SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 84

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 85

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Wiki MarkupConversions can occur explicitly as the result of a cast or implicitly as required by an operation. While conversions are generally required for the correct execution of a program, they can also lead to lost or misinterpreted data. Conversion of an operand value to a compatible type causes no change to the value or the representation \[ [ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\].

The C99 integer conversion rules define how C compilers handle conversions. These rules include integer promotions, integer conversion rank, and the usual arithmetic conversions. The intent of the rules is to ensure that the conversions result in the same numerical values, and that these values minimize surprises in the rest of the computation. Prestandard C usually preferred to preserve signedness of the type.

...

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

INT02-C

medium

probable

medium

P8

L2

Automated Detection

Tool

Version

Checker

Description

Section

LDRA tool suite

Include Page
c:LDRA_Vc:
LDRA_V
Section

52 S
93 S
96 S
101 S
332 S
334 S
433 S
434 S
442 S
443 S
446 S
452 S
457 S
458 S
491 S

Section

Fully Implemented

...

MITRE CWE: CWE-197, "Numeric Truncation Error"

Bibliography

Wiki Markup\[[Dowd 2006|AA. Bibliography#Dowd 06] \] Chapter 6, "C Language Issues" (Type Conversions 223—270) \[Conversions 223—270)
[Seacord 2005a|AA. Bibliography#Seacord 05]\] Chapter 5, "Integers"

...

INT01-C. Use rsize_t or size_t for all integer values representing the size of an object      04. Integers (INT)