...
When multiple statements are used in a macro, they should be bound together in a loop syntactically, so the macro can appear safely inside if-clauses, or other places that expect a single statement or a statement block.
Noncompliant Code Example
| Code Block | ||
|---|---|---|
| ||
/* * Swaps two values. * Requires tmp variable to be defined. */ #define SWAP(x, y) \ tmp = x; \ x = y; \ y = tmp |
...
which is certainly not what the author intended.
Compliant Solution
Wrapping the macro inside a do-while loop mitigates the problem.
...
The do-while loop will always be executed exactly once.
Risk Assessment
Improperly sealed statement macros will cause behavior that is unexpected and difficult to diagnose.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
PRE10-C | medium | probable | low | P12 | L1 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "NMP Pre-processor Directions" |
...