2

Hi I just ran a static code analysis on my code and I keep getting the error

"Integer Operation Without Overflow Check"

Can someone help me resolve this or tell me what it means exactly. I have already tried to using the check keywords to fix this but it still came up when I ran the code.

List<String> emailList = new List<string>();

if (tbRecipients.Text.Contains(','))
{
    string[] splits = tbRecipients.Text.Split(',');

    for (int i = 0; i < splits.Length; i++)
    {
        if (splits[i].Contains(';'))
        {
            emailList.AddRange(splits[i].Split(';').ToList());
        }
        else
        {
            emailList.Add(splits[i]);
        }
    }
}

ASPX

<asp:TextBox ID="tbRecipients"  runat="server"  ></asp:TextBox>  
Luiso
  • 4,173
  • 2
  • 37
  • 60

2 Answers2

3

The message you get says that you could get an "overflow" on an int, that's because ints in C# are 32 bit so that you can only store in it numbers lower than 2^31. So VCG tell you that while doing several i++ you could end up with an i = 2^31 which would overflow your int and yield unexpected code behavior.

This could only happen in your code in the case that splitted.Length == int.MaxValue since splitted is an array and the Length property is int, so when you get i == int.MaxLength the loop will evaluate i == splitted.Length and will go to i++ which would overflow.

However your loop says i < splitted.Length so that i == splitted.Length won't happen.

Bottom line: I think VCG has spotted a suspicious line, but there is nothing to worry about.
Hope this helps, happy coding.

Luiso
  • 4,173
  • 2
  • 37
  • 60
2

I have already tried to using the check keywords to fix this

The first step would be to understand the message. Making random code changes it not a good way to deal with possible bugs that are reported to you.

Here, there is no possible integer overflow. Hard to say more without details about the tool.

usr
  • 168,620
  • 35
  • 240
  • 369