SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 64

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 65

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In the following code, the value of i is incremented only when i >= 0.:

Code Block
enum { max = 15 };
int i = /* initialize to user supplied value */;

if ( (i >= 0) && ( (i++) <= max) ) {
  /* code */
}

...

In this code example, the second operand of the logical OR operator invokes a function that results in side effects.:

Code Block
bgColor#ffcccc
langc
char *p = /* initialize, may or may not be NULL */

if (p || (p = (char *) malloc(BUF_SIZE)) ) {
  /* do stuff with p */
  free(p);
  p = NULL;
}
else {
  /* handle malloc() error */
  return;
}

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

Could detect possible violations of this recommendation by reporting expressions with side effects, including function calls, that appear on the right-hand-side of an && or || operator.

LDRA tool suite

Include Page
LDRA_V
LDRA_V

35 D
1 Q
133 S
406 S
408 S

Fully implemented.

PRQA QA-C
Include Page
PRQA_V
PRQA_V
3415Fully implemented.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding StandardEXP02-CPP. Be aware of the short-circuit behavior of the logical AND and OR operators
MITRE CWECWE-768, Incorrect short circuit evaluation

...