Mixing bitwise and relational operators in the same full expression can be a sign of a logic error in the expression where a logical operator is usually the intended operator. Do not use the bitwise AND (&), bitwise OR (|), or bitwise XOR (^) operators with an operand of type _Bool, or the result of a relational-expression or equality-expression. If the bitwise operator is intended, it should be indicated with use of a parenthesized expression.

Noncompliant Code Example

In this noncompliant code example, a bitwise & operator is used with the results of two equality-expressions:

if (getuid() == 0 & getgid() == 0) { 
  /* ... */ 
} 

Compliant Solution

This compliant solution uses the && operator for the logical operation within the conditional expression:

if (getuid() == 0 && getgid() == 0) {
  /* ... */
}

Risk Assessment

Automated Detection

Tool	Version	Checker	Description
Astrée		inappropriate-bool	Supported indirectly via MISRA C:2012 Rule 10.1
Axivion Bauhaus Suite		CertC-EXP46
CodeSonar		LANG.TYPE.IOT	Inappropriate operand type
Coverity		CONSTANT_EXPRESSION_RESULT	Partially implemented
Cppcheck		cert.py	Detected by the addon cert.py
Helix QAC		C3344, C4502 C++3709
Klocwork		MISRA.LOGIC.OPERATOR.NOT_BOOL
LDRA tool suite		136 S	Fully Implemented
Parasoft C/C++test		CERT_C-EXP46-b	Expressions that are effectively Boolean should not be used as operands to operators other than (&&, ||, !, =, ==, !=, ?:)
PC-lint Plus		514	Fully supported
Polyspace Bug Finder		CERT C: Rule EXP46-C	Checks for bitwise operations on boolean operands (rule fully covered)
PVS-Studio		V564, V1015
RuleChecker		inappropriate-bool	Supported indirectly via MISRA C:2012 Rule 10.1

Related Guidelines

Key here (explains table format and definitions)

CERT-CWE Mapping Notes

Key here for mapping notes

CWE-480 and EXP46-C

Intersection( EXP45-C, EXP46-C) = Ø

CWE-480 = Union( EXP46-C, list) where list =

• Usage of incorrect operator besides s/&/&&/ or s/|/||/

Bibliography