| Checker | CERT-C | CERT-CPP | Description |
arithOperationsOnVoidPointer | API04-C. Provide a consistent and usable error-checking mechanism | Fully implemented | | arrayIndexOutOfBoundsCond | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| assignmentInAssert | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
autoVariables | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | Fully implemented | autovarInvalidDeallocation | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | Fully implemented | | C01 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | CTR52-CPP. Guarantee that library functions do not overflow | Fully implemented |
| C02 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C03 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C04 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | CTR52-CPP. Guarantee that library functions do not overflow | Fully implemented |
C05 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | Fully implemented | | C06 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
C07 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | Fully implemented | | C08 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C08 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
C09 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | Fully implemented | C10 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | Fully implemented | | C101 | ARR32-C. Ensure size arguments for variable length arrays are in a valid range | | Fully implemented |
| C107 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array | | Fully implemented |
C109 | ARR38-C. Guarantee that library functions do not form invalid pointers | Fully implemented | C11 | CON02-C. Do not use volatile as a synchronization primitive | Fully implemented | C12 | CON05-C. Do not perform operations that can block while holding a lock | Fully implemented | C122 | CON40-C. Do not refer to an atomic variable twice in an expression | Fully implemented | C123 | CON40-C. Do not refer to an atomic variable twice in an expression | Fully implemented | C126 | DCL01-C. Do not reuse variable names in subscopes | Fully implemented | C127 | DCL01-C. Do not reuse variable names in subscopes | Fully implemented | C129 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C13 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C130 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C132 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C133 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C135 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C14 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C15 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C154 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C155 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | C16 | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const | Fully implemented | | C17 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | FIO50-CPP. Do not alternately input and output from a file stream without an intervening positioning call | Fully implemented |
| C176 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C177 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C178 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C179 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C18 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
C19 | DCL31-C. Declare identifiers before using them | Fully implemented | C20 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary | Fully implemented | C21 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary | Fully implemented | C22 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary | Fully implemented | C23 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary | Fully implemented | | C24 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array | STR52-CPP. Use valid references, pointers, and iterators to reference elements of a basic_string | Fully implemented |
C25 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary | Fully implemented | C26 | DCL40-C. Do not create incompatible declarations of the same function or object | Fully implemented | C27 | ENV30-C. Do not modify the object referenced by the return value of certain functions | Fully implemented | C28 | ENV30-C. Do not modify the object referenced by the return value of certain functions | Fully implemented | C29 | ENV30-C. Do not modify the object referenced by the return value of certain functions | Fully implemented | C31 | ERR04-C. Choose an appropriate termination strategy | Fully implemented | C32 | ERR05-C. Application-independent code should provide error detection without dictating error handling | Fully implemented | C32 | ERR05-C. Application-independent code should provide error detection without dictating error handling | Fully implemented | C33 | ERR05-C. Application-independent code should provide error detection without dictating error handling | Fully implemented | C33 | ERR05-C. Application-independent code should provide error detection without dictating error handling | Fully implemented | C34 | ERR32-C. Do not rely on indeterminate values of errno | Fully implemented | C35 | ERR51-CPP. Handle all exceptions | Fully implemented | C36 | EXP00-C. Use parentheses for precedence of operation | Fully implemented | C37 | EXP08-C. Ensure pointer arithmetic is used correctly | Fully implemented | C38 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | C39 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | C40 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | C42 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | C44 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | C45 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | C46 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | C46 | EXP09-C. Use sizeof to determine the size of a type or variable | Fully implemented | | C47 | EXP12-C. Do not ignore values returned by functions | | Fully implemented |
