C programmers commonly make errors regarding the precedence rules of C operators due to the unintuitive low precedence levels of "&", "|", "^", "<<", and ">>". Mistakes regarding precedence rules can be avoided by the suitable use of parentheses. Using parentheses defensively reduces errors and, if not taken to excess, makes the code more readable.
Non-Compliant Code Example
The following C expression, intended to test the least significant bit of x
x & 1 == 0
However, it is parsed as
x & (1 == 0)
which the compiler would probably evaluate at compile time to
(x & 0)
and then to 0.
Compliant Solution
Adding parentheses to indicate precedence will cause the expression to evaluate as expected.
(x & 1) == 0
Risk Assessment
Mistakes regarding precedence rules may cause an expression to be evaluated in an unintended way. This can lead to unexpected and abnormal program behavior.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
EXP00-A |
1 (low) |
2 (probable) |
2 (medium) |
P4 |
L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
[[ISO/IEC 9899-1999]] 6.5, "Expressions"
[[NASA-GB-1740.13]] 6.4.3, "C Language"
[[Dowd 06]] Chapter 6, "C Language Issues" (Precedence, pp. 287-288)