Query module DangerousNonShortCircuitLogic

name
Potentially dangerous use of non-short-circuit logic
description
The & and | operators do not use short-circuit evaluation and can be dangerous when applied to boolean operands. In particular, their use can result in errors if the left-hand operand checks for cases in which it is not safe to evaluate the right-hand one.
kind
problem
problem.severity
error
precision
high
id
cs/non-short-circuit
tags
reliability correctness logic external/cwe/cwe-480 external/cwe/cwe-691

Imports

csharp

The default C# QL library.

Classes

DangerousExpression

An expression containing a qualified member access, a method call, or an array access.

NonShortCircuit

A use of & or | on operands of type boolean.