C/CPP no warning on integer overflow

  • What language is this for?

  • Which rule?

  • Why do you believe it’s a false-positive/false-negative?
    Integeroverflows are common issues in C/CPP codes. They can lead to unexpected behaviour as well as to security issues.

  • Are you using

    • SonarCloud
  • How can we reproduce the problem? Give us a self-contained snippet of code (formatted text, no screenshots)


I extended the example and noticed that sint32 over- and underflows are actually detected.
The Rule in question would be cpp:S3949. The rule actually also states that the overflow of unsigned lead to wrong values, but the scanner does not detect them.

BTW: also clang does not.

Hello @Herschdorfer.

Thank you for reaching out and your patience.
We briefly discussed this rule and identified a few areas that need further clarification and improvements. I’ve recorded the main ones in this ticket: [CPP-4305] - Jira.



This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.