| C48 | EXP12-C. Do not ignore values returned by functions | | Fully implemented |
C49 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | Fully implemented | C50 | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int | Fully implemented | C51 | EXP19-C. Use braces for the body of an if, for, or while statement | Fully implemented | C52 | DCL03-C. Use a static assertion to test the value of a constant expression | Fully implemented | | C53 | EXP30-C. Do not depend on the order of evaluation for side effects | EXP50-CPP. Do not depend on the order of evaluation for side effects | Fully implemented |
| C54 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C55 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C56 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C57 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C58 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C59 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C60 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C61 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C62 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C63 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C64 | EXP34-C. Do not dereference null pointers | | Fully implemented |
C64 | EXP34-C. Do not dereference null pointers | Fully implemented | C65 | EXP34-C. Do not dereference null pointers | Fully implemented | C65 | EXP34-C. Do not dereference null pointers | Fully implemented | | C66 | EXP34-C. Do not dereference null pointers | | Fully implemented |
C67 | EXP36-C. Do not cast pointers into more strictly aligned pointer types | Fully implemented | C68 | EXP36-C. Do not cast pointers into more strictly aligned pointer types | Fully implemented | C69 | EXP36-C. Do not cast pointers into more strictly aligned pointer types | Fully implemented | C70 | EXP36-C. Do not cast pointers into more strictly aligned pointer types | Fully implemented | C71 | EXP37-C. Call functions with the correct number and type of arguments | Fully implemented | C73 | EXP40-C. Do not modify constant objects | Fully implemented | | C73 | EXP46-C. Do not use a bitwise operator with a Boolean-like operand | | Fully implemented |
C74 | EXP46-C. Do not use a bitwise operator with a Boolean-like operand | Fully implemented | C75 | EXP47-C. Do not call va_arg with an argument of the incorrect type | Fully implemented | C76 | FIO21-C. Do not create temporary files in shared directories | Fully implemented | | C77 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | | Fully implemented |
| C78 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | | Fully implemented |
C79 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | Fully implemented | | C80 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | | Fully implemented |
| C80 | FIO42-C. Close files when they are no longer needed | FIO51-CPP. Close files when they are no longer needed | Fully implemented |
| C81 | FIO47-C. Use valid format strings | | Fully implemented |
| C82 | FIO47-C. Use valid format strings | | Fully implemented |
| C83 | FIO47-C. Use valid format strings | | Fully implemented |
| C83 | FIO47-C. Use valid format strings | | Fully implemented |
| C84 | FIO47-C. Use valid format strings | | Fully implemented |
| C85 | FIO47-C. Use valid format strings | | Fully implemented |
| C86 | FIO47-C. Use valid format strings | | Fully implemented |
C86 | FIO47-C. Use valid format strings | Fully implemented | C87 | FLP03-C. Detect and handle floating-point errors | Fully implemented | | c88 | FLP34-C. Ensure that floating-point conversions are within range of the new type | | Fully implemented |
| C92 | FLP34-C. Ensure that floating-point conversions are within range of the new type | | Fully implemented |
C999 | INT01-C. Use size_t or rsize_t for all integer values representing the size of an object | Fully implemented | CbOB | INT02-C. Understand integer conversion rules | Fully implemented | CconstVariable | INT02-C. Understand integer conversion rules | Fully implemented | CdLT | INT02-C. Understand integer conversion rules | Fully implemented | CdoubleFree | INT02-C. Understand integer conversion rules | Fully implemented | CduplicateCondition | INT02-C. Understand integer conversion rules | Fully implemented | CE8 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | CE11 | INT02-C. Understand integer conversion rules | Fully implemented | CE12 | INT02-C. Understand integer conversion rules | Fully implemented | CE13 | INT02-C. Understand integer conversion rules | Fully implemented | CE256 | INT02-C. Understand integer conversion rules | Fully implemented | CE6 | INT02-C. Understand integer conversion rules | Fully implemented | CE6_S | INT02-C. Understand integer conversion rules | Fully implemented | CE7 | INT02-C. Understand integer conversion rules | Fully implemented | CfCO | INT02-C. Understand integer conversion rules | Fully implemented | CinvalidLifetime | INT02-C. Understand integer conversion rules | Fully implemented | CinvalidScanfArgType_int | INT02-C. Understand integer conversion rules | Fully implemented | CiRV | INT02-C. Understand integer conversion rules | Fully implemented | CiSFW | INT02-C. Understand integer conversion rules | Fully implemented | CknownConditionTrueFalse | INT02-C. Understand integer conversion rules | Fully implemented | clarifyCalculation | INT08-C. Verify that all integer values are in range | Fully implemented | ClRVNU | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | Fully implemented | CmAD | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | Fully implemented | CmemleakOnRealloc | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | Fully implemented | CmissingReturn | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | Fully implemented | CMR | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | Fully implemented | | CmVOOR | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | | Fully implemented |
| CnAS | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | | Fully implemented |
