SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 101

changes.mady.by.user Jill Britton

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

Pointer arithmetic must be performed only on pointers that reference elements of array objects.

The C Standard, 6.5.6 7 [ISO/IEC 9899:20112024], states the following about pointer arithmetic:

...

Risk Assessment

Rule

Severity

Likelihood

Detectable

Remediation CostRepairable

Priority

Level

ARR37-C

Medium

Probable

Yes

MediumNo

P8

L2

Automated Detection

MISRA.2012

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported indirectly via MISRA C:2004 Rule 17.4.
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-ARR37Fully implemented
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.MEM.BO
LANG.MEM.BU
LANG.STRUCT.PARITH
LANG.STRUCT.PBB
LANG.STRUCT.PPE
LANG.MEM.TBA
LANG.MEM.TO
LANG.MEM.TU

Buffer Overrun
Buffer Underrun
Pointer Arithmetic
Pointer Before Beginning of Object
Pointer Past End of Object
Tainted Buffer Access
Type Overrun
Type Underrun

Compass/ROSE



Coverity
Include Page
Coverity_V
Coverity_V
ARRAY_VS_SINGLETONImplemented
Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-arr37-c
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF2930, DF2931, DF2932, DF2933

C++3705, C++3706, C++3707


Klocwork
Include Page
Klocwork_V
Klocwork_V

CERT.ARR.PTR.ARITH


LDRA tool suite
 
Include Page
LDRA_V
LDRA_V
567 SPartially implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
CERT_C-ARR37-a

Pointer arithmetic shall not be applied to pointers that address variables of non-array type

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

2662

Partially supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule ARR37-CChecks for invalid assumptions about memory organization (rule partially covered)PRQA QA-Cinclude

PRQA QA-C_vPRQA QA-C_v2930, 2931, 2932, 2933PRQA QA-C++
Include Page
cplusplus:PRQA QA-C++_Vcplusplus:PRQA QA-C++_V

2930, 2931, 2932, 2933,

3705, 3706, 3707


RuleChecker

Include Page
RuleChecker_V
RuleChecker_V


Supported indirectly via MISRA C:2004 Rule 17.4.

...

[Banahan 2003]Section 5.3, "Pointers"
Section 5.7, "Expressions Involving Pointers"
[ISO/IEC 9899:20112024]6.5.67, "Additive Operators"
[VU#162289]

...