An unsafe function-like macro is one that, when expanded, evaluates its argument more than once or does not evaluate it at all. Contrasted with function calls, which always evaluate each of their arguments exactly once, unsafe function-like macros often have unexpected and surprising effects and lead to subtle, hard-to-find defects. (See PRE31-C. Avoid Do not perform side effects in arguments to unsafe macros.) Consequently, every function-like macro should evaluate each of its arguments exactly once. Alternatively and preferably, defining function-like macros should be avoided in favor of inline functions. (See PRE00-C. Prefer inline or static functions to function-like macros.)
...
The most severe problem with unsafe function-like macros is side effects of macro arguments, as shown in this noncompliant code example:
...
The invocation of the ABS() macro in this noncompliant code example expands to the following code. The resulting code has well-defined behavior but causes n to be incremented twice rather than once, which may be surprising to those unfamiliar with the implementation of the macro or unaware that they are using a macro in the first place.
...
Defining an unsafe macro leads to invocations of the macro with an argument that has side effects, causing those side effects to occur more than once. Unexpected or undefined program behavior can result.
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...