Page History

...

In this example, a bitwise complement of port is first computed and then shifted 4 bits to the right. If both of these operations are performed on an 8-bit unsigned integer, then result_8 will have the value 0x0a. However, port is first promoted to a signed int, with the following results (on a typical architecture where type int is 32 bits wide):

Expression	Type	Value	Notes
`port`	`uint8_t`	`0x5a`


`~port`	`int`	`0xffffffa5`


`~port >> 4`	`int`	`0x0ffffffa`	Whether or not value is negative is implementation-defined.
`result_8`	`uint8_t`	`0xfa`

Compliant Solution

In this compliant solution, the bitwise complement of port is converted back to 8 bits. Consequently, result_8 is assigned the expected value of 0x0aU.

...

Bitwise operations on shorts and chars can produce incorrect data.

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
EXP14-C	low	likely	high	P3	L3

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

Supported

Axivion Bauhaus Suite

Include Page

	Axivion Bauhaus Suite_V
	Axivion Bauhaus Suite_V

CertC-EXP14

Fully implemented

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.CAST.RIP

Risky integer promotion

Compass/ROSE

ECLAIR

Include Page

	ECLAIR_V
	ECLAIR_V

CC2.EXP14

Fully implemented

Parasoft C/C++test

Include Page

c:

	Parasoft_V

c:

	Parasoft_V

MISRA-043{b}

CERT_C-EXP14-a

Avoid mixing arithmetic of different precisions in the same expression

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding Standard	VOID EXP15-CPP. Beware of integer promotion when performing bitwise operations on chars or shorts
MISRA-C	Rule 10.5

...

Space shortcuts

Page tree

Versions Compared

Old Version 37

New Version Current

Key

Compliant Solution

Automated Detection

Related Vulnerabilities

Related Guidelines