SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 71

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 72

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider $version (sch jbop) (X_X)@==(Q_Q)@

Parenthesize all parameter names in macro definitions. See also PRE00-C and PRE02-AC. Macro replacement lists should be parenthesized.

Non-Compliant Code Example

This CUBE() macro definition is non-compliant noncompliant because it fails to parenthesize the parameter names.

...

which is clearly not the desired result.

Compliant Solution

Parenthesizing all parameter names in the CUBE() macro allows it to expand correctly (when invoked in this manner).

Code Block
bgColor#ccccff
#define CUBE(I) ( (I) * (I) * (I) )
int a = 81 / CUBE(2 + 1);

Exceptions

PRE01-EX1: When the parameter names are surrounded by commas in the replacement text, regardless of how complicated the actual arguments are, there is no need for parenthesizing the macro parameters. Because commas have lower precedence than any other operator, there is no chance of the actual arguments being parsed in a surprising way. Comma separators, which separate arguments in a function call, also have lower precedence than other operators, although they are technically different than comma operators.

...

Code Block
#define JOIN(a, b) (a ## b)
#define SHOW(a) printf(#a " = %d\n", a)

See PRE05-AC. Understand macro replacement when concatenating tokens or performing stringification for more information on using the ## operator to concatenate tokens.

Risk Assessment

Failing to parenthesize the parameter names in a macro can result in unintended program behavior.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

PRE01-A C

medium

probable

low

P12

L1

Automated Detection

The LDRA tool suite V 7.6.0 is able to can detect violations of this recommendation.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.10, "Preprocessing directives," and Section 5.1.1, "Translation environment"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "JCW Operator precedence/Order of Evaluation"
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 19.1
\[[Plum 85|AA. C References#Plum 85]\]
\[[Summit 05|AA. C References#Summit 05]\] Question 10.1

...

PRE00-C      Edit       PRE02-A. Macro replacement lists should be parenthesized Image Added