[metadata]
id = "EXP16-C"
type = "recommendation"
category = "EXP"
number = 16
title = "Do not compare function pointers to constant values"
description = """
Comparing a function pointer to a value that is not a null function pointer of
the same type will be diagnosed because it typically indicates programmer error
and can result inunexpected behavior. Implicit comparisons will be diagnosed, as
well. In this noncompliant code example, the addresses of the POSIX
functionsgetuidandgeteuidare compared for equality to 0. Because no function
address shall be null, the first subexpression will always evaluate to false
(0), and the second subexpression always to true (nonzero). Consequently, the
entire expression will always evaluate to true, leading to a potential security
vulnerability. /* First the options that are allowed only for root */ if (getuid
== 0 || geteuid != 0) { /* ... */ }
"""
severity = "Low"
likelihood = "Likely"
priority = "P6"
level = "L2"
cert_version = "2016 Edition (Wiki)"
last_modified = "May 20, 2025"
[rules.cert_c.EXP16-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/EXP16-C.+Do+not+compare+function+pointers+to+constant+values"
cwe = ["CWE-480", "CWE-482"]