The relational and equality operators are left-associative in C. Consequently, C, unlike many other languages, allows chaining of relational and equality operators. C99, Section 6.5.8 "Relational operators", paragraph 6 has a footnote (92), which says
The expression a<b<c is not interpreted as in ordinary mathematics. As the syntax indicates, it means (a<b)<c; in other words, "if a is less than b, compare 1 to c; otherwise, compare 0 to c".
These operators are left-associative, which means the leftmost comparison is performed first, and the result is compared with the rightmost comparison. This allows a programmer to write an expression (particularly an expression used as a condition) that can be easily misinterpreted.
Noncompliant Code Example
While this noncompliant code example compiles correctly, it is unlikely that it means what the author of the code intended.
int a = 2; int b = 2; int c = 2; /* ... */ if (a < b < c) /* misleading, likely bug */ /* ... */ if (a == b == c) /* misleading, likely bug */
The expression a < b < c evaluates to true, rather than false as its author probably intended, and the expression a == b == c evaluates to false, rather than true as its author probably intended.
Compliant Solution
Treat relational and equality operators as if it were invalid to chain them.
if ( (a < b) && (b < c) ) /* clearer, and probably what was intended */ /* ... */ if ( (a == b) && (a == c) ) /* ditto */
Risk Assessment
Incorrect use of relational and equality operators can lead to incorrect control flow.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
EXP13-C |
low |
unlikely |
medium |
P2 |
L3 |
Automated Detection
Tool |
Version |
Checker |
Description |
|---|---|---|---|
GCC |
4.3.5 |
|
Option |
| ECLAIR |
1.2 | exprprns |
Fully Implemented |
Related Guidelines
CERT C++ Secure Coding Standard: EXP17-CPP. Treat relational and equality operators as if they were nonassociative
ISO/IEC 9899:1999 Section 6.5.8 "Relational operators"