Mixing bitwise and relational operators in the same full expression can be a sign of a logic error in the expression where a logical operator is usually the intended operator. Do not use the bitwise AND (&), bitwise OR (|), or bitwise XOR (^) operators with an operand of type _Bool, or the result of a relational-expression or equality-expression. If the bitwise operator is intended, it should be indicated with use of a parenthesized expression.
Noncompliant Code Example
In this noncompliant code example, a bitwise & operator is used with the results of an equality-expression:
if (!(getuid() & geteuid() == 0)) {
/* ... */
}
Compliant Solution
This compliant solution uses the && operator for the logical operation within the conditional expression:
if (!(getuid() && geteuid() == 0)) {
/* ... */
}
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP46-C | Low | Likely | Low | P9 | L2 |
Automated Detection
Tool | Version | Checker | Description |
|---|---|---|---|
| CodeSonar | 9.1p0 | LANG.TYPE.IOT | Inappropriate operand type |
| 2017.07 | CONSTANT_EXPRESSION_RESULT | Partially implemented | |
| Klocwork | 2025.2 | MISRA.LOGIC.OPERATOR.NOT_BOOL | |
| LDRA tool suite | 9.7.1 | 136 S | Fully Implemented |
| Parasoft C/C++test | 9.5 | MISRA2004-12_6_{a,b} | Fully implemented |
| PRQA QA-C | Unable to render {include} The included page could not be found. | 3344,4502 | |
| Cppcheck | 2.15 | cert.py | Detected by the addon cert.py |
| PRQA CA-C++ | 4.2 | 3709 |
Related Guidelines
| ISO/IEC TR 24772:2013 | Likely Incorrect Expression [KOA] |
| MITRE CWE | CWE-480, Use of incorrect operator |
Bibliography
| [Hatton 1995] | Section 2.7.2, "Errors of Omission and Addition" |
