SEI CERT Coding Standard - набор стандартов написания программного обеспечения (ПО) на языках C, C++, Java и Perl, разрабатываемых координационным центром CERT (CERT Coordination Center, CERT/CC) для повышения надёжности и безопасности ПО.
Страница анализатора на сайте SEI CERT: PVS-Studio.
Error Code | Error Description | ASVS Requirement |
V502 | Perhaps the '?:' operator works in a different way than it was expected. The '?:' operator has a lower priority than the 'foo' operator. | EXP00-C |
V503 | This is a nonsensical comparison: pointer < 0. | EXP08-C |
V505 | The 'alloca' function is used inside the loop. This can quickly overflow stack. | MEM05-C |
V506 | Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid. | DCL30-C |
V507 | Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid. | DCL30-C |
V509 | Exceptions that were raised inside noexcept functions must be wrapped in a try..catch block. | DCL57-CPP |
V510 | The 'Foo' function is not expected to receive class-type variable as 'N' actual argument. | FIO47-C |
V511 | The sizeof() operator returns size of the pointer, and not of the array, in given expression. | ARR01-C |
V512 | A call of the 'Foo' function will lead to a buffer overflow or underflow. | ARR01-C, ARR30-C |
V513 | Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions. | MSC24-C |
V514 | Dividing sizeof a pointer by another value. There is a probability of logical error presence. | ARR01-C |
V515 | The 'delete' operator is applied to non-pointer. | MEM51-CPP |
V516 | Consider inspecting an odd expression. Non-null function pointer is compared to null. | EXP16-C |
V517 | The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. | MSC01-C |
V518 | The 'malloc' function allocates strange amount of memory calculated by 'strlen(expr)'. Perhaps the correct variant is strlen(expr) + 1. | STR31-C |
V519 | The 'x' variable is assigned values twice successively. Perhaps this is a mistake. | MSC13-C |
V520 | The comma operator ',' in array index expression. | EXP08-C |
V521 | Such expressions using the ',' operator are dangerous. Make sure the expression is correct. | EXP10-C, EXP50-CPP |
V522 | Dereferencing of the null pointer might take place. | EXP34-C, MEM52-CPP |
V527 | It is odd that the 'zero' value is assigned to pointer. Probably meant: *ptr = zero. | INT36-C |
V528 | It is odd that pointer is compared with the 'zero' value. Probably meant: *ptr != zero. | INT36-C |
V529 | Odd semicolon ';' after 'if/for/while' operator. | EXP15-C |
V530 | The return value of function 'Foo' is required to be utilized. | EXP12-C |
V531 | It is odd that a sizeof() operator is multiplied by sizeof(). | MEM35-C |
V532 | Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'. | EXP30-C |
V533 | It is likely that a wrong variable is being incremented inside the 'for' operator. Consider reviewing 'X'. | MSC01-C |
V534 | It is likely that a wrong variable is being compared inside the 'for' operator. Consider reviewing 'X'. | MSC01-C |
V535 | The variable 'X' is being used for this loop and for the outer loop. | MSC01-C |
V536 | Be advised that the utilized constant value is represented by an octal form. | DCL18-C |
V539 | Consider inspecting iterators which are being passed as arguments to function 'Foo'. | CTR53-CPP |
V540 | Member 'x' should point to string terminated by two 0 characters. | EXP37-C |
V541 | It is dangerous to print a string into itself. | EXP37-C |
V542 | Consider inspecting an odd type cast: 'Type1' to ' Type2'. | INT36-C |
V546 | Member of a class is initialized with itself: 'Foo(Foo)'. | EXP53-CPP |
V548 | Consider reviewing type casting. TYPE X[][] is not equivalent to TYPE **X. | EXP36-C |
V549 | The 'first' argument of 'Foo' function is equal to the 'second' argument. | EXP37-C |
V550 | An odd precise comparison. It's probably better to use a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon. | FLP02-C |
V551 | The code under this 'case' label is unreachable. | MSC12-C |
V554 | Incorrect use of smart pointer. | MEM51-CPP |
V555 | The expression of the 'A - B > 0' kind will work as 'A != B'. | INT02-C |
