C checkers |
CERT C Secure Coding Standard |
101 S |
INT02-C. Understand integer conversion rules |
113 S |
MSC09-C. Character Encoding - Use Subset of ASCII for Safety |
115 S |
STR03-C. Do not inadvertently truncate a null-terminated byte string |
119 S |
MSC04-C. Use comments consistently and in a readable fashion |
120 S |
INT13-C. Use bitwise operators only on unsigned operands |
125 S |
PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
127 S |
ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
12 S |
MSC01-C. Strive for logical completeness |
131 S |
DCL01-C. Do not reuse variable names in subscopes |
132 S |
MSC02-C. Avoid errors of omission |
133 S |
EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
134 S |
EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
134 S |
EXP30-C. Do not depend on order of evaluation between sequence points |
135 S |
DCL07-C. Include the appropriate type information in function declarators |
139 S |
MSC07-C. Detect and remove dead code |
140 S |
MSC07-C. Detect and remove dead code |
157 S |
STR05-C. Use pointers to const when referring to string literals |
157 S |
STR30-C. Do not attempt to modify string literals |
15 D |
MSC13-C. Detect and remove unused values |
170 S |
DCL07-C. Include the appropriate type information in function declarators |
170 S |
EXP37-C. Call functions with the arguments intended by the API |
176 S |
MSC10-C. Character Encoding - UTF8 Related Issues |
177 S |
DCL04-C. Do not declare more than one variable per declaration |
17 D |
DCL32-C. Guarantee that mutually visible identifiers are unique |
1 D |
MSC13-C. Detect and remove unused values |
1 J |
MSC07-C. Detect and remove dead code |
1 Q |
EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
1 Q |
EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
1 Q |
EXP30-C. Do not depend on order of evaluation between sequence points |
1 X |
ARR31-C. Use consistent array notation across all source files |
200 S |
DCL00-C. Const-qualify immutable objects |
201 S |
DCL06-C. Use meaningful symbolic constants to represent literal values |
201 S |
EXP07-C. Do not diminish the benefits of constants by assuming their values in expressions |
201 S |
EXP09-C. Use sizeof to determine the size of a type or variable |
203 S |
EXP05-C. Do not cast away a const qualification |
20 S |
DCL31-C. Declare identifiers before using them |
218 S |
PRE04-C. Do not reuse a standard header file name |
21 S |
DCL07-C. Include the appropriate type information in function declarators |
243 S |
PRE06-C. Enclose header files in an inclusion guard |
248 S |
INT33-C. Ensure that division and modulo operations do not result in divide-by-zero errors |
24 D |
DCL31-C. Declare identifiers before using them |
273 S |
PRE03-C. Prefer typedefs to defines for encoding types |
27 D |
DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
299 S |
DCL05-C. Use typedefs to improve code readability |
302 S |
MSC04-C. Use comments consistently and in a readable fashion |
30 S |
EXP30-C. Do not depend on order of evaluation between sequence points |
30 S |
EXP31-C. Avoid side effects in assertions |
326 S |
DCL31-C. Declare identifiers before using them |
329 S |
INT07-C. Use only explicitly signed or unsigned char type for numeric values |
331 S |
INT13-C. Use bitwise operators only on unsigned operands |
332 S |
INT02-C. Understand integer conversion rules |
334 S |
INT02-C. Understand integer conversion rules |
340 S |
PRE00-C. Prefer inline or static functions to function-like macros |
344 S |
EXP32-C. Do not access a volatile object through a non-volatile reference |
352 S |
DCL12-C. Implement abstract data types using opaque types |
355 S |
DCL32-C. Guarantee that mutually visible identifiers are unique |
35 D |
EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
35 D |
EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
35 D |
EXP30-C. Do not depend on order of evaluation between sequence points |
361 S |
EXP00-C. Use parentheses for precedence of operation |
376 S |
MSC10-C. Character Encoding - UTF8 Related Issues |
381 S |
DCL05-C. Use typedefs to improve code readability |
382 S |
EXP12-C. Do not ignore values returned by functions |
387 S |
DCL08-C. Properly encode relationships in constant definitions |
397 S |
ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
400 S |
EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members |
401 S |
ARR00-C. Understand how arrays work |
401 S |
ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array |
403 S |
INT34-C. Do not shift a negative number of bits or more bits than exist in the operand |
404 S |
ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
406 S |
EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
408 S |
EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
41 D |
