Unsafe conversion from string to numerical value
String to number conversion without validation checks
Description
This defect occurs when you perform conversions from strings to integer or floating-point values and your conversion method does not include robust error handling.
Risk
Converting a string to numerical value can cause data loss or misinterpretation. Without validation of the conversion or error handling, your program continues with invalid values.
Fix
- Add additional checks to validate the numerical value. 
- Use a more robust string-to-numeric conversion function such as - strtol,- strtoll,- strtoul, or- strtoull.
Examples
Result Information
| Group: Programming | 
| Language: C | C++ | 
| Default: Off | 
| Command-Line Syntax: UNSAFE_STR_TO_NUMERIC | 
| Impact: Low | 
Version History
Introduced in R2016b
See Also
Topics
- Interpret Bug Finder Results in Polyspace Desktop User Interface
- Interpret Bug Finder Results in Polyspace Access Web Interface (Polyspace Access)
- Address Results in Polyspace User Interface Through Bug Fixes or Justifications
- Address Results in Polyspace Access Through Bug Fixes or Justifications (Polyspace Access)