PTR-cmp-str-lit
In this section:
Synopsis
A variable is tested for equality with a string literal.
Enabled by default
Yes
Severity/Certainty
Low/High
Full description
A variable is tested for equality with a string literal. This compares the variable with the address of the literal, which is probably not the intended behavior. It is more likely that the intent is to compare the contents of strings at different addresses, for example with the strcmp() function.
Coding standards
- CWE 597
Use of Wrong Operator in String Comparison
Code examples
The following code example fails the check and will give a warning:
#include <stdio.h>
int main (void) {
char *p = "String";
if (p == "String") {
printf("They're equal.\n");
}
return 0;
}
The following code example passes the check and will not give a warning about this issue:
#include <stdio.h>
#include <string.h>
int main (void) {
char *p = "String";
//OK - using string comparison function
if (strcmp(p,"String") == 0) {
printf("They're equal.\n");
}
return 0;
}