SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 10

changes.mady.by.user Unknown User (josephlu)

Saved on

compared with

New Version 11

changes.mady.by.user Unknown User (josephlu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ffcccc
int loginprivileges;

if (valid_login())
  if (!is_administrator())
    loginprivileges = USERNORMAL;
  else
    loginprivileges = ADMINISTRATOR;

It works as expected by setting the login privileges variable accordingly, depending if the login was valid on whether the logged in user is an administrator or not.

However, when the programmer adds another statement to the body of the first if statement, the code functions differently.

Code Block
bgColor#ffcccc
int loginprivileges;

if (valid_login())
  printf("Login Successful\n");  /* debugging line added here */
  if (!is_administrator())
    loginprivileges = USER;
  else
    loginprivileges = ADMINISTRATOR;

Because of the additional statement in the body of the first if statement, the user gains administrator rights automatically, without having to even provide valid login credentials.

...

Code Block
bgColor#CCCCFF
int loginprivileges;

if (valid_login()) {
  printf("Login Successful\n");  /* debugging line added here */
  if (!is_administrator()) {
    loginprivileges = USER;
  } else {
    loginprivileges = ADMINISTRATOR;
  }
}

Noncompliant Code Example

...