EXP37-C. Call functions with the arguments intended by the API |
41 S |
DCL10-C. Maintain the contract between the writer and caller of variadic functions |
41 S |
DCL11-C. Understand the type issues associated with variadic functions |
42 D |
DCL30-C. Declare objects with appropriate storage durations |
432 S |
INT07-C. Use only explicitly signed or unsigned char type for numeric values |
433 S |
INT02-C. Understand integer conversion rules |
433 S |
INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
434 S |
INT02-C. Understand integer conversion rules |
434 S |
INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
434 S |
STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
438 S |
ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
438 S |
EXP08-C. Ensure pointer arithmetic is used correctly |
439 S |
INT15-C. Use intmax_t or uintmax_t for formatted IO on programmer-defined integer types |
43 D |
INT32-C. Ensure that operations on signed integers do not result in overflow |
43 D |
INT33-C. Ensure that division and modulo operations do not result in divide-by-zero errors |
440 S |
INT15-C. Use intmax_t or uintmax_t for formatted IO on programmer-defined integer types |
442 S |
FLP33-C. Convert integers to floating point for floating point operations |
442 S |
INT02-C. Understand integer conversion rules |
443 S |
FLP33-C. Convert integers to floating point for floating point operations |
443 S |
INT02-C. Understand integer conversion rules |
444 S |
FLP33-C. Convert integers to floating point for floating point operations |
446 S |
INT02-C. Understand integer conversion rules |
44 S |
DCL03-C. Use a static assertion to test the value of a constant expression |
44 S |
INT06-C. Use strtol() or a related function to convert a string token to an integer |
452 S |
INT02-C. Understand integer conversion rules |
456 S |
MSC31-C. Ensure that return values are compared against the proper type |
457 S |
INT02-C. Understand integer conversion rules |
458 S |
INT02-C. Understand integer conversion rules |
458 S |
INT07-C. Use only explicitly signed or unsigned char type for numeric values |
45 D |
EXP08-C. Ensure pointer arithmetic is used correctly |
45 D |
EXP34-C. Do not dereference null pointers |
476 S |
ARR30-C. Do not form or use out of bounds pointers or array subscripts |
47 S |
ARR30-C. Do not form or use out of bounds pointers or array subscripts |
480 S |
DCL33-C. Ensure that restrict-qualified source and destination pointers in function arguments do not reference overlapping objects |
483 S |
MEM34-C. Only free memory allocated dynamically |
484 S |
MEM31-C. Free dynamically allocated memory exactly once |
486 S |
FIO00-C. Take care when creating format strings |
487 S |
MEM35-C. Allocate sufficient memory for an object |
488 S |
INT08-C. Verify that all integer values are in range |
489 S |
DCL33-C. Ensure that restrict-qualified source and destination pointers in function arguments do not reference overlapping objects |
489 S |
FIO43-C. Do not create temporary files in shared directories |
491 S |
INT02-C. Understand integer conversion rules |
493 S |
INT32-C. Ensure that operations on signed integers do not result in overflow |
494 S |
INT32-C. Ensure that operations on signed integers do not result in overflow |
496 S |
EXP37-C. Call functions with the arguments intended by the API |
49 D |
FIO42-C. Ensure files are properly closed when they are no longer needed |
50 D |
MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
50 S |
INT13-C. Use bitwise operators only on unsigned operands |
51 D |
MEM30-C. Do not access freed memory |
52 S |
INT02-C. Understand integer conversion rules |
53 D |
EXP08-C. Ensure pointer arithmetic is used correctly |
540 S |
EXP36-C. Do not convert pointers into more strictly aligned pointer types |
54 D |
EXP08-C. Ensure pointer arithmetic is used correctly |
54 S |
EXP06-C. Operands to the sizeof operator should not contain side effects |
553 S |
DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
562 S |
PRE31-C. Avoid side-effects in arguments to unsafe macros |
568 S |
PRE04-C. Do not reuse a standard header file name |
573 S |
PRE30-C. Do not create a universal character name through concatenation |
575 S |
DCL36-C. Do not declare an identifier with conflicting linkage classifications |
576 S |
DCL35-C. Do not invoke a function using a type that does not match the function definition |
576 S |
EXP08-C. Ensure pointer arithmetic is used correctly |
577 S |
EXP01-C. Do not take the size of a pointer to determine the size of the pointed-to type |
578 S |
EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members |
579 S |
DCL04-C. Do not declare more than one variable per declaration |
57 S |
MSC12-C. Detect and remove code that has no effect |
584 S |
INT10-C. Do not assume a positive remainder when using the % operator |
