Search code examples
c++integer-overflowcoverity-prevent

Overflowed return value warning in Coverity


I am getting a coverity static checker tool warning for a piece of code below.

   double value = 0;
   std::string origValue("0.50");
   value = 0.10 * boost::lexical_cast<double>(origValue);

The warning is "Overflowed return value(INTEGER_OVERFLOW)". I am not able to understand what's wrong with the code above. And how integer overflow come in to play when I am using doubles? Thanks.


Solution

  • This particular Coverity static analysis checker is looking for two things: the operation which may overflow on particular values (examples of which it will try to give in the explanation) and an unsafe use of the potentially truncated value.

    The UI shows you "events" which explain why something was flagged. The manual describes what each event means. The two events you're looking for in your case are "truncation" or "overflow" for first event, and "overflow sink" for second event.

    The code snippet shows that a string converted to a double is multiplied by a constant and then assigned to another double. Maybe there is no problem there, however, "Overflowed return value" title of the defect tells us that you have a second event where you return this value from this function. If you are returning "value" from this function and the return type is not double (is it maybe a 32-bit type) then you have a potential bug in your code (clearly not with specific values you are showing, but if string can be a much larger value). If the function is returning double then it is a false positive in the analysis and you can mark it as such in the UI so that the defect won't be shown to you again.

    Without seeing more of the code, it's difficult to say if there is a real issue or not, but remember that static analysis can't know what runtime values are (is the string really constant or is it read in dynamically?) but this is why it gives you detailed events, and not just a one line summary - so you can evaluate the likelihood of a real problem arising in this code.

    Having said all that, the checker is not supposed to track floats so there is definitely a bug in Coverity here. Since I happen to work for them, I've filed this as an issue, but feel free to report it to Coverity support as well.