V556 | The values of different enum types are compared. | MSC01-C |
V557 | Array overrun is possible. | ARR30-C |
V558 | Function returns the pointer/reference to temporary local object. | DCL30-C |
V559 | Suspicious assignment inside the conditional expression of 'if/while/for' statement. | EXP45-C |
V561 | It's probably better to assign value to 'foo' variable than to declare it anew. | DCL01-C |
V562 | It's odd to compare a bool type value with a value of N. | INT31-C |
V563 | It is possible that this 'else' branch must apply to the previous 'if' statement. | EXP19-C |
V564 | The '&' or '|' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' or '||' operator. | EXP46-C |
V565 | An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing. | ERR56-CPP |
V566 | The integer constant is converted to pointer. Possibly an error or a bad coding style. | INT36-C |
V567 | The modification of a variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. | EXP30-C |
V568 | It's odd that the argument of sizeof() operator is the expression. | EXP44-C, ARR01-C |
V569 | Truncation of constant value. | INT31-C |
V573 | Uninitialized variable 'Foo' was used. The variable was used to initialize itself. | EXP33-C, EXP53-CPP |
V574 | The pointer is used simultaneously as an array and as a pointer to single object. | EXP08-C |
V575 | Function receives an odd argument. | EXP37-C |
V576 | Incorrect format. Consider checking the N actual argument of the 'Foo' function. | FIO47-C, DCL11-C |
V577 | Label is present inside a switch(). It is possible that these are misprints and 'default:' operator should be used instead. | MSC01-C |
V579 | The 'Foo' function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the N argument. | ARR01-C |
V580 | An odd explicit type casting. Consider verifying it. | EXP39-C |
V582 | Consider reviewing the source code which operates the container. | ARR30-C |
V585 | An attempt to release the memory in which the 'Foo' local variable is stored. | MEM34-C |
V586 | The 'Foo' function is called twice for deallocation of the same resource. | MEM30-C, MEM50-CPP |
V590 | Consider inspecting this expression. The expression is excessive or contains a misprint. | MSC01-C |
V591 | Non-void function should return a value. | MSC52-CPP |
V593 | Consider reviewing the expression of the 'A = B == C' kind. The expression is calculated as following: 'A = (B == C)'. | EXP00-C |
V594 | The pointer steps out of array's bounds. | ARR30-C |
V595 | The pointer was utilized before it was verified against nullptr. Check lines: N1, N2. | EXP34-C |
V596 | The object was created but it is not being used. The 'throw' keyword could be missing. | MSC13-C |
V597 | The compiler could delete the 'memset' function call, which is used to flush 'Foo' buffer. The RtlSecureZeroMemory() function should be used to erase the private data. | MSC06-C |
V598 | The 'memset/memcpy' function is used to nullify/copy the fields of 'Foo' class. Virtual table pointer will be damaged by this. | EXP62-CPP, OOP57-CPP |
V599 | The virtual destructor is not present, although the 'Foo' class contains virtual functions. | OOP52-CPP |
V600 | Consider inspecting the condition. The 'Foo' pointer is always not equal to NULL. | EXP08-C |
V601 | An odd implicit type casting. | INT36-C |
V603 | The object was created but it is not being used. If you wish to call constructor, 'this->Foo::Foo(....)' should be used. | MSC13-C |
V604 | It is odd that the number of iterations in the loop equals to the size of the pointer. | ARR01-C |
V605 | Consider verifying the expression. An unsigned value is compared to the number - NN. | INT02-C |
V606 | Ownerless token 'Foo'. | MSC12-C |
V609 | Divide or mod by zero. | INT33-C |
V610 | Undefined behavior. Check the shift operator. | INT34-C |
V611 | The memory allocation and deallocation methods are incompatible. | MEM51-CPP |
V612 | An unconditional 'break/continue/return/goto' within a loop. | MSC01-C |
V613 | Strange pointer arithmetic with 'malloc/new'. | EXP08-C |
V614 | Uninitialized variable 'Foo' used. | EXP33-C, EXP33-CPP |
