• CodeQL query help documentation »
• CodeQL query help for C and C++ »

Bad check for oddness

ID: cpp/incomplete-parity-check
Kind: problem
Security severity: 
Severity: warning
Precision: medium
Tags:
   - reliability
   - correctness
   - types
Query suites:
   - cpp-security-and-quality.qls

Click to see the query in the CodeQL repository

This rule finds code that uses x % 2 == 1 to check whether a number x is odd, which does not work for negative numbers. Applying % to negative numbers produces negative results. For example, (-5) % 2 equals -1, not 1. As a result, this check incorrectly considers all negative numbers as even.

Recommendation

Consider using x % 2 != 0 or (x & 1) == 1 instead.

References

• MSDN Library: Multiplicative Operators and the Modulus Operator.

• Wikipedia: Modulo Operation - Common pitfalls.

• © GitHub, Inc.
• Terms
• Privacy