Мы используем куки, чтобы пользоваться сайтом было удобно.
Хорошо
to the top

Вебинар: Использование статических анализаторов кода при разработке безопасного ПО - 19.12

>
>
>
Примеры ошибок, обнаруженных с помощью …

Примеры ошибок, обнаруженных с помощью диагностики V564

V564. The '&' or '|' operator is applied to bool type value. Check for missing parentheses or use the '&&' or '||' operator.


DOSBox

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. dosbox sdlmain.cpp 519


static SDL_Surface * GFX_SetupSurfaceScaled(Bit32u sdl_flags,
                                            Bit32u bpp) {
  ....
  if (!sdl.blit.surface ||
     (!sdl.blit.surface->flags & SDL_HWSURFACE)) {
  ....
}

This is what should have been written here: !(sdl.blit.surface->flags & SDL_HWSURFACE)


FCEUX

V564 The '|' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '||' operator. fceux memwatch.cpp 711


static BOOL CALLBACK MemWatchCallB(
  HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
  ....
  EnableMenuItem(memwmenu,MEMW_FILE_SAVE,
    MF_BYCOMMAND | fileChanged ? MF_ENABLED:MF_GRAYED);
  ....
}

This is what it turns out to be: (MF_BYCOMMAND | fileChanged) ? MF_ENABLED:MF_GRAYED, while it should actually be: MF_BYCOMMAND | (fileChanged ? MF_ENABLED:MF_GRAYED). The code works due to sheer luck, as #define MF_BYCOMMAND 0x00000000L.


Wolfenstein 3D

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. game g_client.c 1534


#define SVF_CASTAI              0x00000010

char *ClientConnect( int clientNum, qboolean firstTime,
                     qboolean isBot ) {
  ....
  if ( !ent->r.svFlags & SVF_CASTAI ) {
  ....
}

This is what should have been written here: if ( ! (ent->r.svFlags & SVF_CASTAI) ) {

Similar errors can be found in some other places:

  • V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. game g_client.c 1616

Chromium

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. base platform_file_win.cc 216


#define FILE_ATTRIBUTE_DIRECTORY 0x00000010

bool GetPlatformFileInfo(PlatformFile file,
                         PlatformFileInfo* info) {
  ....
  info->is_directory =
    file_info.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY != 0;
  ....
}

Network Security Services (NSS)

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. nss secasn1u.c 121


PRBool SEC_ASN1IsTemplateSimple(
  const SEC_ASN1Template *theTemplate)
{
  ....
  if (!theTemplate->kind & SEC_ASN1_CHOICE) {
    return PR_FALSE; /* no choice means not simple */
  }
  ....
}

This is what should have been written here: if (!(theTemplate->kind & SEC_ASN1_CHOICE)) {


MySQL

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. innobase ha_innodb.cc 6789


int ha_innobase::create(....)
{
  ....
  if (srv_file_per_table
      && !mysqld_embedded
      && (!create_info->options & HA_LEX_CREATE_TMP_TABLE)) {
  ....
}

This is what should have been written here: (!(create_info->options & HA_LEX_CREATE_TMP_TABLE))


Chromium

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. nss secasn1u.c 121


#define SEC_ASN1_CHOICE        0x100000

typedef struct sec_ASN1Template_struct {
  unsigned long kind;
  ....
} SEC_ASN1Template;

PRBool SEC_ASN1IsTemplateSimple(
  const SEC_ASN1Template *theTemplate)
{
  ....
  if (!theTemplate->kind & SEC_ASN1_CHOICE) {
  ....
}

This is what should have been written here: if (!(theTemplate->kind & SEC_ASN1_CHOICE)) {


Doom 3

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. Game target.cpp 257


#define BIT( num ) ( 1 << ( num ) )
const int BUTTON_ATTACK = BIT(0);

void idTarget_WaitForButton::Think( void ) {
  ....
  if ( player &&
      ( !player->oldButtons & BUTTON_ATTACK ) &&
      ( player->usercmd.buttons & BUTTON_ATTACK ) ) {
  ....
}

