SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 81

changes.mady.by.user Anirban Gangopadhyay

Saved on

compared with

New Version 82

changes.mady.by.user Michal Rozenau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft C/C++test 10.4

...

Tool

Version

Checker

Description

Compass/ROSE



Can detect some violations of this rule. In particular, it ensures that calls to open() that are preceded by a call to lstat() are also followed by a call to fstat().

Coverity
Include Page
Coverity_V
Coverity_V

TOCTOU

Implemented
Klocwork
Include Page
Klocwork_V
Klocwork_V
SV.TOCTOU.FILE_ACCESS
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
SECURITY-19, BD-TRS-SYMLINK

CERT_C-POS35-a
CERT_C-POS35-b

Usage of functions prone to race is not allowed
Avoid race conditions while checking for the existence of a symbolic link

Implemented

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

File access between time of check and use (TOCTOU)

File or folder might change state due to access race

...