CERT C: Rec. DCL04-C

Do not declare more than one variable per declaration

Since R2026a

expand all in page

Description

Do not declare more than one variable per declaration¹

Polyspace Implementation

The rule checker checks for Multiple variables declared in one declaration.

Examples

expand all

Multiple variables declared in one declaration

Issue

This issue occurs when multiple variables are declared and initialized in the same declaration statement. As exceptions, this issue does not occur when:

Multiple loop control variables are declared and initialized in the same for statement.
Multiple simple variables are declared in the same statement if none of the variables are initialized. Polyspace^® considers variables that are not arrays or pointers to be simple variables.

Risk

Declaring and initializing multiple variable in the same declaration statement can obfuscate the type and initial value of a variable. Such declarations provide no benefit while making the code harder to understand and maintain.

Fix

To fix this issue, declare and initialize each variable in their own declaration statement.

Example

In this example, Polyspace reports violations when multiple variables are declared and initialized in the same declaration statement.

#define ITER 30
void foo() {

	char* src = 0, dest = 0; //Noncompliant
	int var1, var2 = 0;      //Noncompliant

	for(int idx = 0, idy = 1; idx < ITER; ++idx, idy += 2){  //Compliant by exception
        //...
    }
}

void bar(){
    int i,j,k; //compliant by exception
    //...
}

Declaring multiple variables in the same statement can obfuscate their types and initial values. For example, in the function foo(), the type of src is char* but the type for dest is char. The initial value of var2 is 0 while var1 remains uninitialized.

As an exception, Polyspace does not report violations when idx and idy are declared in the same for statement. In bar(), the declaration of three uninitialized int variables is also compliant by exception.

Correction

To fix this issue, declare each variable in its own declaration statement.

#define ITER 30
void foo() {

	char *src;
	char *dest = 0; //Compliant
	int   var1;
	int   var2 = 0;  //Compliant

	for(int idx = 0, idy = 1; idx < ITER; ++idx, idy += 2) { //Compliant by exception
		//...
	}
}

void bar() {
	int i, j, k; //compliant by exception
	//...
}

Check Information

Group: Rec. 02. Declarations and Initialization (DCL)

PQL Name: std.cert.DCL04_C

Version History

Introduced in R2026a

¹ This software has been created by MathWorks incorporating portions of: the “SEI CERT-C Website,” © 2017 Carnegie Mellon University, the SEI CERT-C++ Web site © 2017 Carnegie Mellon University, ”SEI CERT C Coding Standard – Rules for Developing safe, Reliable and Secure systems – 2016 Edition,” © 2016 Carnegie Mellon University, and “SEI CERT C++ Coding Standard – Rules for Developing safe, Reliable and Secure systems in C++ – 2016 Edition” © 2016 Carnegie Mellon University, with special permission from its Software Engineering Institute.

ANY MATERIAL OF CARNEGIE MELLON UNIVERSITY AND/OR ITS SOFTWARE ENGINEERING INSTITUTE CONTAINED HEREIN IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.

This software and associated documentation has not been reviewed nor is it endorsed by Carnegie Mellon University or its Software Engineering Institute.