V615 | An odd explicit conversion from 'float *' type to 'double *' type. | FLP34-C |
V618 | It's dangerous to call the 'Foo' function in such a manner, as the line being passed could contain format specification. The example of the safe code: printf("%s", str); | FIO30-C |
V619 | An array is being utilized as a pointer to single object. | EXP08-C |
V620 | It's unusual that the expression of sizeof(T)*N kind is being summed with the pointer to T type. | EXP08-C |
V621 | Consider inspecting the 'for' operator. It's possible that the loop will be executed incorrectly or won't be executed at all. | MSC21-C |
V622 | Consider inspecting the 'switch' statement. It's possible that the first 'case' operator is missing. | DCL41-C |
V623 | Consider inspecting the '?:' operator. A temporary object is being created and subsequently destroyed. | DCL30-C |
V628 | It's possible that the line was commented out improperly, thus altering the program's operation logics. | EXP19-C |
V629 | Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. | INT00-C |
V630 | The 'malloc' function is used to allocate memory for an array of objects which are classes containing constructors/destructors. | MEM53-CPP |
V632 | Consider inspecting the NN argument of the 'Foo' function. It is odd that the argument is of the 'T' type. | EXP37-C |
V633 | Consider inspecting the expression. Probably the '!=' should be used here. | EXP45-C |
V634 | The priority of the '+' operation is higher than that of the '<<' operation. It's possible that parentheses should be used in the expression. | EXP00-C |
V635 | Consider inspecting the expression. The length should probably be multiplied by the sizeof(wchar_t). | MEM35-C |
V636 | The expression was implicitly cast from integer type to real type. Consider utilizing an explicit type cast to avoid overflow or loss of a fractional part. | FLP06-C |
V639 | Consider inspecting the expression for function call. It is possible that one of the closing ')' parentheses was positioned incorrectly. | EXP37-C |
V640 | The code's operational logic does not correspond with its formatting. | EXP19-C |
V641 | The buffer size is not a multiple of the element size. | EXP36-C |
V642 | Saving the function result inside the 'byte' type variable is inappropriate. The significant bits could be lost breaking the program's logic. | INT31-C |
V643 | Unusual pointer arithmetic. The value of the 'char' type is being added to the string pointer. | ARR30-C, EXP08-C |
V645 | The function call could lead to the buffer overflow. The bounds should not contain the size of the buffer, but a number of characters it can hold. | STR31-C, ARR30-C |
V647 | The value of 'A' type is assigned to the pointer of 'B' type. | INT36-C |
V648 | Priority of the '&&' operation is higher than that of the '||' operation. | EXP00-C |
V649 | There are two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless. | MSC12-C |
V650 | Type casting operation is utilized 2 times in succession. Next, the '+' operation is executed. Probably meant: (T1)((T2)a + b). | EXP08-C |
V658 | A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly. | INT30-C |
V662 | Consider inspecting the loop expression. Different containers are utilized for setting up initial and final values of the iterator. | CTR53-CPP |
V664 | The pointer is being dereferenced on the initialization list before it is verified against null inside the body of the constructor function. | EXP34-C |
V665 | Possibly, the usage of '#pragma warning(default: X)' is incorrect in this context. The '#pragma warning(push/pop)' should be used instead. | MSC00-C |
V666 | Consider inspecting NN argument of the function 'Foo'. It is possible that the value does not correspond with the length of a string which was passed with the YY argument. | EXP37-C |
V667 | The 'throw' operator does not possess any arguments and is not situated within the 'catch' block. | ERR50-CPP |
V668 | There is no sense in testing the pointer against null, as the memory was allocated using the 'new' operator. The exception will be generated in the case of memory allocation error. | MEM52-CPP |
