Page History

...

While the intent of the code may indeed be to assign b to a and test the value of the result for equality to zero, it is very frequently a case of the programmer mistakenly using the assignment operator = instead of the equals operator ==. Consequently, many compilers will warn about this condition making this coding error detectable by adhering to guideline MSC00-C. Compile cleanly at high warning levels.

...

It is less desirable in general, depending on what was intended , because it mixes the assignment in the condition, but it is clear that the programmer intended the assignment to occur.

...

Automated Detection

The LDRA tool suite Version 7.6.0 can detect violations of this recommendation???

...

Tool	Version	Checker	Description
Section LDRA tool suite	Include Page c:LDRA_V c:LDRA_V
Section GCC	Include Page c:GCC_V c:GCC_V		Section can detect violations of this recommendation when the -Wall flag is used

...

.
Section Compass/ROSE			Section could detect violations of this recommendation by identifying any assignment expression as the top-level expression in an if or while statement.

...

Section Klocwork

Include Page c:Klocwork_V c:Klocwork_V

Section ASSIGCOND.GEN

...

ASSIGCOND.CALL

...

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

Related Guidelines

This rule appears in the C++ Secure Coding Standard as : EXP19-CPP. Do not perform assignments in conditional expressions.

Bibliography

\[[Hatton 951995|AA. Bibliography#Hatton 95]\] Section 2.7.2, "Errors of omission and addition"
\[[ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] "KOA Likely Incorrect Expressions"
\[[MITRE 072007|AA. Bibliography#MITRE 07]\] [CWE ID 480|http://cwe.mitre.org/data/definitions/480.html], "Use of Incorrect Operator"

...