.CWE-682
V755Copying from unsafe data source. Buffer overflow is possible.CWE-123
V757It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'.CWE-690
V758Reference invalidated because of the destruction of the temporary object returned by the function.CWE-416
V759Violated order of exception handlers. Exception caught by handler for base class.CWE-703
V762Consider inspecting virtual function arguments. See NN argument of function 'Foo' in derived class and base class.CWE-670
V764Possible incorrect order of arguments passed to function.CWE-683
V766An item with the same key has already been added.CWE-462
V768The variable is of enum type. It is odd that it is used as a variable of a Boolean-type.CWE-570, CWE-571
V769The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used.CWE-119
V770Possible use of a left shift operator instead of a comparison operator.CWE-480
V772Calling the 'delete' operator for a void pointer will cause undefined behavior.CWE-758
V773The function was exited without releasing the pointer/handle. A memory/resource leak is possible.CWE-401, CWE-775
V774The pointer was used after the memory was released.CWE-416
V775It is odd that the BSTR data type is compared using a relational operator.CWE-1023
V776Potentially infinite loop. The variable in the loop exit condition does not change its value between iterations.CWE-835
V777Dangerous widening type conversion from an array of derived-class objects to a base-class pointer.CWE-468
V778Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.CWE-682
V779Unreachable code detected. It is possible that an error is present.CWE-561
V781The value of the variable is checked after it was used. Perhaps there is a mistake in program logic. Check lines: N1, N2.CWE-20, CWE-129, CWE-789
V782It is pointless to compute the distance between the elements of different arrays.CWE-469
V783Dereferencing of invalid iterator 'X' might take place.CWE-119
V785Constant expression in switch statement.CWE-691
V786Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B].CWE-197
V788Review captured variable in lambda expression.CWE-457
V789Iterators for the container, used in the range-based for loop, become invalid upon a function call.CWE-672
V791The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.CWE-691
V792The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.CWE-691
V796A 'break' statement is probably missing in a 'switch' statement.CWE-484
V797The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos.CWE-253
V798The size of the dynamic array can be less than the number of elements in the initializer.CWE-789
V1001The variable is assigned but is not used by the end of the function.CWE-563
V1002A class, containing pointers, constructor and destructor, is copied by the automatically generated operator= or copy constructor.CWE-665
V1004The pointer was used unsafely after it was verified against nullptr.CWE-119, CWE-628, CWE-476
V1005The resource was acquired using 'X' function but was released using incompatible 'Y' function.CWE-404
V1006Several shared_ptr objects are initialized by the same pointer. A double memory deallocation will occur.CWE-675
V1007The value from the uninitialized optional is used. Probably it is a mistake.CWE-457
V1010Unchecked tainted data is used in expression.CWE-20
V1012The expression is always false. Overflow check is incorrect.CWE-192
V1014Structures with members of real type are compared byte-wise.CWE-682
V1016The value is out of range of enum values. This causes unspecified or undefined behavior.CWE-681
V1017Variable of the 'string_view' type references a temporary object which will be removed after evaluation of an expression.CWE-416
V1022An exception was thrown by pointer. Consider throwing it by value instead.CWE-755
V1023A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception.CWE-460
V1024The stream is checked for EOF before reading from it, but is not checked after reading. Potential use of invalid data.CWE-20
V1025Rather than creating 'std::unique_lock' to lock on the mutex, a new variable with default value is created.CWE-820
V1026The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow.CWE-190
V1027Pointer to an object of the class is cast to unrelated class.CWE-704
V1028Possible overflow. Consider casting operands, not the result.CWE-190
V1029Numeric Truncation Error. Return value of function is written to N-bit variable.CWE-197
V1036Potentially unsafe double-checked locking.CWE-609
V2001Consider using the extended version of the 'foo' function here.CWE-477
V2002Consider using the 'Ptr' version of the 'foo' function here.CWE-477
V2003Explicit conversion from 'float/double' type to signed integer type.CWE-681
V2004Explicit conversion from 'float/double' type to unsigned integer type.CWE-681
V2007This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.CWE-480
V2008Cyclomatic complexity: NN. Consider refactoring the 'Foo' function.CWE-407
V2013Consider inspecting the correctness of handling the N argument in the 'Foo' function.CWE-704
V2522MISRA. The 'switch' statement should have 'default' as the last label.CWE-478
V3001There are identical sub-expressions to the left and to the right of the 'foo' operator.CWE-570, CWE-571
V3003The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.CWE-570
V3004The 'then' statement is equivalent to the 'else' statement.CWE-691
V3006The object was created but it is not being used. The 'throw' keyword could be missing.CWE-390
