codeql-coding-standards icon indicating copy to clipboard operation
codeql-coding-standards copied to clipboard
verified publisher icon github

`STR53`: Fails to capture fixed string size.

Open MFaisalZaki opened this issue 3 years ago • 0 comments

Affected rules

  • cpp/cert/range-check-string-element-access

Description

The rule hits on a fixed string length. The provided code snippet shows a simple 16-base converter yet the rule states

Access of container of type const string does not ensure that the index is smaller than the bounds.

Even though the reminder operation minimum value will be always 0 and the string d will never be empty.

Example

#include <iostream>
#include <string>

int main() {

    std::string word(" ");
    auto num = 100000;
    static const std::string d = "0123456789ABCDEF";

    while (num > 0) {
        word = d[num % 16] + word;
        num /= 16;
    }

    return 0;
}

MFaisalZaki avatar Aug 17 '22 10:08 MFaisalZaki