CERT.DCL.SWITCH.VAR_BEFORE

Do not declare variables inside a switch statement before the first case label.

Vulnerability and risk

Using test conditions or initializing variables before the first case statement in a switch block can result in unexpected behavior and undefined behavior.

Vulnerable code example

extern void f(int i);

void func(int expr) {
    switch (expr) {
        int i = 4;
        f(i);
    case 0:
        i = 17;
        /* Falls through into default code */
    default:
        printf("%d\n", i);
    }
}

This noncompliant code example declares variables and contains executable statements before the first case label within the switch statement.

External guidance

CERT DCL41-C: Do not declare variables inside a switch statement before the first case label

CERT.DCL.SWITCH.VAR_BEFORE_CASE

Vulnerability and risk

Vulnerable code example

External guidance