Out of bounds incorrectly detected

stefan-vc · March 17, 2022, 1:25pm

We have a case where OutOfBounds is incorrectly detected by SonarCloud.

Where do we report this?

uint16_t outofbounds(uint16_t in, uint16_t l) {

    uint16_t arr[5] = { 0 };

    uint16_t b = 0;

    for (uint16_t a = in; a < l; a++) {
        switch (a) {
        case 1000 ... 1004:

            b = arr[a - 1000U]; // Out of bound
            b = arr[a - 1000]; // OK
            b = arr[(a - 1000U) & 0xFF]; // OK
            break;

        case 2000:
            case 2001:
            case 2002:
            case 2003:
            case 2004:
            b = arr[a - 2000U]; // OK
            b = arr[a - 2000]; // OK
            break;

        default:
            break;
        }
    }
    return b;
}

Tomasz_Kaminski · March 17, 2022, 4:27pm

Thank for for the report and welcome to the community.
This is indeed False Positive that is related to use of the GNU Case Ranges extension that is not standard C++, and rewriting them in terms of list of cases fixes the issue.

I have created following ticket to track this report.

stefan-vc · March 18, 2022, 8:37am

Thank you.

system · March 25, 2022, 8:37am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.