V3063. A part of conditional expression is always true/false if it is evaluated.


The analyzer detected a possible error inside a logical condition a part of which is always true/false and is considered to be suspicious.

Consider the following example:

uint i = length;
while ((i >= 0) && (n[i] == 0)) i--;

The "i >= 0" condition is always true because the 'i' variable is of type uint, so if 'i' reaches zero, the while loop won't stop and 'i' will take the maximum value of type uint. An attempt of further access to the 'n' array will result in raising an OverflowException.

The fixed code:

int i = length;
while ((i >= 0) && (n[i] == 0)) i--;

Here's another example:

public static double Cos(double d)
{
    // -9223372036854775295 <= d <= 9223372036854775295
    Contract.Ensures(
      !(-9223372036854775295 <= d || d <= 9223372036854775295) ||
      Contract.Result<double>() >= -1.0);

The programmer wanted to make sure that the d variable belongs to the specified range (it is stated in the comment before the check) but made a typo and wrote the '||' operator instead of '&&'. The fixed code:

Contract.Ensures(
  !(-9223372036854775295 <= d && d <= 9223372036854775295) ||
  Contract.Result<double>() >= -1.0);

Sometimes the V3063 warning detects simply redundant code rather than an error. For example:

if (@char < 0x20 || @char > 0x7e) {
    if (@char > 0x7e
        || (@char >= 0x01 && @char <= 0x08)
        || (@char >= 0x0e && @char <= 0x1f)
        || @char == 0x27
        || @char == 0x2d)

The analyzer will warn us that the subexpressions @char == 0x27 and @char == 0x2d are always false because of the preceding if statement. This code may work quite well, but it is redundant and we'd better simplify it. It will make the program easier to read for other developers.

This is the simplified version of the code:

if (@char < 0x20 || @char > 0x7e) {
    if (@char > 0x7e
        || (@char >= 0x01 && @char <= 0x08)
        || (@char >= 0x0e && @char <= 0x1f))

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-570, CWE-571.

You can look at examples of errors detected by the V3063 diagnostic.


Bugs Found

Checked Projects
334
Collected Errors
12 668