V3007Odd semicolon ';' after 'if/for/while' operator.CWE-691
V3008The 'x' variable is assigned values twice successively. Perhaps this is a mistake.CWE-563
V3009It's odd that this method always returns one and the same value of NN.CWE-393
V3010The return value of function 'Foo' is required to be utilized.CWE-252
V3011Two opposite conditions were encountered. The second condition is always false.CWE-570
V3012The '?:' operator, regardless of its conditional expression, always returns one and the same value.CWE-783
V3014It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'.CWE-691
V3015It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'.CWE-691
V3016The variable 'X' is being used for this loop and for the outer loop.CWE-691
V3018Consider inspecting the application's logic. It's possible that 'else' keyword is missing.CWE-670
V3019It is possible that an incorrect variable is compared with null after type conversion using 'as' keyword.CWE-697
V3020An unconditional 'break/continue/return/goto' within a loop.CWE-670
V3021There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.CWE-561
V3022Expression is always true/false.CWE-570, CWE-571
V3023Consider inspecting this expression. The expression is excessive or contains a misprint.CWE-571
V3024An odd precise comparison. Consider using a comparison with defined precision: Math.Abs(A - B) < Epsilon or Math.Abs(A - B) > Epsilon.CWE-682
V3025Incorrect format. Consider checking the N format items of the 'Foo' function.CWE-685
V3027The variable was utilized in the logical expression before it was verified against null in the same logical expression.CWE-476
V3028Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.CWE-691
V3030Recurring check. This condition was already verified in previous line.CWE-571
V3032Waiting on this expression is unreliable, as compiler may optimize some of the variables. Use volatile variable(s) or synchronization primitives to avoid this.CWE-835
V3033It is possible that this 'else' branch must apply to the previous 'if' statement.CWE-670
V3034Consider inspecting the expression. Probably the '!=' should be used here.CWE-480
V3035Consider inspecting the expression. Probably the '+=' should be used here.CWE-480
V3036Consider inspecting the expression. Probably the '-=' should be used here.CWE-480
V3038The argument was passed to method several times. It is possible that another argument should be passed instead.CWE-687
V3039Consider inspecting the 'Foo' function call. Defining an absolute path to the file or directory is considered a poor style.CWE-39
V3040The expression contains a suspicious mix of integer and real typesCWE-682
V3041The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid the loss of a fractional part.CWE-682
V3042Possible NullReferenceException. The '?.' and '.' operators are used for accessing members of the same object.CWE-476
V3043The code's operational logic does not correspond with its formatting.CWE-483
V3051An excessive type cast or check. The object is already of the same type.CWE-704
V3052The original exception object was swallowed. Stack of original exception could be lost.CWE-390
V3054Potentially unsafe double-checked locking. Use volatile variable(s) or synchronization primitives to avoid this.CWE-609
V3055Suspicious assignment inside the condition expression of 'if/while/for' operator.CWE-481
V3056Consider reviewing the correctness of 'X' item's usage.CWE-682
V3057Function receives an odd argument.CWE-628
V3058An item with the same key has already been added.CWE-462
V3060A value of variable is not modified. Consider inspecting the expression. It is possible that other value should be present instead of '0'.CWE-682
V3063A part of conditional expression is always true/false if it is evaluated.CWE-570, CWE-571
V3064Division or mod division by zero.CWE-369
V3066Possible incorrect order of arguments passed to method.CWE-683
V3067It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics.CWE-691
V3069It's possible that the line was commented out improperly, thus altering the program's operation logics.CWE-670
V3070Uninitialized variables are used when initializing the 'A' variable.CWE-457
V3076Comparison with 'double.NaN' is meaningless. Use 'double.IsNaN()' method instead.CWE-570, CWE-571
V3080Possible null dereference.CWE-476
V3082The 'Thread' object is created but is not started. It is possible that a call to 'Start' method is missing.CWE-563
V3083Unsafe invocation of event, NullReferenceException is possible. Consider assigning event to a local variable before invoking it.CWE-367
V3089Initializer of a field marked by [ThreadStatic] attribute will be called once on the first accessing thread. The field will have default value on different threads.CWE-665
V3090Unsafe locking on an object.CWE-662, CWE-833
V3092Range intersections are possible within conditional expressions.CWE-670
V3093The operator evaluates both operands. Perhaps a short-circuit operator should be used instead.CWE-480
V3095The object was used before it was verified against null. Check lines: N1, N2.CWE-476
V3098The 'continue' operator will terminate 'do { ... } while (false)' loop because the condition is always false.CWE-670
V3099Not all the members of type are serialized inside 'GetObjectData' method.CWE-684
V3100NullReferenceException is possible. Unhandled exceptions in destructor lead to termination of runtime.CWE-476
V3105The 'a' variable was used after it was assigned through null-conditional operator. NullReferenceException is possible.CWE-690
