V1028. Possible overflow. Consider casting operands, not the result.


The analyzer has detected a suspicious type cast: the result of a binary operation over 32-bit values is cast to a 64-bit type.

Consider the following example:

unsigned a;
unsigned  b;
....
uint64_t c = (uint64_t)(a * b);

This cast is redundant: type 'unsigned' would have been automatically promoted to type 'uint64_t' anyway when executing the assignment operation.

The developer must have intended to take measures against a possible overflow but failed to do that properly. When multiplying 'unsigned' variables, the overflow will take place anyway, and only then will the meaningless product be explicitly promoted to type 'uint64_t'.

It is one of the operands that should have been cast instead to avoid the overflow. Fixed code:

uint64_t c = (uint64_t)a * b;

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-190.

You can look at examples of errors detected by the V1028 diagnostic.


Bugs Found

Checked Projects
355
Collected Errors
13 303