V670 | An uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class. | EXP33-C, EXP53-CPP |
V671 | It is possible that the 'swap' function interchanges a variable with itself. | EXP37-C |
V673 | More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits. | INT02-C |
V674 | The expression contains a suspicious mix of integer and real types. | FLP36-C |
V675 | Writing into the read-only memory. | STR30-C, ENV30-C |
V676 | It is incorrect to compare the variable of BOOL type with TRUE. | INT31-C |
V677 | Custom declaration of a standard type. The declaration from system header files should be used instead. | DCL37-C |
V679 | The 'X' variable was not initialized. This variable is passed by a reference to the 'Foo' function in which its value will be utilized. | EXP33-C, EXP53-CPP |
V681 | The language standard does not define an order in which the 'Foo' functions will be called during evaluation of arguments. | EXP10-C |
V687 | Size of an array calculated by the sizeof() operator was added to a pointer. It is possible that the number of elements should be calculated by sizeof(A)/sizeof(A[0]). | EXP08-C |
V688 | The 'foo' local variable possesses the same name as one of the class members, which can result in a confusion. | DCL01-C |
V689 | The destructor of the 'Foo' class is not declared as a virtual. It is possible that a smart pointer will not destroy an object correctly. | OOP52-CPP |
V692 | An inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, a string ending with a null terminator should be used in the first place. | STR32-C |
V694 | The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant. | ARR30-C |
V695 | Range intersections are possible within conditional expressions. | MSC01-C |
V696 | The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false. | MSC01-C |
V697 | A number of elements in the allocated array is equal to size of a pointer in bytes. | ARR01-C |
V698 | strcmp()-like functions can return not only the values -1, 0 and 1, but any values. | EXP12-C |
V699 | Consider inspecting the 'foo = bar = baz ? .... : ....' expression. It is possible that 'foo = bar == baz ? .... : ....' should be used here instead. | EXP45-C |
V701 | realloc() possible leak: when realloc() fails in allocating memory, original pointer is lost. Consider assigning realloc() to a temporary pointer. | WIN30-C, MEM51-CPP |
V703 | It is odd that the 'foo' field in derived class overwrites field in base class. | DCL01-C |
V705 | It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics. | EXP19-C |
V708 | Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior. | EXP50-CPP |
V709 | Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'. | EXP13-C |
V711 | It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop. | DCL01-C |
V712 | Be advised that compiler may delete this cycle or make it infinity. Use volatile variable(s) or synchronization primitives to avoid this. | MSC06-C |
V713 | The pointer was utilized in the logical expression before it was verified against nullptr in the same logical expression. | EXP34-C |
V714 | Variable is not passed into foreach loop by a reference, but its value is changed inside of the loop. | MSC13-C |
V715 | The 'while' operator has empty body. Suspicious pattern detected. | EXP15-C |
V716 | Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT). | INT31-C |
V719 | The switch statement does not cover all values of the enum. | MSC01-C |
V721 | The VARIANT_BOOL type is utilized incorrectly. The true value (VARIANT_TRUE) is defined as -1. | INT31-C |
V722 | An abnormality within similar comparisons. It is possible that a typo is present inside the expression. | MSC01-C |
V723 | Function returns a pointer to the internal string buffer of a local object, which will be destroyed. | DCL30-C |
V724 | Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'. | INT31-C |
V726 | An attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function. | MEM34-C |
V727 | Return value of 'wcslen' function is not multiplied by 'sizeof(wchar_t)'. | STR31-C |
