CWE-783: Operator Precedence Logic Error

CWE-783: Operator Precedence Logic Error | RadicalNotion.AI

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

In the following example, the method validateUser makes a call to another method to authenticate a username and password for a user and returns a success or failure code.

Vulnerable example

#define FAIL 0

However, the method that authenticates the username and password is called within an if statement with incorrect operator precedence logic. Because the comparison operator "==" has a higher precedence than the assignment operator "=", the comparison operator will be evaluated first and if the method returns FAIL then the comparison will be true, the return variable will be set to true and SUCCESS will be returned. This operator precedence logic error can be easily resolved by properly using parentheses within the expression of the if statement, as shown below.

In this example, the method calculates the return on investment for an accounting/financial application. The return on investment is calculated by subtracting the initial investment costs from the current value and then dividing by the initial investment costs.

Vulnerable example

java

public double calculateReturnOnInvestment(double currentValue, double initialInvestment) {

CWE-783: Operator Precedence Logic Error

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Illustrative examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-783?

What CVEs are caused by CWE-783?

How do you prevent CWE-783?

How is CWE-783 detected?

What are the consequences of CWE-783?

Is CWE-783 actively exploited?

References

Stay ahead of CWE-783

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

How to detect it

Automated Static Analysis

Code examples

Illustrative examples

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-783?

What CVEs are caused by CWE-783?

How do you prevent CWE-783?

How is CWE-783 detected?

What are the consequences of CWE-783?

Is CWE-783 actively exploited?

References

Stay ahead of CWE-783