SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 61

changes.mady.by.user Melanie Thompson

Saved on

compared with

New Version 62

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this compliant solution, length is subtracted from SIZE_MAX, ensuring that wrapping cannot occur. See guideline rule INT30-C. Ensure that unsigned integer operations do not wrap.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding Standard: INT35-CPP. Evaluate integer expressions in a larger size before comparing or assigning to that size

Bibliography

unmigrated-wiki-markup

\[[Dowd 2006|AA. Bibliography#Dowd 06]\] Chapter 6, "C Language Issues" \[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.3.1, "Arithmetic operands" \[[

ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] TR 24772 "FLC Numeric Conversion Errors"

MITRE CWE: CWE-681, "Incorrect Conversion between Numeric Types"

MITRE CWE: CWE-190, "Integer Overflow (Wrap or Wraparound)"

Bibliography

Wiki Markup
\[[Dowd 2006|AA. Bibliography#Dowd 06]\] Chapter 6, "C Language Issues
\[[MITRE 2007|AA. Bibliography#MITRE 07]\] [CWE ID 681|http://cwe.mitre.org/data/definitions/681.html], "Incorrect Conversion between Numeric Types," and [CWE ID 190|http://cwe.mitre.org/data/definitions/190.html], "Integer Overflow (Wrap or Wraparound)"
\[[Seacord 2005a|AA. Bibliography#Seacord 05a]\] Chapter 5, "Integer Security"

...