585 S |
INT14-C. Avoid performing bitwise and arithmetic operations on the same data |
586 S |
INT15-C. Use intmax_t or uintmax_t for formatted IO on programmer-defined integer types |
588 S |
ENV04-C. Do not call system() if you do not need a command processor |
589 S |
FIO00-C. Take care when creating format strings |
590 S |
FIO11-C. Take care when specifying the mode parameter of fopen() |
591 S |
FIO38-C. Do not use a copy of a FILE object for input and output |
592 S |
FIO01-C. Be careful using functions that use file names for identification |
593 S |
FIO07-C. Prefer fseek() to rewind() |
594 S |
FIO12-C. Prefer setvbuf() to setbuf() |
600 S |
STR32-C. Null-terminate byte strings as required |
602 S |
STR06-C. Do not assume that strtok() leaves the parse string unchanged |
61 D |
DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
61 X |
DCL32-C. Guarantee that mutually visible identifiers are unique |
62 D |
DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
64 X |
ARR30-C. Do not form or use out of bounds pointers or array subscripts |
65 D |
MSC12-C. Detect and remove code that has no effect |
67 X |
DCL02-C. Use visually distinct identifiers |
68 X |
ARR30-C. Do not form or use out of bounds pointers or array subscripts |
69 D |
ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
69 X |
ARR30-C. Do not form or use out of bounds pointers or array subscripts |
70 D |
MSC12-C. Detect and remove code that has no effect |
70 D |
MSC13-C. Detect and remove unused values |
71 S |
DCL30-C. Declare objects with appropriate storage durations |
72 D |
EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
73 S |
INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
74 D |
EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
75 D |
FIO31-C. Do not open a file that is already open |
77 S |
PRE02-C. Macro replacement lists should be parenthesized |
78 D |
DCL00-C. Const-qualify immutable objects |
78 S |
PRE01-C. Use parentheses within macros around parameter names |
78 S |
PRE02-C. Macro replacement lists should be parenthesized |
79 S |
PRE03-C. Prefer typedefs to defines for encoding types |
80 D |
FIO04-C. Detect and handle input and output errors |
81 D |
FIO08-C. Take care when calling remove() on an open file |
81 S |
PRE07-C. Avoid using repeated question marks |
82 D |
FIO44-C. Only use values for fsetpos() that are returned from fgetpos() |
83 D |
FIO13-C. Never push back anything other than one read character |
84 D |
FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call |
85 D |
FIO02-C. Canonicalize path names originating from untrusted sources |
85 S |
INT09-C. Ensure enumeration constants map to unique values |
86 D |
FIO30-C. Exclude user input from format strings |
87 D |
SIG31-C. Do not access or modify shared objects in signal handlers |
88 D |
SIG32-C. Do not call longjmp() from inside a signal handler |
89 D |
SIG33-C. Do not recursively invoke the raise() function |
93 D |
DCL00-C. Const-qualify immutable objects |
93 S |
INT01-C. Use rsize_t or size_t for all integer values representing the size of an object |
93 S |
INT02-C. Understand integer conversion rules |
93 S |
INT07-C. Use only explicitly signed or unsigned char type for numeric values |
93 S |
INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
94 D |
MSC13-C. Detect and remove unused values |
94 S |
EXP11-C. Do not apply operators expecting one type to data of an incompatible type |
94 S |
EXP36-C. Do not convert pointers into more strictly aligned pointer types |
94 S |
INT11-C. Take care when converting from pointer to integer or integer to pointer |
95 S |
EXP11-C. Do not apply operators expecting one type to data of an incompatible type |
96 S |
INT02-C. Understand integer conversion rules |
98 S |
EXP37-C. Call functions with the arguments intended by the API |
99 S |
MSC02-C. Avoid errors of omission |
9 S |
EXP30-C. Do not depend on order of evaluation between sequence points |
9 S |
EXP31-C. Avoid side effects in assertions |
9 S |
FIO41-C. Do not call getc() or putc() with stream arguments that have side effects |
9 S |
PRE31-C. Avoid side-effects in arguments to unsafe macros |
|
API00-C. Functions should validate their parameters |
|
DCL37-C. Do not declare or define a reserved identifier |
|
EXP16-C. Do not compare function pointers to constant values |
|
EXP18-C. Do not perform assignments in selection statements |
|
MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type |
|
MEM09-C. Do not assume memory allocation functions initialize memory |
|
MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
|
POS33-C. Do not use vfork() |
|
STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
|
STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
|
STR35-C. Do not copy data from an unbounded source to a fixed-length array |