Assignment where comparison was intended¶

ID: cpp/assign-where-compare-meant
Kind: problem
Security severity: 
Severity: error
Precision: high
Tags:
   - reliability
   - correctness
   - external/cwe/cwe-481
Query suites:
   - cpp-security-and-quality.qls

Click to see the query in the CodeQL repository

This rule finds uses of the assignment operator = in places where the equality operator == would make more sense. This is a very common mistake in C and C++, because of the similarity of the = and the == operator, and the fact that the if statement accepts a condition with an integral type, instead of limiting it to just the bool type.

The rule flags every occurrence of an assignment in a position where its result is interpreted as a truth value. An assignment is only flagged if its right hand side is a compile-time constant.

Recommendation¶

Check to ensure that the flagged expressions are not typos. If an assignment is really intended to be treated as a truth value, it may be better to surround it with parentheses.

Example¶

if(p = NULL) { //most likely == was intended. Otherwise it evaluates to the value
               //of the rhs of the assignment (which is NULL)
 ...
}

References¶

Tutorialspoint - The C++ Programming Language: Operators in C++
Wikipedia: Operators in C and C++
Common Weakness Enumeration: CWE-481.

© GitHub, Inc.
Terms
Privacy

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy