SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 72

changes.mady.by.user Barbara White

Saved on

compared with

New Version 73

changes.mady.by.user Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this example, the call to the security-critical function is not executed.  A A reviewer examining this page could incorrectly assume that the code is executed.

If execution failure is failure is the result of an accidental omission, it is useful to use an editor that provides syntax highlighting or formats the code to help identify issues like missing end-comment delimiters.

...

Instead of using /* and */ to comment out blocks of code,  use use conditional compilation (for example, #if, #ifdef, or #ifndef):

Code Block
bgColor#ccccff
langc
#if 0  /*
        * Use of critical security function no
        * longer necessary.
         */
security_critical_function();
/* Some other comment */
#endif

...

This compliant solution takes advantage of the compiler's ability to remove unreachable (dead) code. The code inside the if block must remain acceptable to the compiler. If other parts of the program, such as macros, types, or function prototypes, later change in a way that would cause syntax errors, the unexecuted code must be brought up to date to correct the problem. Then, if it is needed again in the future,  the the programmer need only remove only remove the surrounding if statement and the NOTREACHED comment.

...

Code Block
bgColor#ccccff
langc
if (0) {  /*
           * Use of critical security function no
           * longer necessary, for now.
            */
  /*NOTREACHED*/
  security_critical_function();
  /* Some other comment */
}

This code is code is an instance of exception MSC07-C-EX2 to MSC07-C. Detect and remove dead code.

Noncompliant Code Example

Following are Following are some additional examples of comment styles that are confusing and should be avoided:

Code Block
bgColor#FFcccc
langc
// */          /* Comment, not syntax error */

f = g/**//h;   /* Equivalent to f = g / h; */

//\
i();           /* Part of a two-line comment */

/\
/ j();         /* Part of a two-line comment */


/*//*/ l();    /* Equivalent to l(); */

m = n//**/o
+ p;           /* Equivalent to m = n + p; */

a = b //*divisor:*/c
+d;            /*
                * Interpreted as a = b/c + d; in c90
                * compiler and a = b + d; in c99 compiler.
                 */

Compliant Solution

Use a consistent style of commenting:

...

Tool

Version

Checker

Description

GCC

Include Page
GCC_V
GCC_V
 

Can detect violations of this rule when the -Wcomment flag is used

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.MSC04

Fully implemented

LDRA tool suite

Include Page
LDRA_V
LDRA_V
119 S, 302 S, 611 S

Partially implemented

Parasoft C/C++test9.5MISRA2012-RULE-3_1{a,b,c}, COMMENT-13Fully implemented
PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
3108 

...