SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 86

changes.mady.by.user Aaron Ballman

Saved on

compared with

New Version 87

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFcccc
langc
long num_long;

if (scanf("%ld", &num_long) != 1) {
  /* handleHandle error */
}

In general, do not use scanf() to parse integers or floating-point numbers from input strings because the input could contain numbers not representable by the argument type.

...

Code Block
bgColor#ccccff
langc
long num_long;
errno = 0;

if (scanf("%ld", &num_long) != 1) {
  /* handleHandle error */
}
else if (ERANGE == errno) {
  if (puts("number out of range\n") == EOF) {
      /* Handle error */
  }
}

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

Can detect violations of this recommendation. In particular, it notes uses of the scanf() family of functions where on the type specifier is a floating-point or integer type

Fortify SCA

5.0

 

Can detect violations of this recommendation with the CERT C Rule Pack

PRQA QA-C
Include Page
PRQA_V
PRQA_V
Warncall for scanf etcFully implemented

...