Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

Comment: Edited by sciSpider $version (sch jbop) (X_X)@==(Q_Q)@

Recommendations

INT00-AC. Understand the data model used by your implementation(s)

INT01-AC. Use rsize_t or size_t for all integer values representing the size of an object

INT02-AC. Understand integer conversion rules

INT03-AC. Use a secure integer library

INT04-AC. Enforce limits on integer values originating from untrusted sources

INT05-AC. Do not use input functions to convert character data if they cannot handle all possible inputs

INT06-AC. Use strtol() or a related function to convert a string token to an integer

INT07-AC. Use only explicitly signed or unsigned char type for numeric values

INT08-AC. Verify that all integer values are in range

INT09-AC. Ensure enumeration constants map to unique values

INT10-AC. Do not assume a positive remainder when using the % operator

INT11-AC. Take care when converting from pointer to integer or integer to pointer

INT12-AC. Do not make assumptions about the type of a plain int bit-field when used in an expression

INT13-AC. Use bitwise operators only on unsigned operands

INT14-AC. Avoid performing bitwise and arithmetic operations on the same data

INT15-AC. Use intmax_t or uintmax_t for formatted IO on programmer-defined integer types

Rules

INT30-C. Ensure that unsigned integer operations do not wrap

...

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
INT00-A C	high	unlikely	high	P3	L3
INT01-A C	medium	probable	medium	P8	L2
INT02-A C	medium	probable	medium	P8	L2
INT03-A C	medium	probable	medium	P8	L2
INT04-A C	low	probable	high	P2	L3
INT05-A C	medium	probable	high	P4	L3
INT06-A C	medium	probable	medium	P8	L2
INT07-A C	medium	probable	medium	P8	L2
INT08-A C	medium	probable	high	P4	L3
INT09-A C	low	probable	medium	P4	L3
INT10-A C	low	unlikely	high	P1	L3
INT11-A C	low	probable	high	P2	L3
INT12-A C	low	unlikely	medium	P2	L3
INT13-A C	high	unlikely	medium	P6	L2
INT14-A C	medium	unlikely	medium	P4	L3
INT15-A C	high	unlikely	medium	P6	L2

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
INT30-C	high	likely	high	P9	L2
INT31-C	high	probable	high	P6	L2
INT32-C	high	likely	high	P9	L2
INT33-C	low	likely	medium	P6	L2
INT34-C	high	probable	medium	P12	L1
INT35-C	high	likely	medium	P18	L1

...

EXP31-C. Avoid side effects in assertions 03. Expressions (EXP) INT00-A. Understand the data model used by your implementation(s)Image Added