...
Because of the additional statement in the body of the first if statement, the user can easily gain administrator privileges, without having to even provide valid login credentials.
Compliant Solution
Adding braces ensures that privileges are correctly assigned.
| Code Block | ||
|---|---|---|
| ||
int privileges;
if (valid_login()) {
printf("Login Successful\n"); /* debugging line added here */
if (is_normal()) {
privileges = NORMAL;
} else {
privileges = ADMINISTRATOR;
}
}
|
...
Note that the following macro violates PRE10-C. Wrap multi-statement macros in a do-while loop).
| Code Block | ||
|---|---|---|
| ||
#define DEC(x,y) \
printf("Initial value was %d\n", x); \
x -= y; \
printf("Current value is %d\n", x)
|
...