Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The relational and equality operators are left-associative in C. Consequently, C, unlike many other languages, allows chaining of relational and equality operators. C99, Section Subclause 6.5.8 "Relational operators", paragraph 6 has a footnote (92) which saysfootnote 107, of the C Standard [ISO/IEC 9899:2011], says:

The expression a<b<c is not interpreted as in ordinary mathematics. As the syntax indicates, it means (a<b)<c; in other words, "if a is less than b, compare 1 to c; otherwise, compare 0 to c.".

These operators are left-associative, which means the leftmost comparison is performed first, and the result is compared with the rightmost comparison. This syntax allows a programmer to write an expression (particularly an expression used as a condition) that can be easily misinterpreted.

Noncompliant Code Example

While Although this noncompliant code example compiles correctly, it is unlikely that it means what the author of the code intended. :

Code Block
bgColor#FFcccc
langc

int a = 2;
int b = 2;
int c = 2;
/* ... */
if (a < b < c) /* misleading,Misleading; likely bug */
/* ... */
if (a == b == c) /* misleading,Misleading; likely bug */

The expression a < b < c evaluates to true , rather than false , as its author probably intended, to false, and the expression a == b == c evaluates to false , rather than true , as its author probably intended, to true.

Compliant Solution

Treat relational and equality operators as if it were invalid to chain them.:

Code Block
bgColor#ccccff
langc

if ( (a < b) && (b < c) ) /* clearer,Clearer and probably what was intended */
/* ... */
if ( (a == b) && (a == c) ) /* dittoDitto */

Risk Assessment

Incorrect use of relational and equality operators can lead to incorrect control flow.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP13-C

Low

Unlikely

Medium

P2

L3

Automated Detection

Tool

Version

Checker

Description

section

Astrée
Include Page
Astrée_V
Astrée_V
chained-comparisonFully checked

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.EXP13

Fully implemented

GCC
Include Page
c:
GCC_V
c:
GCC_V

 

Sectionoption


Option -Wparentheses warns if a comparison like x<=y<=z appears

. This

; this warning is also enabled by -Wall

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C3392, C3401, C4111, C4112, C4113


LDRA tool suite
Include Page
LDRA_V
LDRA_V
433 SFully implemented
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

503, 731

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. EXP13-CChecks for possibly unintended evaluation of expression because of operator precedence rules (rec. fully covered)


PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V709
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
chained-comparisonFully checked

Related Guidelines

...

...

Risk Assessment

Incorrect use of relational and equality operators can lead to incorrect control flow.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP09-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

Bibliography

...

...

[

...

...

...

2011]Subclause 6.5.8

...

, "Relational

...

Operators"


...

Image Removed      03. Expressions (EXP)      EXP14-C. Beware of integer promotion when performing bitwise operations on chars or shortsImage Added Image Added Image Added