V709. Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'.


The analyzer has detected a logical expression of the a == b == c pattern. Unfortunately, programmers tend to forget every now and then that rules of the C and C++ languages do not coincide with mathematical rules (and, at first glance, common sense), and believe they can use this comparison to check if three variables are equal. But actually, a bit different thing will be calculated instead of that.

Let's check an example.

if (a == b == c) ....

Let a == 2, b == 2 and c == 2. The first comparison (a == b) is true as 2 == 2. As a result, this comparison returns the value true (1). But the second comparison (... = c) will return the value false because true != 2. To have a comparison of three (or more) variables done correctly, one should use the following expression:

if (a == b && b == c) ....

In this case, a == b will return true, b == c will return true and the result of the logical operation AND will also be true.

However, expressions looking similar to incorrect ones are often used to make code shorter. The analyzer won't generate the warning for cases when:

1) The third variable is of the bool, BOOL, etc. types or by itself equals 0, 1, true or false. In this case, the error is very unlikely - the code is almost surely to be correct:

bool compare(int a, int b, bool res)
{
  return a == b == res;
}

2) The expression contains parentheses. In this case, it is obvious that the programmer understands the expression's logic perfectly well and wants it to be executed exactly the way it is written:

if ((a == b) == c) ....

In case the analyzer has generated a false V709 waning, we recommend that you add parentheses into the code to eliminate it, like in the example above. Thus you will indicate to other programmers that the code is correct.

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-682.

You can look at examples of errors detected by the V709 diagnostic.


Bugs Found

Checked Projects
334
Collected Errors
12 668