ASSIGCOND.CALL

Function call in assignment in conditional statement

The ASSIGCOND.CALL checker finds conditional statements in which the right part of an assignment expression is a function call.

Vulnerability and risk

This checker typically finds syntax errors, usually cases in which an assignment operator is used mistakenly instead of a comparison operator. If the error isn't corrected, unintended program behavior is likely to occur.

Vulnerable code example

1
2
3
4
5
6
7
8
  class A{
     void foo(int);
     int qq();
  };
  void A::foo(int i)
  {
    if(i=qq()){} 
  }

In the code example, Klocwork has flagged line 7 because the right side of the assignment expression in the if statement appears to be a function call.

Fixed code example 1

1
2
3
4
5
6
7
8
  class A{
     void foo(int);
     int qq();
  };
  void A::foo(int i)
  {
    if((i==qq()) {} 
  }

In this fixed code, the assignment operator has been replaced with the intended comparison operator.

Fixed code example 2

1
2
3
4
5
6
7
8
  class A{
     void foo(int);
     int qq();
  };
  void A::foo(int i)
  {
    if((i=qq()) !=0) {} 
  }

In this fixed code, brackets have been used to make the assignment syntax clear.

Related checkers

• ASSIGCOND.GEN

External guidance

• CERT EXP45-C: Do not perform assignments in selection statements
• CWE-480: Use of Incorrect Operator
• CWE-481: Assigning instead of Comparing

Security training

Application security training materials provided by Secure Code Warrior.

• Business Logic Training Video - Test your skills with a training example