CERT C: Rule EXP45-C

Do not perform assignments in selection statements

expand all in page

Description

Rule Definition

Do not perform assignments in selection statements.¹

Polyspace Implementation

The rule checker checks for Invalid use of = (assignment) operator.

Examples

expand all

Invalid use of = (assignment) operator

Issue

Invalid use of = operator occurs when an assignment is made inside the predicate of a conditional, such as if or while.

In C and C++, a single equal sign is an assignment not a comparison. Using a single equal sign in a conditional statement can indicate a typo or a mistake.

Risk

Conditional statement tests the wrong values— The single equal sign operation assigns the value of the right operand to the left operand. Then, because this assignment is inside the predicate of a conditional, the program checks whether the new value of the left operand is nonzero or not NULL.
Maintenance and readability issues — Even if the assignment is intended, someone reading or updating the code can misinterpret the assignment as an equality comparison instead of an assignment.

Fix

If the assignment is a bug, to check for equality, add a second equal sign (==).
If the assignment inside the conditional statement was intentional, to improve readability, separate the assignment and the test. Move the assignment outside the control statement. In the control statement, simply test the result of the assignment.
If you do not want to fix the issue, add comments to your result or code to avoid another review. See:
- Address Results in Polyspace User Interface Through Bug Fixes or Justifications if you review results in the Polyspace user interface.
- Address Results in Polyspace Access Through Bug Fixes or Justifications (Polyspace Access) if you review results in a web browser.
- Annotate Code and Hide Known or Acceptable Results if you review results in an IDE.

Example - Single Equal Sign Inside an if Condition

#include <stdio.h>

void bad_equals_ex(int alpha, int beta)
{
    if(alpha = beta) //Noncompliant
    {
        printf("Equal\n");
    }
}

The equal sign is flagged as a defect because the assignment operator is used within the predicate of the if-statement. The predicate assigns the value beta to alpha, then implicitly tests whether alpha is true or false.

Correction — Change Expression to Comparison

One possible correction is adding an additional equal sign. This correction changes the assignment to a comparison. The if condition compares whether alpha and beta are equal.

#include <stdio.h>

void equality_test(int alpha, int beta)
{
    if(alpha == beta)
    {
        printf("Equal\n");
    }
}

Correction — Assignment and Comparison Inside the if Condition

If an assignment must be made inside the predicate, a possible correction is adding an explicit comparison. This correction assigns the value of beta to alpha, then explicitly checks whether alpha is nonzero. The code is clearer.

#include <stdio.h>

int assignment_not_zero(int alpha, int beta)
{
    if((alpha = beta) != 0)
    {
        return alpha;
    }
    else
    {
        return 0;
    }
}

Correction — Move Assignment Outside the if Statement

If the assignment can be made outside the control statement, one possible correction is to separate the assignment and comparison. This correction assigns the value of beta to alpha before the if. Inside the if-condition, only alpha is given to test if alpha is nonzero or not NULL.

#include <stdio.h>

void assign_and_print(int alpha, int beta)
{
    alpha = beta;
    if(alpha)
    {
        printf("%d", alpha);
    }
}

Check Information

Group: Rule 03. Expressions (EXP)

Version History

Introduced in R2019a

¹ This software has been created by MathWorks incorporating portions of: the “SEI CERT-C Website,” © 2017 Carnegie Mellon University, the SEI CERT-C++ Web site © 2017 Carnegie Mellon University, ”SEI CERT C Coding Standard – Rules for Developing safe, Reliable and Secure systems – 2016 Edition,” © 2016 Carnegie Mellon University, and “SEI CERT C++ Coding Standard – Rules for Developing safe, Reliable and Secure systems in C++ – 2016 Edition” © 2016 Carnegie Mellon University, with special permission from its Software Engineering Institute.

ANY MATERIAL OF CARNEGIE MELLON UNIVERSITY AND/OR ITS SOFTWARE ENGINEERING INSTITUTE CONTAINED HEREIN IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.

This software and associated documentation has not been reviewed nor is it endorsed by Carnegie Mellon University or its Software Engineering Institute.