SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

The relational and equality operators are left-associative in C. Consequently C, unlike many other languages, allows chaining of relational and equality operators. C99, section 6.5.8 "Relational operators", paragraph 6 has a footnote (92) which says:

The expression a<b<c is not interpreted as in ordinary mathematics. As the syntax indicates, it means (a<b)<c; in other words, "if a is less than b, compare 1 to c; otherwise, compare 0 to c".

These operators are left-associative, which means the leftmost comparison is performed first, and the result is compared with the rightmost comparison. This allows a programmer to write an expression (particularly an expression used as a condition) that can be easily misinterpreted.

Noncompliant Code Example

While this noncompliant code example compiles correctly, it is unlikely that it means what the author of the code intended. 

int a = 2;
int b = 2;
int c = 2;
/* ... */
if (a < b < c) /* misleading, likely bug */
/* ... */
if (a == b == c) /* misleading, likely bug */

The expression a < b < c evaluates to true, rather than false as its author probably intended, and the expression a == b == c evaluates to false, rather than true as its author probably intended.

Compliant Solution

Treat relational and equality operators as if it were invalid to chain them.

if ( (a < b) && (b < c) ) /* clearer, and probably what was intended */
/* ... */
if ( (a == b) && (a == c) ) /* ditto */

Automated Detection

The GCC option -Wparentheses warns if a comparison like x<=y<=z appears. This warning is also enabled by -Wall.

Other Languages

This rule appears in the C++ Secure Coding Standard as EXP17-CPP. Treat relational and equality operators as if they were nonassociative.

Risk Assessment

Incorrect use of relational and equality operators can lead to incorrect control flow.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP09-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

References

[[ISO/IEC 9899:1999]] Section 6.5.8 "Relational operators"

      03. Expressions (EXP)      EXP14-C. Beware of integer promotion when performing bitwise operations on chars or shorts

  • No labels