A trouble with parentheses: ( !(player->oldButtons & BUTTON_ATTACK) ) &&


Battle for Wesnoth

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. wesnoth dialogs.cpp 902


enum { REMOVE_EMPTY = 0x01,
       STRIP_SPACES  = 0x02
};

void unit_preview_pane::draw_contents()
{
  ....
  // we don't remove empty lines, so all fields stay
  // at the same place
  const std::vector<std::string> lines =
    utils::split(text.str(), '\n',
      utils::STRIP_SPACES & !utils::REMOVE_EMPTY);
  ....
}

Blender

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. bf_intern_elbeem solver_main.cpp 567


#define  DEFAULT_STREAM  \
  m[dC] = RAC(ccel,dC); \
  \
  if((!nbored & CFBnd)) { \
  \
  ....

A parenthesis is put in a wrong place: if(!(nbored & CFBnd)) { \


Chromium

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. label_button.cc 131


enum FontStyle {
  NORMAL = 0,
  BOLD = 1,
  ITALIC = 2,
  UNDERLINE = 4,
};

void LabelButton::SetIsDefault(bool is_default) {
  ....
  style = is_default ? style | gfx::Font::BOLD :
                       style & !gfx::Font::BOLD;
  ....
}

This is what should have been written here: style = is_default ? style | gfx::Font::BOLD : style & ~gfx::Font::BOLD;


FFmpeg

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. dcadec.c 1373


static int dca_subsubframe(DCAContext *s,
  int base_channel, int block_index)
{
  ....
  if (!s->debug_flag & 0x01) {
    av_log(s->avctx, AV_LOG_DEBUG,
      "Stream with high frequencies VQ coding\n");
    s->debug_flag |= 0x01;
  }
  ....
}

FFmpeg

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. vc1dec.c 3675


static int vc1_decode_p_mb(VC1Context *v)
{
  ....
  int is_intra[6], is_coded[6];
  ....
  if (!coded_inter)
    coded_inter = !is_intra[i] & is_coded[i];
  ....
}

Unreal Engine 4

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. particlemodules_location.cpp 2120


bool VertInfluencedByActiveBone(
       FParticleEmitterInstance* Owner,
       USkeletalMeshComponent* InSkelMeshComponent,
       int32 InVertexIndex,
       int32* OutBoneIndex = NULL);

void UParticleModuleLocationSkelVertSurface::Spawn(....)
{
  ....
  int32 BoneIndex1, BoneIndex2, BoneIndex3;
  BoneIndex1 = BoneIndex2 = BoneIndex3 = INDEX_NONE;

  if(!VertInfluencedByActiveBone(
        Owner, SourceComponent, VertIndex[0], &BoneIndex1) &&
     !VertInfluencedByActiveBone(
        Owner, SourceComponent, VertIndex[1], &BoneIndex2) &&
     !VertInfluencedByActiveBone(
        Owner, SourceComponent, VertIndex[2]) &BoneIndex3)
  {
  ....
}

Beautiful Bug! This is what should have been written here: !VertInfluencedByActiveBone(Owner, SourceComponent, VertIndex[2], &BoneIndex3))


OpenMW

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. openmw spellcasting.cpp 717


enum Flags
{
  ....
  NoDuration = 0x4,
  ....
}

bool CastSpell::cast (const ESM::Ingredient* ingredient)
{
  ....
  if (!magicEffect->mData.mFlags & ESM::MagicEffect::NoDuration)
  ....
}

K Desktop Environment

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. usedecoratorvisitor.cpp 40


DataAccess::DataAccessFlags typeToDataAccessFlags(....)
{
  DataAccess::DataAccessFlags ret = DataAccess::Read;
  TypePtr< ReferenceType > reftype=type.cast<ReferenceType>();
  if(reftype && reftype->baseType() &&
     !reftype->baseType()->modifiers() &    // <=
     AbstractType::ConstModifier)
    ret |= DataAccess::Write;

  return ret;
}

Oracle VM Virtual Box

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. glsl_shader.c 4102


static void generate_texcoord_assignment(....)
{
  DWORD map;
  unsigned int i;
  char reg_mask[6];

  if (!ps)
    return;

  for (i = 0, map = ps->baseShader.reg_maps.texcoord;
              map && i < min(8, MAX_REG_TEXCRD);
              map >>= 1, ++i)
  {
    if (!map & 1) // <=
      continue;
    ....
  }
}

