...
| Operator | Context |
|---|---|
if | Controlling expression |
while | Controlling expression |
do ... while | Controlling expression |
for | Second operand |
?: | First operand |
?: | Second or third operands, where the ternary expression is used in any of these contexts |
&& | Either operand |
|| | either operand |
, | Second operand, when the comma expression is used in any of these contexts |
Performing assignment statements in other contexts do not violate this rule. However, they may violate other rules, such as EXP30-C. Do not depend on the order of evaluation for side effects.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
do { /* ... */ } while (foo(), x = y); |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
for (; x; foo(), x = y) { /* ... */ } |
Compliant Solution (Unintentional Assignment)
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
do { /* ... */ } while (foo(), (x = y) != 0);
|
Compliant Solution (for statement)
The same result can be obtained using the for statement, which is specifically designed to evaluate an expression on each iteration of the loop, just before performing the test in its controlling expression. Remember that its controlling expression is the second operand, where the assignment occurs in its third operand:
| Code Block | ||||
|---|---|---|---|---|
| ||||
for (; x; foo(), x = y) { /* ... */ } |
Noncompliant Code Example
...
Tool | Version | Checker | Description | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| assignment-conditional | Fully checked | |||||||||||||||||||
| Axivion Bauhaus Suite |
| CertC-EXP45 | ||||||||||||||||||||
| Clang |
| -Wparentheses | Can detect some instances of this rule, but does not detect all | |||||||||||||||||||
| CodeSonar |
| LANG.STRUCT.CONDASSIG LANG.STRUCT.SE.COND LANG.STRUCT.USEASSIGN | Assignment in conditional Condition contains side effects Assignment result in expression | |||||||||||||||||||
| Compass/ROSE | Could detect violations of this recommendation by identifying any assignment expression as the top-level expression in an | |||||||||||||||||||||
| Cppcheck Premium |
| premium-cert-exp45-c | Partially implemented | |||||||||||||||||||
| CC2.EXP18 | Fully implemented | ||||||||||||||||||||
| GCC |
| Can detect violations of this recommendation when the | ||||||||||||||||||||
| Helix QAC |
| C3314, C3326, C3344, C3416 C++4071, C++4074 | ||||||||||||||||||||
| Klocwork |
| ASSIGCOND.CALL | ||||||||||||||||||||
| LDRA tool suite |
| 114 S, 132 S | Enhanced Enforcement | |||||||||||||||||||
| Parasoft C/C++test |
| CERT_C-EXP45-aCERT_C-EXP45-b | cd | Avoid conditions that always evaluate to the same valueAssignment operators shall not be used in conditions without brackets | A function identifier shall only be used with either a preceding '&', or with a parenthesised parameter list, which may be emptyAssignment operators shall not be used in expressions that yield a Boolean value | |||||||||||||||||
| PC-lint Plus |
| 720 | Partially supported: reports Boolean test of unparenthesized assignment | |||||||||||||||||||
| Polyspace Bug Finder |
| Invalid use of = operator | Assignment in conditional statement | PRQA QA-C | ||||||||||||||||||
| Include Page | PRQA QA-C_v | PRQA QA-C_v | 3314, 3326, 3344, 3416 | Partially implemented | CERT C: Rule EXP45-C | Checks for invalid use of = (assignment) operator (rule fully covered) | PRQA QA-C++ | | Include Page | | cplusplus:PRQA QA-C++_V | cplusplus:PRQA QA-C++_V | 4071, 4074|||||||||||
| PVS-Studio |
| V559, V633, V699 | ||||||||||||||||||||
| RuleChecker |
| assignment-conditional | Fully checked | |||||||||||||||||||
| SonarQube C/C++ Plugin |
| AssignmentInSubExpression |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...