Undefined Behavior¶

Rule ID¶

MI110

Definition¶

The software exhibits behavior that is undefined or unpredictable, often leading to a crash.

Example¶

See one of the applicable code examples from CWE.

void example() {
  char a;
  char b;
  *(&a + 1) = 0;
}

In this example function, the memory address of variable b is derived by adding 1 to the address of variable a. This derived address is then used to assign the value 0 to b. Here, b may not be one byte past a. It may be one byte in front of a. Or, they may have three bytes between them because they are aligned on 32-bit boundaries.

References¶

Common Weakness Enumeration: CWE-188
Common Weakness Enumeration: CWE-190
Common Weakness Enumeration: CWE-197
Common Weakness Enumeration: CWE-233
Common Weakness Enumeration: CWE-369
Common Weakness Enumeration: CWE-758