V730 | Not all members of a class are initialized inside the constructor. | EXP53-CPP |
V732 | Unary minus operator does not modify a bool type value. | INT31-C |
V733 | It is possible that macro expansion resulted in incorrect evaluation order. | PRE01-C |
V736 | The behavior is undefined for arithmetic or comparisons with pointers that do not point to members of the same array. | ARR36-C |
V738 | Temporary anonymous object is used. | DCL30-C |
V739 | EOF should not be compared with a value of the 'char' type. Consider using the 'int' type. | INT31-C |
V742 | Function receives an address of a 'char' type variable instead of pointer to a buffer. | EXP37-C |
V743 | The memory areas must not overlap. Use 'memmove' function. | EXP37-C |
V744 | Temporary object is immediately destroyed after being created. Consider naming the object. | MSC13-C |
V746 | Object slicing. An exception should be caught by reference rather than by value. | ERR61-CPP |
V747 | An odd expression inside parenthesis. It is possible that a function name is missing. | MSC01-C |
V748 | Memory for 'getline' function should be allocated only by 'malloc' or 'realloc' functions. Consider inspecting the first parameter of 'getline' function. | MEM51-CPP |
V749 | Destructor of the object will be invoked a second time after leaving the object's scope. | MEM53-CPP |
V751 | Parameter is not used inside function's body. | MSC13-C |
V752 | Creating an object with placement new requires a buffer of large size. | MEM54-CPP |
V755 | Copying from unsafe data source. Buffer overflow is possible. | STR31-C |
V757 | It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'. | EXP12-C |
V758 | Reference invalidated because of the destruction of the temporary object returned by the function. | EXP54-CPP |
V759 | Violated order of exception handlers. Exception caught by handler for base class. | ERR54-CPP |
V763 | Parameter is always rewritten in function body before being used. | MSC13-C |
V764 | Possible incorrect order of arguments passed to function. | EXP37-C |
V769 | The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used. | EXP08-C |
V772 | Calling the 'delete' operator for a void pointer will cause undefined behavior. | MSC15-C |
V773 | The function was exited without releasing the pointer/handle. A memory/resource leak is possible. | MEM31-C, MEM51-CPP |
V774 | The pointer was used after the memory was released. | MEM30-C, MEM50-CPP |
V777 | Dangerous widening type conversion from an array of derived-class objects to a base-class pointer. | CTR56-CPP |
V779 | Unreachable code detected. It is possible that an error is present. | MSC12-C |
V780 | The object of non-passive (non-PDS) type cannot be used with the function. | EXP62-CPP, OOP57-CPP |
V781 | The value of the variable is checked after it was used. Perhaps there is a mistake in program logic. Check lines: N1, N2. | API00-C, MEM35-C, CTR50-CPP |
V782 | It is pointless to compute the distance between the elements of different arrays. | ARR36-C |
V783 | Dereferencing of invalid iterator 'X' might take place. | CTR51-CPP |
V784 | The size of the bit mask is less than the size of the first operand. This will cause the loss of the higher bits. | INT31-C |
V785 | Constant expression in switch statement. | MSC01-C |
V786 | Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B]. | MSC01-C |
V788 | Review captured variable in lambda expression. | EXP53-CPP |
V789 | Iterators for the container, used in the range-based for loop, become invalid upon a function call. | CTR53-CPP |
V793 | It is odd that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else. | INT31-C |
V796 | A 'break' statement is probably missing in a 'switch' statement. | MSC17-C |
V797 | The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos. | EXP12-C |
V798 | The size of the dynamic array can be less than the number of elements in the initializer. | ARR02-C |
V816 | It is more efficient to catch exception by reference rather than by value. | ERR61-CPP |
V821 | The variable can be constructed in a lower level scope. | DCL19-C |
V1001 | The variable is assigned but is not used by the end of the function. | MSC13-C |
V1004 | The pointer was used unsafely after it was verified against nullptr. | EXP34-C, EXP37-C, EXP08-C |
V1006 | Several shared_ptr objects are initialized by the same pointer. A double memory deallocation will occur. | MEM56-CPP |
V1007 | The value from the uninitialized optional is used. Probably it is a mistake. | EXP53-CPP |
V1012 | The expression is always false. Overflow check is incorrect. | INT30-C |
V1014 | Structures with members of real type are compared byte-wise. | FLP37-C |
V1015 | Suspicious simultaneous use of bitwise and logical operators. | EXP46-C |
V1016 | The value is out of range of enum values. This causes unspecified or undefined behavior. | INT50-CPP |
V1019 | Compound assignment expression is used inside condition. | INT31-C |
V1023 | A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception. | ERR56-CPP |
V1024 | The stream is checked for EOF before reading from it, but is not checked after reading. Potential use of invalid data. | FIO40-C |
V1026 | The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. | INT32-C |
V1028 | Possible overflow. Consider casting operands, not the result. | INT30-C |
V1029 | Numeric Truncation Error. Return value of function is written to N-bit variable. | INT31-C |
V1030 | The variable is used after it was moved. | EXP63-CPP |
V1031 | Function is not declared. The passing of data to or from this function may be affected. | DCL31-C |
V1032 | Pointer is cast to a more strictly aligned pointer type. | EXP36-C |
V1034 | Do not use real-type variables as loop counters. | FLP30-C |
V1035 | Only values that are returned from fgetpos() can be used as arguments to fsetpos(). | FIO44-C |
V1041 | Class member is initialized with dangling reference. | EXP54-CPP |
V1045 | The DllMain function throws an exception. Consider wrapping the throw operator in a try..catch block. | DCL57-CPP |
V1046 | Unsafe usage of the 'bool' and integer types together in the operation '&='. | INT31-C |
V1047 | Lifetime of the lambda is greater than lifetime of the local variable captured by reference. | EXP61-CPP |
V1050 | The uninitialized class member is used when initializing the base class. | EXP33-C, EXP53-CPP |
V1053 | Calling the 'foo' virtual function in the constructor/destructor may lead to unexpected result at runtime. | OOP50-CPP |
V1054 | Object slicing. Derived class object was copied to the base class object. | OOP51-CPP |
V1057 | Pseudo random sequence is the same at every program run. Consider assigning the seed to a value not known at compile-time. | MSC51-CPP |
V1058 | Nonsensical comparison of two different functions' addresses. | EXP16-C |
V1059 | Macro name overrides a keyword/reserved name. This may lead to undefined behavior. | DCL51-CPP |
V1061 | Extending 'std' or 'posix' namespace may result in undefined behavior. | DCL58-CPP |
V1066 | The 'SysFreeString' function should be called only for objects of the 'BSTR' type. | MEM51-CPP |
V1068 | Do not define an unnamed namespace in a header file. | DCL59-CPP |
V2001 | Consider using the extended version of the 'foo' function here. | MSC24-C |
V2002 | Consider using the 'Ptr' version of the 'foo' function here. | MSC24-C |
V2003 | Explicit conversion from 'float/double' type to signed integer type. | FLP34-C |
V2004 | Explicit conversion from 'float/double' type to unsigned integer type. | FLP34-C |
V2014 | Don't use terminating functions in library code. | ERR50-CPP |
V2522 | MISRA. The 'switch' statement should have 'default' as the last label. | MSC01-C |
V5002 | OWASP. An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing. | ERR56-CPP |
V5003 | OWASP. The object was created but it is not being used. The 'throw' keyword could be missing. | MSC13-C |
V5004 | OWASP. Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. | INT00-C |
V5005 | OWASP. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly. | INT30-C |
V5006 | OWASP. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits. | INT02-C |
