CERT.DCL.SWITCH.VAR_BEFORE_CASE
Do not declare variables inside a switch statement before the first case label.
Vulnerability and risk
Using test conditions or initializing variables before the first case statement in a switch block can result in unexpected behavior and undefined behavior.
Vulnerable code example
extern void f(int i); void func(int expr) { switch (expr) { int i = 4; f(i); case 0: i = 17; /* Falls through into default code */ default: printf("%d\n", i); } }
This noncompliant code example declares variables and contains executable statements before the first case label within the switch statement.