...
| Code Block | ||
|---|---|---|
| ||
if ( a < b && b < c ) // clearer, and probably what was intended // ... if ( a == b && a == c ) // ditto |
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP09-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
Automated Detection
The gcc option -Wparentheses warns if a comparison like `x<=y<=z' appears. This warning is also enabled by -Wall.
...
This rule appears in the C++ Secure Coding Standard as EXP17-CPP. Treat relational and equality operators as if they were nonassociative.
Risk Assessment
Incorrect use of relational and equality operators can lead to incorrect control flow.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP09-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
...
03. Expressions (EXP) EXP30-C. Do not depend on order of evaluation between sequence points