SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 53

changes.mady.by.user Chad Dougherty

Saved on

compared with

New Version 54

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider (sch jbop) (X_X)@==(Q_Q)@

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP33-C

3 (high)

1 (unlikely)

2 (medium)

P6

L2

Automated Detection

The Coverity Prevent UNINIT checker can find cases of when an uninitialized variable is used before it is initialized, although it cannot detect cases of uninitialized members of a struct. Coverity Prevent cannot discover all violations of this rule so further verification is necessary.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[mercy|AA. C References#mercy]\]
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.7.8, "Initialization"
\[[Halvar|http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Flake.pdf]\]