View Help Online

Start here

Home
About Klocwork
What's new
Fixed issues
Release notes
Installation

Reference

C/C++ checkers
Java checkers
C# checkers
MISRA C 2004 checkers
MISRA C++ 2008 checkers
MISRA C 2012 checkers
MISRA C 2012 checkers with Amendment 1
Commands
Metrics
Troubleshooting
Reference

Product components

C/C++ Integration build analysis
Java Integration build analysis
Desktop analysis
Refactoring
Klocwork Static Code Analysis
Klocwork Code Review
Structure101
Tuning
Custom checkers

Coding environments

Visual Studio
Eclipse for C/C++
Eclipse for Java
IntelliJ IDEA
Other

Administration

Project configuration
Build configuration
Administration
Analysis performance
Server performance
Security/permissions
Licensing
Klocwork Static Code Analysis Web API
Klocwork Code Review Web API

Community

View help online
Visit RogueWave.com
Klocwork Support
Rogue Wave Videos

Legal

Legal information

CWARN.NOEFFECT.OUTOFRANGE

Value outside of range

Ineffective binary comparison due to out of range literal constants.

Note: The CWARN.NOEFFECT.OUTOFRANGE checker is limited to situations where the result of the operation on the left or right side of the binary operator fits the width of a signed 64-bit integer variable.

Vulnerability and risk

If, in binary comparisons where on one side there is an expression and on the other side there is a literal expression; and, the value of the literal expression is out of the permitted values by the expression; then, the comparison is ineffective. This kind of comparison can be either always true or always false depending on the context. In order to avoid such problems in code, you need to type-cast the expression properly or use the right literal expression for the case.

Vulnerable code example 1

1 void foo(){
2     unsigned char i;
3     int a[256];
4     for(i=0;i<256;i++) {
5         a[i]=1;
6     }
7 }

In the above example the variable ‘I’ cannot hold a value bigger than 255; but it is being compared to the constant 256 and hence the comparison “i<256” is invariantly true. This will cause an infinite loop. Klocwork produces CWARN.NOEFFECT.OUTOFRANGE on line 4 alerting the developer for the problem.

Fixed code example 1

1 void foo(){
2     int i;
3     int a[256];
4     for(i=0;i<256;i++) {
5         a[i]=1;
6     }
7 }

Once simple fix is depicted in the above example where the variable is declared as “int” instead of “unsigned char” and thus expanding the permitted range of values for the variable ‘I’.

Vulnerable code example 2

1 void foo(int x) {
2     if (x*x != (0x7fff*0x7ffff)) {
3     }
4 }

A slightly more complex case is shown in the above example where both the expression and the literal expression have sub-expressions. But the literal expression evaluates to an integer that a 4-byte integer cannot hold. Klocwork produces a defect on line 2.

Fixed code example 2

1 void foo(int x) {
2     long long x_sqr = (long long)x*x;
3     if (x_xqr != (0x7fff*0x7ffffLL)) {
4     }
5 }

The value of “x*x” was computed with proper type-casting along with the literal 0x7ffff which is prefixed with “LL”; leading to a full 64-bit comparison.

Related checkers

Parent topic: C/C++ Warnings
Previous topic: CWARN.MEMBER.INIT.ORDER
Next topic: CWARN.NOEFFECT.SELF_ASSIGN

© Rogue Wave Software, Inc. All rights reserved. | Contact