 
                            Assertions are a valuable diagnostic tool for finding and eliminating software defects that may result in vulnerabilities.  (See see MSC11-C. Incorporate diagnostic tests using assertions). ) The runtime assert() macro has some limitations, however, in that it incurs a runtime overhead and because it calls abort(). Consequently, the runtime assert() macro is useful only for identifying incorrect assumptions and not for runtime error checking. As a result, runtime assertions are generally unsuitable for server programs or embedded systems.
...
For assertions involving only constant expressions, a preprocessor conditional statement may be used, as in this examplecompliant solution:
| Code Block | ||||
|---|---|---|---|---|
| 
 | ||||
| struct timer {
  unsigned char MODE;
  unsigned int DATA;
  unsigned int COUNT;
};
#if (sizeof(struct timer) != (sizeof(unsigned char) + sizeof(unsigned int) + sizeof(unsigned int)))
  #error "Structure must not have any padding"
#endif
 | 
...
Other uses of static assertion are shown in VOID STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code and FIO35FIO34-C. Use feof() and ferror() to detect end-of-file and file errors when sizeof(int) == sizeof(char)Distinguish between characters read from a file and EOF or WEOF.
Risk Assessment
Static assertion is a valuable diagnostic tool for finding and eliminating software defects that may result in vulnerabilities at compile time. The absence of static assertions, however, does not mean that code is incorrect.
| Recommendation | Severity | Likelihood | Detectable | 
|---|
| Repairable | Priority | Level | 
|---|---|---|
| DCL03-C | 
| Low | Unlikely | 
| Yes | 
| Yes | 
| P3 | L3 | 
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Axivion Bauhaus Suite | 
 | CertC-DCL03 | |||||||
| Clang | 
 | misc-static-assert | Checked by clang-tidy | ||||||
| CodeSonar | 
 | (customization) | Users can implement a custom check that reports uses of the assert()macro | ||||||
| Compass/ROSE | 
| Could detect violations of this rule merely by looking for calls to  | |||||||||
| ECLAIR | 
 | CC2.DCL03 | Fully implemented | ||||||
| LDRA tool suite | 
 | 44 S | Fully implemented | 
| Security Reviewer - Static Reviewer | 6.02 | C13 | 
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| C++ Secure Coding Standard | VOID DCL03-CPP. Use a static assertion to test the value of a constant expression | 
Bibliography
| [Becker 2008] | 
| [Eckel 2007] | 
| [ISO/IEC 9899:2011] | Subclause 6.7.10, "Static Assertions" | 
| [Jones 2010] | 
| [Klarer 2004] | 
| [Saks 2005] | 
| [Saks 2008] | 
...
...