Unsigned integer constant overflow

Constant value falls outside range of unsigned integer data type

expand all in page

Description

This defect occurs when you assign a compile-time constant to a unsigned integer variable whose data type cannot accommodate the value. An n-bit unsigned integer holds values in the range [0, 2n-1].

For instance, c is an 8-bit unsigned char variable that cannot hold the value 256.

unsigned char c = 256;

To determine the sizes of fundamental types, Bug Finder uses your specification for Target processor type (-target).

Risk

The C standard states that overflowing unsigned integers must be wrapped around (see, for instance, the C11 standard, section 6.2.5). However, the wrap-around behavior can be unintended and cause unexpected results.

Fix

Check if the constant value is what you intended. If the value is correct, use a wider data type for the variable.

Examples

expand all

#define MAX_UNSIGNED_CHAR 255
#define MAX_UNSIGNED_SHORT 65535

void main() {
    unsigned char c1 = MAX_UNSIGNED_CHAR + 1;
    unsigned short c2 = MAX_UNSIGNED_SHORT + 1;
}

In this example, the defect appears on the macros because at least one use of the macro causes an overflow.

Correction — Use Wider Data Type

One possible correction is to use a wider data type for the variables that overflow.

#define MAX_UNSIGNED_CHAR 255
#define MAX_UNSIGNED_SHORT 65535

void main() {
    unsigned short c1 = MAX_UNSIGNED_CHAR + 1;
    unsigned int c2 = MAX_UNSIGNED_SHORT + 1;
}

Result Information

Group: Numerical
Language: C | C++
Default: Off
Command-Line Syntax: UINT_CONSTANT_OVFL
Impact: Low
CWE ID: 128, 189, 190, 191

See Also

| | | | | |

Topics

Introduced in R2018b

Polyspace Bug Finder Documentation

Support