V781. The value of the variable is checked after it was used. Perhaps there is a mistake in program logic. Check lines: N1, N2.


The analyzer detected the following issue in the code. The value of a variable is first used as the size or index of an array and only then is compared with 0 or the array size. This issue may indicate the presence of a logic error or typo in one of the comparisons.

Consider the following example:

int idx = GetPos(buf);
buf[idx] = 42;
if (idx < 0) return -1;

If the value of 'idx' turns out to be less than zero, an attempt to evaluate the 'buf[idx]' expression will result in an error. The analyzer will output a warning for this code pointing at two lines: the first line is where the variable is used and the second is where its value is compared with another value.

This is what the fixed version of the code looks like:

int idx = GetPos(buf);
if (idx < 0) return -1;
buf[idx] = 42;

The analyzer also outputs the warning when the variable is compared with the array size:

int buf[10];
buf[idx] = 42;
if (idx < countof(buf)) return -1;

Fixed code:

int buf[10];
if (idx < countof(buf)) return -1;
buf[idx] = 42;

Besides the indexes, the analyzer also takes into account how variables are used as arguments to functions that work with non-negative values (memset, malloc, etc.). Consider the following example:

bool Foo(char *A, int size_A, char *B, int size_B)
{
  if (size_A <= 0)
    return false;
  memset(A, 0, size_A);
  ....
  if (size_A <= 0)                    // Error
    return false;
  memset(B, 0, size_B);
  ....
}

This code contains a typo that will be detected in an indirect way. There are actually no problems with the 'A' array, but the programmer made a mistake checking the size of the 'B' array, which causes 'size_A' to be checked only after the 'A' array has been used.

Fixed code:

bool Foo(char *A, int size_A, char *B, int size_B)
{
  if (size_A <= 0)
    return false;
  memset(A, 0, size_A);
  ....
  if (size_B <= 0)                    // FIX
    return false;
  memset(B, 0, size_B);
  ....
}

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-129, CWE-20, CWE-789.

You can look at examples of errors detected by the V781 diagnostic.


Do you make errors in the code?

Check your code
with PVS-Studio

Static code analysis
for C, C++, and C#

goto PVS-Studio;
We use cookies for the analysis of events to improve our content and make user interaction more convenient. By continuing the view of our web-pages you accept the terms of using these files. You can find out more about cookie-files and privacy policy or close the notification, by clicking on the button. Learn More →
Do not show