界: Code Quality
代码质量不佳会导致不可预测的行为。对于用户来说,通常表现为可用性差。对于攻击者来说,提供了以意外方式对系统施加压力的机会。
Poor Style: Variable Never Used
Abstract
从未使用过该变量。
Explanation
从未使用过该变量。有可能该变量只是一个残留的无用代码,但也可能该未使用的变量会指出一个 bug。
示例 1:在以下代码中,复制粘贴错误导致同一个循环迭代器 (
示例 1:在以下代码中,复制粘贴错误导致同一个循环迭代器 (
i) 使用了两次,而变量 j 却从未使用。
int i,j;
for (i=0; i < outer; i++) {
for (i=0; i < inner; i++) {
...
References
[1] Standards Mapping - Common Weakness Enumeration CWE ID 563
[2] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C Guidelines 2023 Rule 2.8
[3] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C++ Guidelines 2008 Rule 0-1-3
[4] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C++ Guidelines 2023 Rule 0.1.2, Rule 0.2.1, Rule 0.2.2, Rule 0.2.3, Rule 0.2.4
[5] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[6] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[7] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[10] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[11] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
[12] Standards Mapping - Smart Contract Weakness Classification SWC-131
desc.structural.cpp.poor_style_variable_never_used