CNI | INT32-C. Ensure that operations on signed integers do not result in overflow | Fully implemented | CnPDA | INT32-C. Ensure that operations on signed integers do not result in overflow | Fully implemented | ConfigurationNotChecked | INT32-C. Ensure that operations on signed integers do not result in overflow | Fully implemented | constParameter | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors | Fully implemented | CoOB | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors | Fully implemented | | CPP_01 | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors | | Fully implemented |
CPP_02 | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors | Fully implemented | | CPP_03 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand | | Fully implemented |
| CPP_04 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand | | Fully implemented |
CPP_05 | INT36-C. Converting a pointer to integer or integer to pointer | Fully implemented | CPP_06 | INT36-C. Converting a pointer to integer or integer to pointer | Fully implemented | CPP_07 | MEM03-C. Clear sensitive information stored in reusable resources | Fully implemented | CPP_08 | MEM04-C. Beware of zero-length allocations | Fully implemented | CPP_09 | MEM04-C. Beware of zero-length allocations | Fully implemented | CPP_10 | MEM05-C. Avoid large stack allocations | Fully implemented | CPP_11 | MEM10-C. Define and use a pointer validation function | Fully implemented | | CPP_12 | MEM30-C. Do not access freed memory | MEM50-CPP. Do not access freed memory | Fully implemented |
| CPP_14 | MEM30-C. Do not access freed memory | MEM50-CPP. Do not access freed memory | Fully implemented |
| CPP_15 | MEM30-C. Do not access freed memory | MEM50-CPP. Do not access freed memory | Fully implemented |
| CPP_17 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_18 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
CPP_22 | MEM31-C. Free dynamically allocated memory when no longer needed | Fully implemented | CPP_23 | MEM31-C. Free dynamically allocated memory when no longer needed | Fully implemented | | CPP_24 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_25 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_26 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_27 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_28 | MEM33-C. Allocate and copy structures containing a flexible array member dynamically | MEM53-CPP. Explicitly construct and destruct objects when manually managing object lifetime | Fully implemented |
| CPP_29 | MEM33-C. Allocate and copy structures containing a flexible array member dynamically | MEM53-CPP. Explicitly construct and destruct objects when manually managing object lifetime | Fully implemented |
| CPP_31 | MEM34-C. Only free memory allocated dynamically | | Fully implemented |
CPP_32 | MEM34-C. Only free memory allocated dynamically | Fully implemented | CPP_33 | MEM34-C. Only free memory allocated dynamically | Fully implemented | | CPP_34 | MEM34-C. Only free memory allocated dynamically | | Fully implemented |
CPP_35 | MEM34-C. Only free memory allocated dynamically | Fully implemented | CPP_36 | MEM34-C. Only free memory allocated dynamically | Fully implemented | CPP_39 | MEM35-C. Allocate sufficient memory for an object | Fully implemented | CPP_40 | MEM35-C. Allocate sufficient memory for an object | Fully implemented | CPP_41 | MEM35-C. Allocate sufficient memory for an object | Fully implemented | CPP_42 | MEM50-CPP. Do not access freed memory | Fully implemented | CPP_43 | MEM50-CPP. Do not access freed memory | Fully implemented | CPP_44 | MSC01-C. Strive for logical completeness | Fully implemented | CPP_45 | MSC01-C. Strive for logical completeness | Fully implemented | CPP_46 | MSC01-C. Strive for logical completeness | Fully implemented | CPP_47 | MSC01-C. Strive for logical completeness | Fully implemented | CPP_48 | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources | Fully implemented | CPP_55 | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources | Fully implemented | CPP_56 | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources | Fully implemented | CPP_57 | MSC07-C. Detect and remove dead code | Fully implemented | CPP_58 | MSC07-C. Detect and remove dead code | Fully implemented | CPP_59 | MSC07-C. Detect and remove dead code | Fully implemented | CPP_60 | MSC07-C. Detect and remove dead code | Fully implemented | CPP_61 | MSC07-C. Detect and remove dead code | Fully implemented | CPP_62 | MSC07-C. Detect and remove dead code | Fully implemented | CPP_uninitvar | MSC07-C. Detect and remove dead code | Fully implemented | CPPCrypt | MSC07-C. Detect and remove dead code | Fully implemented | CPPDSLHardcoded | MSC07-C. Detect and remove dead code | Fully implemented | CPPDSLRAND | MSC07-C. Detect and remove dead code | Fully implemented | CPPDSLWES | MSC07-C. Detect and remove dead code | Fully implemented | CpPED | MSC07-C. Detect and remove dead code | Fully implemented | CPPEnterCriticalSection | MSC07-C. Detect and remove dead code | Fully implemented | CPPIsBadWritePtr | MSC07-C. Detect and remove dead code | Fully implemented | CPPLoadLibrary | MSC07-C. Detect and remove dead code | Fully implemented | CPPLoop | MSC07-C. Detect and remove dead code | Fully implemented | CPPOftenMisused | MSC09-C. Character encoding: Use subset of ASCII for safety | Fully implemented | CPPPBE | MSC11-C. Incorporate diagnostic tests using assertions | Fully implemented | CPPStackBased | MSC11-C. Incorporate diagnostic tests using assertions | Fully implemented | CPtr | MSC12-C. Detect and remove code that has no effect or is never executed | Fully implemented | CredundantInitialization | MSC12-C. Detect and remove code that has no effect or is never executed | Fully implemented | CreturnDanglingLifetime | MSC12-C. Detect and remove code that has no effect or is never executed | Fully implemented | CsFPC | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code | Fully implemented | CsTMB | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code | Fully implemented | CstrdupCalled | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code | Fully implemented | ctuArrayIndex | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code | Fully implemented | ctuNullPointer | MSC20-C. Do not use a switch statement to transfer control into a complex block | Fully implemented | ctuOneDefinitionRuleViolation | MSC21-C. Use robust loop termination conditions | Fully implemented | CuEV | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | CvariableScope | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | CWE395TEST_2_CPP | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | CWE561P25 | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | CwPSPPE | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | CzDC | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | deallocret | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | integerOverflowCond | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | invalidContainer | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | invalidFunctionArg | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | leakUnsafeArgAlloc | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | memleak | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | memleakOnRealloc | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | noCopyConstructor | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | noOperatorEq | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | nullPointerRedundantCheck | MSC24-C. Do not use deprecated or obsolescent functions | Fully implemented | oppositeExpression | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | redundantPointerOp | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | RTOS_01 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | RTOS_02 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | RTOS_03 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | RTOS_04 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | RTOS_05 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | RTOS_06 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | | RTOS_07 | MSC30-C. Do not use the rand() function for generating pseudorandom numbers | MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers | Fully implemented |
| RTOS_08 | MSC32-C. Properly seed pseudorandom number generators | MSC51-CPP. Ensure your random number generator is properly seeded | Fully implemented |
| RTOS_09 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
| RTOS_10 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
| RTOS_11 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
| RTOS_12 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
RTOS_13 | MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value | Fully implemented | RTOS_14 | MSC41-C. Never hard code sensitive information | Fully implemented | RTOS_15 | MSC41-C. Never hard code sensitive information | Fully implemented | RTOS_16 | MSC41-C. Never hard code sensitive information | Fully implemented | RTOS_17 | MSC41-C. Never hard code sensitive information | Fully implemented | RTOS_18 | MSC25-C. Do not use insecure or weak cryptographic algorithms | Fully implemented | RTOS_19 | POS01-C. Check for the existence of links when dealing with files | Fully implemented | RTOS_20 | POS52-C. Do not perform operations that can block while holding a POSIX lock | Fully implemented | RTOS_22 | PRE04-C. Do not reuse a standard header file name | Fully implemented | RTOS_23 | PRE04-C. Do not reuse a standard header file name | Fully implemented | RTOS_24 | PRE04-C. Do not reuse a standard header file name | Fully implemented | RTOS_25 | PRE04-C. Do not reuse a standard header file name | Fully implemented | RTOS_26 | PRE13-C. Use the Standard predefined macros to test for versions and features. | Fully implemented | | RTOS_27 | PRE30-C. Do not create a universal character name through concatenation | | Fully implemented |
RTOS_28 | PRE31-C. Avoid side effects in arguments to unsafe macros | Fully implemented | RTOS_29 | PRE31-C. Avoid side effects in arguments to unsafe macros | Fully implemented | RTOS_30 | PRE31-C. Avoid side effects in arguments to unsafe macros | Fully implemented | RTOS_31 | STR05-C. Use pointers to const when referring to string literals | Fully implemented | | RTOS_33 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| RTOS_34 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| shadowVariable | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| shiftTooManyBits | STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string | STR51-CPP. Do not attempt to create a std::string from a null pointer | Fully implemented |
UNSAFE_01 | STR37-C. Arguments to character-handling functions must be representable as an unsigned char | Fully implemented | UNSAFE_02 | STR38-C. Do not confuse narrow and wide character strings and functions | Fully implemented | | UNSAFE_03 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| UNSAFE_04 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
UNSAFE_05 | WIN02-C. Restrict privileges when spawning child processes | Fully implemented | UNSAFE_06 | OOP52-CPP. Do not delete a polymorphic object without a virtual destructor | Fully implemented | UNSAFE_07 | OOP50-CPP. Do not invoke virtual functions from constructors or destructors | Fully implemented | UNSAFE_08 | CON53-CPP. Avoid deadlock by locking in a predefined order | Fully implemented | UNSAFE_09 | DCL50-CPP. Do not define a C-style variadic function | Fully implemented | va_end_missing | ERR59-CPP. Do not throw an exception across execution boundaries | Fully implemented | va_start_subsequentCalls | MEM56-CPP. Do not store an already-owned pointer value in an unrelated smart pointer | Fully implemented | wcsdupCalled | MEM51-CPP. Properly deallocate dynamically allocated resources | Fully implemented | zerodiv | Fully implemented |
