﻿ V658. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.  # V658. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly.

The analyzer has detected a potential overrun.

The following operations are executed:

• some value is being subtracted from an unsigned variable;
• the result is compared to a certain value (operators <, <=, >, >= are used).

If an overrun occurs during the subtraction, the check result might be different from what the programmer expects.

Consider the simplest case:

``````unsigned A = ...;
int B = ...;
if (A - B > 1)
Array[A - B] = 'x';``````

The programmer believes that this check will protect the code against an array overrun. But this check won't help if A < B.

Let A = 3 and B = 5;

Then 0x00000003u - 0x00000005i = FFFFFFFEu

The "A - B" expression has the "unsigned int" type according to the C++ standards. It means that "A - B" will equal FFFFFFFEu. This number is higher than one. As a result, memory outside the array's boundaries will be addressed.

There are two ways to fix the code. First, we may use variables of signed types to participate in calculations:

``````intptr_t A = ...;
intptr_t B = ...;
if (A - B > 1)
Array[A - B] = 'x';``````

Second, we can change the condition. How exactly it should be done depends on the result we want to get and the input values. If B >= 0, we just need to write the following code:

``````unsigned A = ...;
int B = ...;
if (A > B + 1)
Array[A - B] = 'x';``````

If the code is correct, you may turn off the diagnostic message for this line using the "//-V658" comment.

 According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-190.

410
14 111

### Do you make errors in the code? 