30 lines
932 B
Plaintext
30 lines
932 B
Plaintext
=== is related to: S5523
|
|
|
|
=== relates to: S1258
|
|
|
|
=== on 16 Oct 2014, 14:20:21 Ann Campbell wrote:
|
|
\[~samuel.mercier] please provide a text description.
|
|
|
|
=== on 16 Oct 2014, 14:21:34 Ann Campbell wrote:
|
|
\[~freddy.mallet] see RSPEC-1988, which cites 3 CWE and 2 CERT rules
|
|
|
|
=== on 14 Jun 2016, 09:15:52 Freddy Mallet wrote:
|
|
This rule seems to be also valuable in PHP, see \http://php.vrana.cz/variable-initialization-in-php.php and \https://code.google.com/archive/p/php-initialized/
|
|
|
|
=== on 14 Jun 2016, 09:23:01 Freddy Mallet wrote:
|
|
And I have the feeling that even in Java or C# for instance for which the default values of primitive types is known, this is a kind of reliability issue to rely on some paths on the those default values. (cc [~ann.campbell.2])
|
|
|
|
|
|
Example in Java :
|
|
|
|
----
|
|
public int compute(Strong something){
|
|
int returnValue;
|
|
if(something.equals("foo")) {
|
|
returnValue = 4;
|
|
}
|
|
return returnValue;
|
|
}
|
|
----
|
|
|