Amazon Lumberyard

V564 CWE-480 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. toglslinstruction.c 2914


void SetDataTypes(....)
{
 ....
 // Check assumption that both the values which MOVC might pick
 // have the same basic data type.
 if(!psContext->flags & HLSLCC_FLAG_AVOID_TEMP_REGISTER_ALIASING)
 {
   ASSERT(GetOperandDataType(psContext, &psInst->asOperands[2])
     == GetOperandDataType(psContext, &psInst->asOperands[3]));
 }
 ....
}
if(!(psContext->flags & ....))

Similar errors can be found in some other places:

  • V564 CWE-480 The '|' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '||' operator. d3dhwshader.cpp 1832
  • V564 CWE-480 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. trackviewdialog.cpp 2112
  • V564 CWE-480 The '|' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '||' operator. imagecompiler.cpp 1039

Perl 5

V564 The '|' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '||' operator. op.c 11494


OP *
Perl_ck_rvconst(pTHX_ OP *o)
{
  ....
  gv = gv_fetchsv(kidsv,
    o->op_type == OP_RV2CV
      && o->op_private & OPpMAY_RETURN_CONSTANT
        ? GV_NOEXPAND
        : iscv | !(kid->op_private & OPpCONST_ENTERED), iscv // <=
        ? SVt_PVCV
        : o->op_type == OP_RV2SV
      ? SVt_PV
      : o->op_type == OP_RV2AV
          ? SVt_PVAV
          : o->op_type == OP_RV2HV
        ? SVt_PVHV
        : SVt_PVGV);
  ....
}

Haiku Operation System

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. strtod.c 545


static int
lo0bits(ULong *y)
{
  int k;
  ULong x = *y;
  ....
  if (!(x & 1)) {
    k++;
    x >>= 1;
    if (!x & 1)   // <=
      return 32;
  }
  *y = x;
  return k;
}

ReactOS

V564 The '&' operator is applied to bool type value. You've probably forgotten to include parentheses or intended to use the '&&' operator. loaddlg.cpp 376


#define SECURITY_FLAG_SECURE                 0x00000001

static BOOL
CertGetSubjectAndIssuer(HINTERNET hFile,
                        CLocalPtr<char> &subjectInfo,
                        CLocalPtr<char> &issuerInfo)
{
  ....
  DWORD size, flags;

  size = sizeof(flags);
  if (!InternetQueryOptionA(hFile,
                            INTERNET_OPTION_SECURITY_FLAGS,
                            &flags,
                            &size))
  {
    return FALSE;
  }

  if (!flags & SECURITY_FLAG_SECURE)  // <=
  {
    return FALSE;
  }
  ....
}

close form

Заполните форму в два простых шага ниже:

Ваши контактные данные:

Шаг 1
Поздравляем! У вас есть промокод!

Тип желаемой лицензии:

Шаг 2
Team license
Enterprise license
** Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности
close form
Запросите информацию о ценах
Новая лицензия
Продление лицензии
--Выберите валюту--
USD
EUR
RUB
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Бесплатная лицензия PVS‑Studio для специалистов Microsoft MVP
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Для получения лицензии для вашего открытого
проекта заполните, пожалуйста, эту форму
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
Мне интересно попробовать плагин на:
* Нажимая на кнопку, вы даете согласие на обработку
своих персональных данных. См. Политику конфиденциальности

close form
check circle
Ваше сообщение отправлено.

Мы ответим вам на


Если вы так и не получили ответ, пожалуйста, проверьте, отфильтровано ли письмо в одну из следующих стандартных папок:

  • Промоакции
  • Оповещения
  • Спам