SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 71

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 72

changes.mady.by.user Sujay Jain

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

Can detect violations of this rule. It should look for patterns of (a op1 b) op2 c where:

    • c has a bigger type than a or b
    • Neither a nor b are typecast to c's type
    • op2 is assignment or comparison
Coverity6.5OVERFLOW_BEFORE_WIDENFully Implemented

Fortify SCA

5.0

 

Can detect violations of this rule with CERT C Rule Pack.

PRQA QA-C
Include Page
PRQA_V
PRQA_V

1890
1891
1892
1893
1894
1895
2790 (C)

Partially implemented.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding StandardINT35-CPP. Evaluate integer expressions in a larger size before comparing or assigning to that size
ISO/IEC TR 24772Numeric conversion errors [FLC]
MITRE CWECWE-681, Incorrect conversion between numeric types
CWE-190, Integer overflow (wrap or wraparound)

Bibliography

[Dowd 2006]Chapter 6, "C Language Issues"
[Seacord 2005a]Chapter 5, "Integer Security"