CertC-DCL04

Do not declare more than one variable per declaration

Required inputs: IR

Every declaration should be for a single variable, on its own line, with an explanatory comment about the role of the variable. Declaring multiple variables in a single declaration can cause confusion regarding the types of the variables and their initial values. If more than one variable is declared in a declaration, care must be taken that the type and initialized value of the variable are handled correctly.

Noncompliant Code Example

In this noncompliant code example, a programmer or code reviewer might mistakenly believe that the two variables src and c are declared as char *. In fact, src has a type of char *, whereas c has a type of char.

char *src = 0, c = 0;

Compliant Solution

In this compliant solution, each variable is declared on a separate line:

char *src;    /* Source string */
char c;       /* Character being tested */

Although this change has no effect on compilation, the programmer's intent is clearer.

Noncompliant Code Example

In this noncompliant code example, a programmer or code reviewer might mistakenly believe that both i and j have been initialized to 1. In fact, only j has been initialized, and i remains uninitialized.

int i, j = 1;

Compliant Solution

In this compliant solution, it is readily apparent that both i and j have been initialized to 1:

int i = 1;
int j = 1;

Exceptions

DCL04-C-EX1: Multiple loop control variables can be declared in the same for statement, as shown in the following function:

#include <limits.h>  /* For CHAR_BIT */
#include <stddef.h>  /* For size_t   */
 
extern size_t popcount(uintmax_t);
#define PRECISION(umax_value) popcount(umax_value)

 size_t bitcount(size_t n) {
  const size_t limit = PRECISION(SIZE_MAX);
  size_t count = 0;
  for (size_t i = 0, j = 1; i < limit; ++i, j <<= 1) {
    if (n & j)
      ++count;
  }
  return count;
}

The  PRECISION() macro provides the correct precision for any integer type and is defined in INT35-C. Use correct integer precisions-see that rule for more information.

DCL04-C-EX2: Multiple, simple variable declarations can be declared on the same line given that there are no initializations. A simple variable declaration is one that is not a pointer or array.

int i, j, k;

Risk Assessment

Declaring no more than one variable per declaration can make code easier to read and eliminate confusion.

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
DCL04-C	Low	Unlikely	Low	P3	L3

Related Guidelines

SEI CERT C++ Coding Standard

VOID DCL04-CPP. Do not declare more than one variable per declaration

Excerpt from SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition) and SEI CERT C Coding Standard [https://cmu-sei.github.io/secure-coding-standards/sei-cert-c-coding-standard/recommendations/declarations-and-initialization-dcl/dcl04-c], Copyright (C) 1995-2026 Carnegie Mellon University. See section 9.4. "3rd-Party Licenses" in the documentation for full details.

Possible Messages

Key	Text	Severity	Disabled
multi_declaration	Multiple declarators in single declaration	None	False

Options

• This rule shares the following common options: exclude_in_macros, exclude_messages_in_system_headers, excludes, extend_exclude_to_macro_invocations, includes, justification_checker, languages, post_processing, provider, report_at, severity

• The following places define options that affect this rule: Stylechecks, Analysis-GlobalOptions

allow_in_for_loop_init

allow_in_for_loop_init : bool = True

Whether a multi-declaration is allowed in the for-init statement

 

allow_uninitialized_simple_type

allow_uninitialized_simple_type : bool = True

Whether a multi-declaration of simple type is allowed when there is no initialization