SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 75

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 76

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This noncompliant code example can result in an error condition on implementations in which an arithmetic shift is performed, and the sign bit is propagated as the number is shifted [Dowd 2006].:

Code Block
bgColor#FFcccc
langc
int rc = 0;
int stringify = 0x80000000;
char buf[sizeof("256")];
rc = snprintf(buf, sizeof(buf), "%u", stringify >> 24);
if (rc == -1 || rc >= sizeof(buf)) {
  /* handle error */
}

...

In this compliant solution, stringify is declared as an unsigned integer. The value of the result of the right-shift operation is the integral part of the quotient of stringify / 2^24.2 ^ 24:

Code Block
bgColorccccff
langc
int rc = 0;
unsigned int stringify = 0x80000000;
char buf[sizeof("256")];
rc = snprintf(buf, sizeof(buf), "%u", stringify >> 24);
if (rc == -1 || rc >= sizeof(buf)) {
  /* handle error */
}

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

Can detect violations of this rule. In particular, it flags bitwise operations that involved variables not declared with unsigned type.

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

optrargs

Fully implemented.

Fortify SCA

5.0

 

Can detect violations of this recommendation with the CERT C Rule Pack.

LDRA tool suite

Include Page
LDRA_V
LDRA_V

50 S
120 S
331 S

Fully implemented.

PRQA QA-C
Include Page
PRQA_V
PRQA_V

0502
4130
4131

Fully implemented.

Splint

Include Page
Splint_V
Splint_V

 

 

...