-
Type:
Bug Detection
-
Status: Deprecated
-
Resolution: Unresolved
-
Labels:None
-
Message:Remove the inner "sizeof" call.
-
Default Severity:Major
-
Impact:Low
-
Likelihood:High
-
Legacy Key:SizeofSizeof
-
Covered Languages:C, C++, Objective-C
-
Remediation Function:Constant/Issue
-
Constant Cost:20min
A call to sizeof(sizeof(...)) is equivalent to sizeof(size_t), and indicates a misuse or misunderstanding of the sizeof construct.
Noncompliant Code Example
#include <string.h> int main(int argc, char* argv[]) { char buffer[42]; char buffer2[sizeof(sizeof(buffer))]; /* Noncompliant - a single sizeof() was intended */ memcpy(buffer, "Hello, world!", strlen("Hello, world!")+1); memcpy(buffer2, buffer, sizeof(buffer)); /* Buffer overflow */ return 0; }
Compliant Solution
#include <string.h> int main(int argc, char* argv[]) { char buffer[42]; char buffer2[sizeof(buffer)]; /* Compliant */ memcpy(buffer, "Hello, world!", strlen("Hello, world!")+1); memcpy(buffer2, buffer, sizeof(buffer)); return 0; }
- is deprecated by
-
RSPEC-3135 Valid arguments should be passed to "sizeof" and "alignof"
- Active