[cfe-dev] More static analysis...

[Alexei Svitkine]

> I'd be interested to see how often this actually comes up (as opposed
> to <non-boolean value>&<bitmask>). The bug in OpenSSL was a function
> that returned 1 for success, 0 for failure and -1 for error.
> if(func(...)) obviously is trying to test for success but includes
> error. Which is bad.

If you look at Unix system calls, often the return value is 0 for
success, so if (foo()) {} may be checking correctly for failure...

My guess is you'd find lots of occurrences of this sort of thing in
the wild. Unless a style guide a project is using explicitly forbids
it, people will use it.

-Alexei