CWE Rule 483

Incorrect Block Delimitation

Since R2023a

expand all in page

Description

Rule Description

The code does not explicitly delimit a block that is intended to contain 2 or more statements, creating a logic error.

Polyspace Implementation

The rule checker checks for these issues:

  • Incorrectly indented statement

  • Semicolon on the same line as an if, for or while statement

Examples

expand all

Issue

This issue occurs when the indentation of a statement makes it appear as part of an if, else or another block but the arrangement or lack of braces actually keeps the statement outside the block.

Risk

A developer or reviewer might incorrectly associate the statement with a block based on its indentation, leading to an incorrect assumption about the program logic.

For instance, in this example:

if(credentialsOK())
   login=1;
   setCookies();
the line setCookies(); is not part of the if block, but the indentation suggests otherwise.

Fix

If you want a statement to be part of a block, make sure that the statement is within the braces associated with the block. To identify the extent of a block, on the Source pane, click the opening brace.

If an if, else or while statement has no braces following the condition, only the next line on an execution path up to a semicolon is considered part of the if, else or while block. If you want subsequent lines to be included in the block, wrap the lines in braces.

For instance, in the preceding example, to include both statements in the if block, use:

if(credentialsOK()) {
   login=1;
   setCookies();
}

Example — else Statement Incorrectly Indented
int switch1, switch2;

void doSomething(void);
void doSomethingElse(void);

void func() {
    if(switch1) 
        if(switch2)
            doSomething();
    else //Noncompliant
        doSomethingElse();
}

In this example, the else is indented as if it is associated with the first if. However, the else is actually associated with the second if. The indentation does not match the actual association and might lead to incorrect assumptions about the program logic.

Correction – Use Braces Appropriately

If you want the else to be associated with the first if, use braces to mark the boundaries of the first if block.

int switch1, switch2;

void doSomething(void);
void doSomethingElse(void);

void func() {
    if(switch1) { 
        if(switch2)
            doSomething();
    }
    else
        doSomethingElse();
}
Issue

This issue occurs when a semicolon on the same line as the last token of an if, for or while statement results in an empty body.

The checker makes an exception for the case where the if statement is immediately followed by an else statement:

if(condition);
else {
  ...
}

Risk

The semicolon following the if, for or while statement often indicates a programming error. The spurious semicolon changes the execution flow and leads to unintended results.

Fix

If you want an empty body for the if, for or while statement, wrap the semicolon in a block and place the block on a new line to explicitly indicate your intent:

if(condition)
   {;}
Otherwise, remove the spurious semicolon.

Example — Spurious Semicolon
int credentialsOK(void);

void login () {
    int loggedIn = 0;
    if(credentialsOK()); //Noncompliant
      loggedIn = 1; //Noncompliant
}

In this example, the spurious semicolon results in an empty if body. The assignment loggedIn=1 is always performed. However, the assignment was probably to be performed only under a condition.

Correction – Remove Spurious Semicolon

If the semicolon was unintended, remove the semicolon.

int credentialsOK(void);

void login () {
    int loggedIn = 0;
    if(credentialsOK())
      loggedIn = 1;
}

Check Information

Category: Behavioral Problems

Version History

Introduced in R2023a

See Also

Topics

External Websites