Uninitialized variable 'ModelValue' used. CovidSim.cpp 5412

mrc-ide / covid-sim

This is the COVID-19 CovidSim microsimulation model developed by the MRC Centre for Global Infectious Disease Analysis hosted at Imperial College, London.

GNU General Public License v3.0

1.23k stars 256 forks source link

Uninitialized variable 'ModelValue' used. CovidSim.cpp 5412 #464

Closed SecNotice closed 3 years ago

SecNotice commented 3 years ago

V614 [CWE-457] Uninitialized variable 'ModelValue' used. CovidSim.cpp 5412

double ModelValue;
for (int k = offset; k < day; k++)
{
  double prob_seroconvert = ....;
  ModelValue += c * TimeSeries[k - offset].incI * prob_seroconvert;
}

See https://translate.google.com/translate?sl=ru&tl=en&u=https://www.viva64.com/ru/b/0796/ for more information.

AndreyKarpov commented 3 years ago

The author's article in English: COVID-19 Research and Uninitialized Variable.

krook1024 commented 3 years ago

Do you think #465 would solve this issue?

weshinsley commented 3 years ago

Merged - thank you. It's in some new code we're not yet using, and it's a missed simple compiler warning actually - it doesn't really demonstrate the power of PVS, re the first post. When we eventually fix all the tiny "fscanf return value ignored" style warnings leftover, we may treat warnings as errors in the future to spot these sort of things earlier.

AndreyKarpov commented 3 years ago

I started to compose my response to this comment. But I got carried away and wrote a small post that I published in our blog :). You can find it here: Power of PVS-Studio.