SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 80

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 81

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
According to C99, Section 6.5 \[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] (see also [undefined behavior 32 | CC. Undefined Behavior#ub_32] of Annex J):

Between the previous and next sequence point an object can only have its stored value modified once by the evaluation of an expression. Additionally, the prior value can be read only to determine the value to be stored.

(See also undefined behavior 32 of Annex J.)

This requirement must be met for each allowable ordering of the subexpressions of a full expression; otherwise, the behavior is undefined.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP30-C

medium

probable

medium

P8

L2

Automated Detection

Splint Version 3.1.1 can detect violations of this rule.

...

Tool

Version

Checker

Description

Section

Splint

Include Page
c:Splint_V
c:Splint_V

 

 

Section

GCC

Include Page
c:GCC_V
c:GCC_V

 

Section

can detect violations of this rule when the -Wsequence-point flag is used.

Section

Compass/ROSE

 

 

Section

can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. Also no variable is modified once, and read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator.

...

Section

Coverity Prevent

Include Page
c:Coverity_V
c:Coverity_V
Section

EVALUATION_ORDER

...

Section

can detect the specific instance where Statement contains multiple side-effects on the same value with an undefined evaluation order because with different compiler flags or different compilers or platforms, the statement may behave differently.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

Related Guidelines

This rule appears in the C++ Secure Coding Standard as : EXP30-CPP. Do not depend on order of evaluation between sequence points.

This rule appears in the Java Secure Coding Standard as : EXP09-J. Do not depend on operator precedence while using expressions containing side-effects.

Bibliography

Wiki Markup
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 5.1.2.3, "Program execution," Section 6.5, "Expressions," and Annex C, "Sequence points"
\[[ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] "JCW Operator precedence/Order of Evaluation" and "SAM Side-effects and order of evaluation"
\[[MISRA 042004|AA. Bibliography#MISRA 04]\] Rule 12.1
\[[Summit 052005|AA. Bibliography#Summit 05]\] Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11
\[[Saks 072007|AA. Bibliography#Saks 07]\]

...