SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 5

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 6

changes.mady.by.user David Keaton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Use parenthesis parentheses around any macro definition replacement list that contains operators.

Non-Compliant Coding Example

In this non-compliant coding example, EOF is defined as -1. This The macro definition replacement list consists of a unary negation operator '-' followed by an integer literal '1'.

...

Once this modification is made, the non-compliant code example no longer compiles as the macro expansion results in the conditional expression c (-1), which is no longer syntactically valid.

Compliant Solution

The following compliant solution uses parenthesis parentheses around the macro definition replacement list and adds the (previously omitted) comparison operator.

Code Block
bgColor#ccccff
#define EOF (-1)
/* ... */
if (c != EOF) {
   /* ... */
}

Risk Assessment

Failure to use parenthesis parentheses around macro definitions replacement lists that contain operators can result in unintended program behavior.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Plum 85|AA. C References#Plum 85]\] Rule 1-1
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.10, "Preprocessing directives," and Section 5.1.1, "Translation environment"