CWARN.SIGNEDBIT

Signed bit field has only one bit

The CWARN.SIGNEDBIT checker finds instances of a signed bit field that has only one bit.

Vulnerability and risk

Signed bitfields require at least two bits, and the two possible values of the field are -1 and 0. Although it is safe to check a 1-bit signed bitfield for 0, using it as a Boolean flag, other arithmetic operations may yield unexpected results.

Vulnerable code example

Copy

1
2
3
4
5
6
7
8
9
10
11
12
  struct BITS {
    int n:1;
  };
  
  void foo() {
    struct BITS b;
    b.n = 1;
    if (b.n > 0)    
    {
     ...
   }
 }

Klocwork flags line 2, in which the 1-bit signed bitfield is defined.