Calysto v1.5 reports on ssh v4.6p1

Darren Tucker dtucker at zip.com.au
Sun Aug 12 14:51:29 EST 2007


Peter Stuge wrote:
[...]
> I guess the analyzer is concerned with compilers that generate code
> to evaluate both statements even though the first one fails. If the
> second statement succeeds then it seems to be at least an fd leak.
> 
> I don't know what the rules are for C - apparently GCC stops
> evaluating once the complete statement is impossible, but is it
> good form to rely on that behavior?

That "short circuit" or "lazy evaluation" behaviour is specified by the 
C standards (and I'm pretty sure it's in the K&R book too although I 
don't have a copy to confirm that).

 From section 6.5.13 of what I think this is the most recent C99 spec[1]:

[quote]
        [#4]  Unlike  the bitwise binary & operator, the && operator
        guarantees left-to-right evaluation;  there  is  a  sequence
        point  after  the  evaluation  of the first operand.  If the
        first operand compares equal to 0, the second operand is not
        evaluated.
[/quote]

I would assume that there's similar language in the original ANSI C spec.

[1] http://std.dkuug.dk/jtc1/sc22/open/n2794/n2794.txt

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list