SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 19

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 20

changes.mady.by.user Shaun Hedrick

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
The macro expansion mustshould always be parenthesized within a function-like macro to protect any lower-precedence operators from the surrounding expression.  See also \[[PRE00-A. Prefer inline functions to macros]\] and \[[PRE01-A. Use parentheses within macros around variable names]\].

Non-Compliant Code Example

This CUBE() macro definition is non-compliant because it fails to parenthesize the macro expansion.

...

which is not the desired behavior.

Compliant Solution

By parenthesizing the macro expansion, the CUBE() macro expands correctly (when invoked in this manner).

Code Block
bgColor#ccccff
#define CUBE(X) ((X) * (X) * (X))
int i = 3;
int a = 81 / CUBE(i);

Risk Assessment

Failing to parenthesize around a function-like macro can result in unexpected arithmetic results.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Summit 05|AA. C References#Summit 05]\] Question 10.1
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.10, "Preprocessing directives," and Section 5.1.1, "Translation environment"