...
| Code Block | ||
|---|---|---|
| ||
int privileges;
if (invalid_login())
if (allow_guests())
privileges = GUEST;
else
privileges = ADMINISTRATOR;
|
This is a vulnerability because As a result, this defect allows unauthorized users can to obtain administrator privileges.
...
[GNU 2010] | |
Rule 76: Use block statements instead of expression statements in control flow constructs |
EXP51-JG. Do not perform assignments in conditional statements 02. Expressions (EXP) EXP53-JG. Use parentheses for precedence of operation