[cfe-dev] More static analysis...
Alexei Svitkine
alexei.svitkine at gmail.com
Fri Feb 27 13:08:03 PST 2009
> I'd be interested to see how often this actually comes up (as opposed
> to <non-boolean value>&<bitmask>). The bug in OpenSSL was a function
> that returned 1 for success, 0 for failure and -1 for error.
> if(func(...)) obviously is trying to test for success but includes
> error. Which is bad.
If you look at Unix system calls, often the return value is 0 for
success, so if (foo()) {} may be checking correctly for failure...
My guess is you'd find lots of occurrences of this sort of thing in
the wild. Unless a style guide a project is using explicitly forbids
it, people will use it.
-Alexei
More information about the cfe-dev
mailing list