SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 107

changes.mady.by.user Astha Singhal

Saved on

compared with

New Version 108

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Immutable objects should be const-qualified. Enforcing object immutability using const-qualification helps ensure the correctness and security of applications. ISO/IEC TR 24772, for example, recommends labeling parameters as constant to avoid the unintentional modification of function arguments [ISO/IEC TR 24772]. See recommendation STR05-C. Use pointers to const when referring to string literals describes a specialized case of this recommendation.

Adding const qualification may propagate through a program; as you add const, qualifiers become still more become necessary. This phenomenon is sometimes called const poisoning, which can frequently lead to violations of recommendation EXP05-C. Do not cast away a const qualification. While Although const qualification is a good idea, the costs may outweigh the value in the remediation of existing code.

Macros, A macro or an enumeration constant , may also be used instead of a const-qualified object. Reocmmendation DCL06-C. Use meaningful symbolic constants to represent literal values describes the relative merits of using const-qualified objects, enumeration constants, and object-like macros. However, adding a const qualifier to an existing variable is a better first step than replacing the variable with an enumeration constant or macro because the compiler will issue warnings on any code that changes your const-qualified variable. Once you have verified that a const-qualified variable is not changed by any code, you may consider changing it to an enumeration constant or macro, as best fits your design.

...

Code Block
bgColor#FFCCCC
langc

float pi = 3.14159f;
float degrees;
float radians;
/* ... */
radians = degrees * pi / 180;

...

Code Block
bgColor#ccccff
langc

const float pi = 3.14159f;
float degrees;
float radians;
/* ... */
radians = degrees * pi / 180;

...

DCL00-EX1: It is acceptable to define valueless macros to serve as '"inclusion guards'." That is, the macro serves to control the multiple inclusion of header files, as in the following example:

Code Block

#ifndef SOME_HEADER_H
#define SOME_HEADER_H
...  // content of header file
#endif

See recommendation PRE06-C. Enclose header files in an inclusion guard for more information on inclusion guards.

...

section

Tool

Version

Checker

Description

Compass/ROSE

 

 

 

section

LDRA tool suite

Include Page
LDRA_V
LDRA_V
section

78 D
93 D
200 S

section

Fully

Implemented

implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

CERT C++ Secure Coding Standard: DCL00-CPP. Const-qualify immutable objects

ISO/IEC 9899:19992011 Section 6.7.3, "Type qualifiers"

...