hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 22:32:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Integeroverflow.qhelp: use paragraphs within sections

Browse Source
This commit is contained in:
Marco Gario
2020-04-15 12:05:54 +02:00
committed by Max Schaefer
parent d452fc04ad
commit 14e4e2d40f
1 changed files with 25 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
ql/src/experimental/IntegerOverflow/IntegerOverflow.qhelp
View File

@@ -1,23 +1,31 @@
<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
<qhelp>
<overview>
Arithmetic calculations involving integers should be checked to ensure that overflow or
underflow cannot occur, as this may cause incorrect results or program crashes.
</overview>
<recommendation>
<overview>
<p>
Arithmetic calculations involving integers should be checked to ensure that overflow or
underflow cannot occur, as this may cause incorrect results or program crashes.
</p>
</overview>
<recommendation>
<p>
Before performing an integer operation that may cause an overflow, check the operands to ensure
that the result of the operation will fit into the value range of the type. Alternatively, check
the result of the operation to see whether it overflowed.
</recommendation>
<example>
In the following example snippet, the addition <code>start + offset</code> may overflow if
either <code>start</code> or <code>offset</code> is very large, which will cause the indexing
operation to panic at runtime:
<sample src="IntegerOverflow.go" />
One way to prevent this is to check whether <code>start + offset</code> overflows:
<sample src="IntegerOverflowGood.go" />
</example>
<references>
<li>Wikipedia <a href="https://en.wikipedia.org/wiki/Integer_overflow">Integer overflow</a>.</li>
</references>
</p>
</recommendation>
<example>
<p>
In the following example snippet, the addition <code>start + offset</code> may overflow if
either <code>start</code> or <code>offset</code> is very large, which will cause the indexing
operation to panic at runtime:
</p>
<sample src="IntegerOverflow.go" />
<p>
One way to prevent this is to check whether <code>start + offset</code> overflows:
</p>
<sample src="IntegerOverflowGood.go" />
</example>
<references>
<li>Wikipedia <a href="https://en.wikipedia.org/wiki/Integer_overflow">Integer overflow</a>.</li>
</references>
</qhelp>