These are rules and recommendations for functions that are defined as part of the POSIX family of standards but are not included in ISO/IEC 9899-1999. These rules and recommendations are not part of the core standard because they do not apply in all C language applications and because they represent an incomplete list. The intent of providing these rules is to demonstrate how rules and recommendations for other standards or specific implementations may be integrated with the core C99 recommendations.
Recommendations
POS00-AC. Avoid race conditions with multiple threads
POS01-AC. Check for the existence of links when dealing with files
POS02-AC. Follow the principle of least privilege
Rules
POS30-C. Use the readlink() function properly
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
POS00-A C | medium | probable | high | P4 | L3 |
POS01-A C | medium | likely | high | P6 | L2 |
POS02-A C | high | likely | high | P9 | L2 |
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
POS30-C | high | probable | medium | P12 | L1 |
POS31-C | medium | probable | high | P4 | L3 |
POS32-C | medium | probable | medium | P8 | L2 |
POS33-C | low | probable | low | P6 | L2 |
POS34-C | high | unlikely | medium | P6 | L2 |
POS35-C | high | likely | medium | P18 | L1 |
POS36-C | high | probable | medium | P12 | L1 |
POS37-C | high | probable | low | P18 | L1 |
...
MSC31-C. Ensure that return values are compared against the proper type 13. Miscellaneous (MSC) POS00-AC. Avoid race conditions with multiple threads