C programmers commonly make errors regarding the precedence rules of C operators due to the unintuitive low precedence levels of "&", "|", "^", "<<", and ">>". Mistakes regarding precedence rules can be avoided by the suitable use of parentheses. Using parentheses defensively reduces errors and, if not taken to excess, makes the code more readable.
The following C expression, intended to test the least significant bit of x
x & 1 == 0 |
However, it is parsed as
x & (1 == 0) |
which the compiler would probably evaluate at compile time to
(x & 0) |
and then to 0.
Adding parentheses to indicate precedence will cause the expression to evaluate as expected.
(x & 1) == 0 |
Mistakes regarding precedence rules may cause an expression to be evaluated in an unintended way. This can lead to unexpected and abnormal program behavior.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
EXP00-A |
1 (low) |
2 (probable) |
2 (medium) |
P4 |
L3 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] 6.5, "Expressions" \[[NASA-GB-1740.13|AA. C References#NASA-GB-1740.13]\] 6.4.3, "C Language" \[[Dowd 06|AA. C References#Dowd 06]\] Chapter 6, "C Language Issues" (Precedence, pp. 287-288) |