Hi, There are 5 different CWEs of the below type thrown by Klocwork as warnings in the below mentioned condition in findNext():-
https://code.woboq.org/qt5/include/qt/QtCore/qiterator.h.html#144 inline bool findNext(const T &t) \ { while (const_iterator(n = i) != c->constEnd()) if (*i++ == t) return true; return false; } \ https://code.woboq.org/qt5/qtbase/src/corelib/tools/qmap.h.html Q_DECLARE_MUTABLE_ASSOCIATIVE_ITERATOR(Map) https://code.woboq.org/qt5/qtbase/src/corelib/tools/qvector.h.html Q_DECLARE_MUTABLE_SEQUENTIAL_ITERATOR(Vector) https://code.woboq.org/qt5/qtbase/src/corelib/tools/qlinkedlist.h.html Q_DECLARE_MUTABLE_SEQUENTIAL_ITERATOR(LinkedList) https://code.woboq.org/qt5/qtbase/src/corelib/tools/qlist.h.html Q_DECLARE_MUTABLE_SEQUENTIAL_ITERATOR(List) https://code.woboq.org/qt5/qtbase/src/corelib/tools/qhash.h.html Q_DECLARE_MUTABLE_ASSOCIATIVE_ITERATOR(Hash) Details description of the CWE is mentioned below: Assignment in conditional expression The ASSIGCOND.GEN checker finds conditional statements that include an assignment expression. Vulnerability and risk This checker typically finds syntax errors, usually cases in which an assignment operator is used mistakenly instead of a comparison operator. If the error isn't corrected, unintended program behavior is likely to occur.External guidance External guidance CWE-480:Use of Incorrect Operator http://cwe.mitre.org/data/definitions/480.html CWE-481:Assigning instead of Comparing http://cwe.mitre.org/data/definitions/481.html EXP45-C. Do not perform assignments in selection statements https://www.securecoding.cert.org/confluence/x/nYFtAg Please let me know if the assignment expression in conditional statements in findNext() could be ignored? Thanks and Regards, Ramakanth
_______________________________________________ Interest mailing list [email protected] https://lists.qt-project.org/listinfo/interest
