SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 210

changes.mady.by.user Arthur Hicken

Saved on

compared with

New Version 211

changes.mady.by.user Michal Rozenau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft C/C++test 10.4

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

IO.RACE

IO.TAINT.FNAME

BADFUNC.TEMP.*

File System Race Condition

Tainted Filename

A collection of warning classes that report uses of library functions associated with temporary file vulnerabilities (including name issues).

Compass/ROSE



Can detect some violations of this recommendation. In particular, it warns when chown(), stat(), or chmod() are called on an open file

Coverity6.5TOCTOUFully implemented
Klocwork
Include Page
Klocwork_V
Klocwork_V

SV.TOCTOU.FILE_ACCESS


LDRA tool suite
Include Page
LDRA_V
LDRA_V

592 S

Fully implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
SECURITY-19,SECURITY-27

CERT_C-FIO01-a
CERT_C-FIO01-b

Don't use chmod(), chown(), chgrp()
Usage of functions prone to race is not allowed

Partially implemented

Polyspace Bug FinderR2016aFile access between time of check and use (TOCTOU)

File or folder might change state due to access race

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
5011Partially implemented

...