...
| Code Block | ||
|---|---|---|
| ||
if (a = b) {
/* ... */
}
|
While this may be intended, it is almost always a case of the programmer mistakenly using the assignment operator = instead of the equals operator ==. Consequently, many compilers will warn about this condition. Consequently, this coding error would typically be eliminated by adherence to MSC00-C. Compile cleanly at high warning levels.
...
Compass/ROSE could detect violations of this recommendation by identifying any assignment expression as the top-level expression in an if or while statement.
Klocwork Version 8.0.4.16 can detect violations of this rule with the ASSIGCOND.BOOL, ASSIGCOND.CALL, ASSIGCOND.GEN, and EFFECT checkers. See Klocwork Cross Reference
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
This rule appears in the C++ Secure Coding Standard as cplusplus:EXP18-CPP. Do not perform assignments in conditional expressions.
...