Page History

Mixing bitwise and relational operators in the same full expression can be a sign of a logic error in the expression where a logical operator is usually the intended operator. Do not use the bitwise AND (&), bitwise OR (|), or bitwise XOR (^) operators with an operand of type _Bool, or the result of a relational-expression or equality-expression. If the bitwise operator is intended, it should be indicated with use of a parenthesized expression.

...

In this noncompliant code example, a bitwise & operator operator is used with the results of an two equality-expressionexpressions:

Code Block

bgColor	#FFcccc
lang	c

if (!(getuid() == 0 & geteuidgetgid() == 0)) { 
  /* ... */ 
}

Compliant Solution

...

Code Block

bgColor	#ccccff
lang	c

if (!(getuid() == 0 && geteuidgetgid() == 0)) {
  /* ... */
}

Risk Assessment

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
EXP46-C	Low	Likely	Low	P9	L2

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

inappropriate-bool

Supported indirectly via MISRA C:2012 Rule 10.1

Axivion Bauhaus Suite

Include Page

	Axivion Bauhaus Suite_V
	Axivion Bauhaus Suite_V

CertC-EXP46

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.TYPE.IOT

Inappropriate operand type

Coverity

Include Page

	Coverity_V
	Coverity_V

CONSTANT_EXPRESSION_RESULT

Can detect the specific instance where bitwise operator is used in place of logical operator, or vice versa. The behavior might be desirable in some situations, so further verification is necessary

PRQA QA-C Include PagePRQA QA-C_vPRQA QA-C_v3344,4502

...

Partially implemented

Cppcheck

Include Page

	Cppcheck_V
	Cppcheck_V

bitwiseOnBoolean

Cppcheck Premium

Include Page

	Cppcheck Premium_V
	Cppcheck Premium_V

bitwiseOnBoolean

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C3344, C4502

C++3709

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

MISRA.LOGIC.OPERATOR.NOT_BOOL

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

136 S

Fully Implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-EXP46-b

Expressions that are effectively Boolean should not be used as operands to operators other than (&&, ||, !, =, ==, !=, ?:)

PC-lint Plus

Include Page

	PC-lint Plus_V
	PC-lint Plus_V

514

Fully supported

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule EXP46-C

Checks for bitwise operations on boolean operands (rule fully covered)

PVS-Studio

Include Page

	PVS-Studio_V
	PVS-Studio_V

V564, V1015

RuleChecker

Include Page

	RuleChecker_V
	RuleChecker_V

inappropriate-bool

Supported indirectly via MISRA C:2012 Rule 10.1

Security Reviewer - Static Reviewer

Include Page

	Security Reviewer - Static Reviewer_V
	Security Reviewer - Static Reviewer_V

C73

Fully implemented

Related Guidelines

Key here (explains table format and definitions)

Taxonomy	Taxonomy item	Relationship
ISO/IEC TR 24772:2013	Likely Incorrect Expression [KOA]

MITRE CWE

	Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11	CWE-480, Use of incorrect operator	2017-07-05: CERT: Rule subset of CWE
CWE 2.11	CWE-569	2017-07-06: CERT: Rule subset of CWE

CERT-CWE Mapping Notes

Key here for mapping notes

CWE-480 and EXP46-C

Intersection( EXP45-C, EXP46-C) = Ø

CWE-480 = Union( EXP46-C, list) where list =

Usage of incorrect operator besides s/&/&&/ or s/|/||/

Bibliography

[Hatton 1995]

Section 2.7.2, "Errors of Omission and Addition"

...

Image Modified Image Modified Image Modified

Space shortcuts

Page tree

Versions Compared

Old Version 43

New Version Current

Key

Compliant Solution

Risk Assessment

Automated Detection

Related Guidelines

CERT-CWE Mapping Notes

CWE-480 and EXP46-C

Bibliography