Mixing bitwise and relational operators in the same full expression can be a sign of a logic error in the expression where a logical operator is usually the intended operator. Do not use the bitwise AND (&), bitwise OR (|), or bitwise XOR (^) operators with an operand of type _Bool, or the result of a relational-expression or equality-expression. If the bitwise operator is intended, it should be indicated with use of a parenthesized expression.

Noncompliant Code Example

In this noncompliant code example, a bitwise & operator is used with the results of an equality-expression:

if (!(getuid() & geteuid() == 0)) { 
  /* ... */ 
}

Compliant Solution

This compliant solution uses the && operator for the logical operation within the conditional expression:

if (!(getuid() && geteuid() == 0)) {
  /* ... */
}

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP46-C

Low

Likely

Low

P9

L2

Automated Detection

Tool

Version

Checker

Description

Astrée Supported, but no explicit checker
CodeSonarLANG.TYPE.IOTInappropriate operand type

Coverity

CONSTANT_EXPRESSION_RESULT

Partially implemented

KlocworkMISRA.LOGIC.OPERATOR.NOT_BOOL 
LDRA tool suite136 SFully Implemented
Parasoft C/C++test MISRA2004-12_6_{a,b}Fully implemented
PRQA QA-C3344,4502 
Cppcheckcert.pyDetected by the addon cert.py
 PRQA CA-C++4.2 3709 

Related Guidelines

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

ISO/IEC TR 24772:2013Likely Incorrect Expression [KOA]Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11CWE-480, Use of incorrect operator2017-07-05: CERT: Rule subset of CWE
CWE 2.11CWE-5692017-07-06: CERT: Rule subset of CWE

CERT-CWE Mapping Notes

Key here for mapping notes

CWE-480 and EXP46-C

Intersection( EXP45-C, EXP46-C) = Ø CWE-480 = Union( EXP46-C, list) where list =

Bibliography

[Hatton 1995]Section 2.7.2, "Errors of Omission and Addition"