Parenthesize all variable names in macro definitions. See also \[[PRE02|PRE02-A. Macro expansion must always be parenthesized]\]. |
This CUBE() macro definition is non-compliant because it fails to parethesize the variable names.
#define CUBE(I) (I * I * I) int a = 81 / CUBE(2 + 1); |
As a result, the invocation
int a = 81 / CUBE(2 + 1); |
expands to
int a = 81 / (2 + 1 * 2 + 1 * 2 + 1); /* evalutaes to 11 */ |
while the desired behavior is
int a = 81 / ( (2 + 1) * (2 + 1) * (2 + 1)); /* evaluates to 3 */ |
Parenthesizing all variable names the in the CUBE() macro allows it to expand correctly (when invoked in this manner).
#define CUBE(I) ( (I) * (I) * (I) ) int a = 81 / CUBE(2 + 1); |
However, if a parameter appears several times in the expansion, the macro may not work properly if the actual argument is an expression with side effects. Given the CUBE() macro above, the invocation:
int a = 81 / CUBE(i++); |
expands to:
int a = 81 / (i++ * i++ * i++); |
which is undefined (see \[[EXP30|EXP30-C. Do not depend on order of evaluation between sequence points]\]). |
Component |
Value |
|---|---|
Severity |
1 (low) |
Likelihood |
1 (unlikely) |
Remediation cost |
3 (low) |