V5010 | OWASP. The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. | INT32-C |
V5011 | OWASP. Possible overflow. Consider casting operands, not the result. | INT30-C |
Error Code | Error Description | ASVS Requirement |
V5301 | OWASP. An exception handling block does not contain any code. | ERR00-J |
V5304 | OWASP. Unsafe double-checked locking. | LCK10-J |
V6002 | The switch statement does not cover all values of the enum. | MSC57-J |
V6003 | The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. | MSC57-J |
V6005 | The 'x' variable is assigned to itself. | MSC56-J |
V6007 | Expression is always true/false. | MSC57-J |
V6008 | Potential null dereference. | EXP01-J |
V6010 | The return value of function 'Foo' is required to be utilized. | EXP00-J |
V6011 | The expression contains a suspicious mix of integer and real types. | NUM13-J |
V6013 | Comparison of arrays, strings, collections by reference. Possibly an equality comparison was intended. | EXP03-J |
V6018 | Constant expression in switch statement. | MSC57-J |
V6020 | Division or mod division by zero. | NUM02-J |
V6021 | The value is assigned to the 'x' variable but is not used. | MSC56-J |
V6022 | Parameter is not used inside method's body. | MSC56-J |
V6026 | This value is already assigned to the 'b' variable. | MSC56-J |
V6031 | The variable 'X' is being used for this loop and for the outer loop. | MSC57-J |
V6034 | Shift by N bits is inconsistent with the size of type. | NUM14-J |
V6037 | An unconditional 'break/continue/return/goto' within a loop. | MSC57-J |
V6038 | Comparison with 'double.NaN' is meaningless. Use 'double.isNaN()' method instead. | NUM07-J |
V6039 | There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. | MSC56-J |
V6041 | Suspicious assignment inside the conditional expression of 'if/while/do...while' statement. | EXP51-J |
V6044 | Postfix increment/decrement is senseless because this variable is overwritten. | EXP05-J |
V6049 | Classes that define 'equals' method must also define 'hashCode' method. | MET09-J |
V6050 | Class initialization cycle is present. | DCL00-J |
V6051 | Use of jump statements in 'finally' block can lead to the loss of unhandled exceptions. | ERR04-J |
V6052 | Calling an overridden method in parent-class constructor may lead to use of uninitialized data. | MET05-J |
V6053 | Collection is modified while iteration is in progress. ConcurrentModificationException may occur. | MSC06-J |
V6054 | Classes should not be compared by their name. | OBJ09-J |
V6055 | Expression inside assert statement can change object's state. | EXP06-J |
V6057 | Consider inspecting this expression. The expression is excessive or contains a misprint. | MSC57-J |
V6061 | The used constant value is represented by an octal form. | DCL50-J |
V6063 | Odd semicolon ';' after 'if/for/while' operator. | MSC51-J |
V6064 | Suspicious invocation of Thread.run(). | THI00-J |
V6066 | Passing objects of incompatible types to the method of collection. | EXP04-J |
V6068 | Suspicious use of BigDecimal class. | NUM10-J |
V6070 | Unsafe synchronization on an object. | LCK01-J |
V6073 | It is not recommended to return null or throw exceptions from 'toString' / 'clone' methods. | EXP01-J |
V6074 | Non-atomic modification of volatile variable. | VNA02-J |
V6075 | The signature of method 'X' does not conform to serialization requirements. | SER01-J |
V6077 | A suspicious label is present inside a switch(). It is possible that these are misprints and 'default:' label should be used instead. | MSC57-J |
V6082 | Unsafe double-checked locking. | LCK10-J |
V6089 | It's possible that the line was commented out improperly, thus altering the program's operation logics. | EXP52-J |
V6093 | Automatic unboxing of a variable may cause NullPointerException. | EXP01-J |
V6095 | Thread.sleep() inside synchronized block/method may cause decreased performance. | LCK09-J |
V6097 | Lowercase 'L' at the end of a long literal can be mistaken for '1'. | DCL50-J |
V6101 | compareTo()-like methods can return not only the values -1, 0 and 1, but any values. | EXP12-C |