...
Although failures are frequently indicated by a return value of 0, some common conventions may conflict in the future with code in which the test for nonzero is not explicit. In this case, defaulting the test for nonzero welcomes bugs if and when a developer modifies foovalidateUser() to return an error code or −1 rather than 0 to indicate a failure (all of which are also common conventions).
...
Code that does not conform to the common practices presented is difficult to maintain. Bugs can easily arise when modifying helper functions that evaluate true/false or success/failure. Bugs can also easily arise when modifying code that tests for equality using a comparison function that obeys the same conventions as standard library functions such as strcmp.
Recommendation | Severity | Likelihood | Detectable |
|---|
Repairable | Priority | Level | |
|---|---|---|---|
EXP20-C | Medium | Probable | Yes |
Yes | P12 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||||
| Astrée |
| non-boolean-condition | Fully checked | ||||||
| Axivion Bauhaus Suite |
| CertC-EXP20 | Fully implemented | ||||||
| Helix QAC |
| C3344, C4116 | |||||||
| LDRA tool suite |
| 114 S | Partially |
3344
4116
| implemented | |||||||||
| Parasoft C/C++test |
| CERT_C-EXP20-a | Avoid comparing values with the 'TRUE' identifier using equality operators ("==", "!=") | ||||||
| PC-lint Plus |
| 697 | Partially supported: reports comparisons of Boolean values to constants other than 0 | ||||||
| RuleChecker |
| non-boolean-condition | Fully checked |
Bibliography
| [StackOvflw 2009] | "Should I Return TRUE/FALSE Values from a C Function?" |
...
...