Page History

...

If expressions that appear to produce side effects are supplied to an operator that does not evaluate its operands, the results may be different than expected. Depending on how this result is used, it can lead to unintended program behavior.

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
EXP44-C	Low	Unlikely	Low	P3	L3

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

sizeof

Partially checked

Clang

Include Page

	Clang_V
	Clang_V

-Wunevaluated-expression

Can diagnose some instance of this rule, but not all (such as the _Alignof NCCE).

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.STRUCT.SE.SIZEOF

Side effects in sizeof

Compass/ROSE

Coverity

Include Page

	Coverity_V
	Coverity_V

MISRA C 2004 Rule 12.3

Partially implemented

ECLAIR

Include Page

	ECLAIR_V
	ECLAIR_V

CC2.EXP06

Fully implemented

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

MISRA.SIZEOF.SIDE_EFFECT

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

54 S, 653 S

Fully implemented

Parasoft C/C++test

Include Page

c:

	Parasoft_V

c:

	Parasoft_V

JSF-166{b,c}

Fully implemented

Polyspace Bug Finder

R2018a

Side effect of expression ignored

sizeof, _Alignof, or _Generic operates on expression with side effect

PRQA QA-C

Include Page

	PRQA QA-C_v
	PRQA QA-C_v

3307

Fully implemented

RuleChecker

Include Page

	RuleChecker_V
	RuleChecker_V

sizeof

Partially checked

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Key here (explains table format and definitions)

Taxonomy	Taxonomy item	Relationship
CERT C	EXP52-CPP. Do not rely on side effects in unevaluated operands	Prior to 2018-01-12: CERT: Unspecified Relationship

...

Space shortcuts

Page tree

Versions Compared

Old Version 111

New Version 112

Key

Automated Detection

Related Vulnerabilities