V3106Possibly index is out of bound.CWE-125, CWE-787
V3108It is not recommended to return null or throw exceptions from 'ToString()' method.CWE-684
V3110Possible infinite recursion.CWE-674
V3112An abnormality within similar comparisons. It is possible that a typo is present inside the expression.CWE-697
V3113Consider inspecting the loop expression. It is possible that different variables are used inside initializer and iterator.CWE-190
V3114IDisposable object is not disposed before method returns.CWE-404
V3115It is not recommended to throw exceptions from 'Equals(object obj)' method.CWE-684
V3116Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all.CWE-835
V3120Potentially infinite loop. The variable from the loop exit condition does not change its value between iterations.CWE-835
V3122Uppercase (lowercase) string is compared with a different lowercase (uppercase) string.CWE-570
V3123Perhaps the '??' operator works in a different way than it was expected. Its priority is lower than priority of other operators in its left part.CWE-783
V3125The object was used after it was verified against null. Check lines: N1, N2.CWE-476
V3127Two similar code fragments were found. Perhaps, this is a typo and 'X' variable should be used instead of 'Y'.CWE-682
V3128The field (property) is used before it is initialized in constructor.CWE-665
V3131The expression is checked for compatibility with the type 'A', but is casted to the 'B' type.CWE-704
V3132A terminal null is present inside a string. The '\0xNN' characters were encountered. Probably meant: '\xNN'.CWE-665
V3133Postfix increment/decrement is senseless because this variable is overwritten.CWE-682
V3134Shift by N bits is greater than the size of type.CWE-128
V3135The initial value of the index in the nested loop equals 'i'. Consider using 'i + 1' instead.CWE-691
V3136Constant expression in switch statement.CWE-691
V3137The variable is assigned but is not used by the end of the function.CWE-563
V6001There are identical sub-expressions to the left and to the right of the 'foo' operator.CWE-570, CWE-571
V6003The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.CWE-563
V6004The 'then' statement is equivalent to the 'else' statement.CWE-691
V6006The object was created but it is not being used. The 'throw' keyword could be missing.CWE-390
V6007Expression is always true/false.CWE-570, CWE-571
V6008Potential null dereference.CWE-690, CWE-476
V6010The return value of function 'Foo' is required to be utilized.CWE-252
V6011The expression contains a suspicious mix of integer and real typesCWE-682
V6012The '?:' operator, regardless of its conditional expression, always returns one and the same value.CWE-783
V6014It's odd that this method always returns one and the same value of NN.CWE-393
V6015Consider inspecting the expression. Probably the '!='/'-='/'+=' should be used here.CWE-480
V6018Constant expression in switch statement.CWE-691
V6019Unreachable code detected. It is possible that an error is present.CWE-561
V6020Division or mod division by zero.CWE-369
V6021The value is assigned to the 'x' variable but is not used.CWE-563
V6024The 'continue' operator will terminate 'do { ... } while (false)' loop because the condition is always false.CWE-670
V6025Possibly index is out of bound.CWE-787, CWE-125
V6029Possible incorrect order of arguments passed to method.CWE-683
V6030The function located to the right of the '|' and '&' operators will be called regardless of the value of the left operand. Consider using '||' and '&&' instead.CWE-691
V6031The variable 'X' is being used for this loop and for the outer loop.CWE-691
V6033An item with the same key has already been added.CWE-462
V6034Shift by N bits is inconsistent with the size of type.CWE-758
V6036The value from the uninitialized optional is used.CWE-457
V6037An unconditional 'break/continue/return/goto' within a loop.CWE-670
V6038Comparison with 'double.NaN' is meaningless. Use 'double.isNaN()' method instead.CWE-571, CWE-570
V6039There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless.CWE-561
V6040The code's operational logic does not correspond with its formatting.CWE-483
V6041Suspicious assignment inside the conditional expression of 'if/while/do...while' statement.CWE-481
V6042The expression is checked for compatibility with type 'A', but is cast to type 'B'.CWE-704
V6043Consider inspecting the 'for' operator. Initial and final values of the iterator are the same.CWE-691
V6044Postfix increment/decrement is senseless because this variable is overwritten.CWE-682
V6046Incorrect format. Consider checking the N format items of the 'Foo' function.CWE-628, CWE-685, CWE-686
V6047It is possible that this 'else' branch must apply to the previous 'if' statement.CWE-670
V6048This expression can be simplified. One of the operands in the operation equals NN. Probably it is a mistake.CWE-480
V6057Consider inspecting this expression. The expression is excessive or contains a misprint.CWE-571
V6059Odd use of special character in regular expression. Possibly, it was intended to be escaped.CWE-571
V6060The reference was used before it was verified against null.CWE-476
V6061The used constant value is represented by an octal form.CWE-682
V6062Possible infinite recursion.CWE-674
V6063Odd semicolon ';' after 'if/foreach' operator.CWE-670
V6064Suspicious invocation of Thread.run().CWE-572

Bugs Found

Checked Projects
354
Collected Errors
13 290