EXP13-C. Treat relational and equality operators as if they were nonassociative

The relational and equality operators are left-associative in C. Consequently C, unlike many other languages, allows chaining of relational and equality operators. C99, Section 6.5.8 "Relational operators", paragraph 6 has a footnote (92) which says

The expression a<b<c is not interpreted as in ordinary mathematics. As the syntax indicates, it means (a<b)<c; in other words, "if a is less than b, compare 1 to c; otherwise, compare 0 to c".

These operators are left-associative, which means the leftmost comparison is performed first, and the result is compared with the rightmost comparison. This allows a programmer to write an expression (particularly an expression used as a condition) that can be easily misinterpreted.

Noncompliant Code Example

While this noncompliant code example compiles correctly, it is unlikely that it means what the author of the code intended.

int a = 2;
int b = 2;
int c = 2;
/* ... */
if (a < b < c) /* misleading, likely bug */
/* ... */
if (a == b == c) /* misleading, likely bug */

The expression a < b < c evaluates to true, rather than false as its author probably intended, and the expression a == b == c evaluates to false, rather than true as its author probably intended.

Compliant Solution

Treat relational and equality operators as if it were invalid to chain them.

if ( (a < b) && (b < c) ) /* clearer, and probably what was intended */
/* ... */
if ( (a == b) && (a == c) ) /* ditto */

Automated Detection

Related Guidelines

C++ Secure Coding Standard: EXP17-CPP. Treat relational and equality operators as if they were nonassociative

Risk Assessment

Incorrect use of relational and equality operators can lead to incorrect control flow.

Bibliography

[ISO/IEC 9899:1999] Section 6.5.8 "Relational operators"

      03. Expressions (EXP)      EXP14-C. Beware of integer promotion when performing bitwise operations on chars or shorts