SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 143

changes.mady.by.user Amy Gale

Saved on

compared with

New Version Current

changes.mady.by.user Francesco Mariani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Recommendation

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

MSC12-C

Low

Unlikely

No

MediumYes

P2

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

dead-assignment
dead-initializer
expression-result-unused
redundant-operation
unreachable-code
unreachable-code-after-jump
unused-function
statement-sideeffect

Supported + partially checked
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

DIAG.UNEX.*
LANG.STRUCT.EBS
LANG.STRUCT.RC
MISC.NOEFFECT
LANG.STRUCT.ALIGNAS.EZA
LANG.STRUCT.UA
LANG.STRUCT.UC
LANG.STRUCT.UULABEL
LANG.STRUCT.UUMACRO
LANG.STRUCT.UUPARAM
LANG.STRUCT.UUTAG
LANG.STRUCT.UUTYPE
LANG.STRUCT.UUVAR
PARSE.DBNR

Code not exercised by analysis
Empty branch statement checks
Redundant condition
Function call has no effect
Explicit zero alignment
Useless assignment
Unreachable code checks
Unused label
Unused macro
Unused parameter
Unused tag
Unused type
Unused variable
Declared but not referenced

Coverity

Include Page
Coverity_V
Coverity_V

NO_EFFECT

 

DEADCODE

 

UNREACHABLE

Finds statements or expressions that do not accomplish anything or statements that perform an unintended action.

Can detect the specific instance where code can never be reached because of a logical contradiction or a dead "default" in switch statement

Can detect the instances where code block is unreachable because of the syntactic structure of the code

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.MSC12

Partially implemented

GCC

3.0

-Wunused-value
-Wunused-parameter

Options detect unused local variables, nonconstant static variables and unused function parameters, or unreachable code respectively.

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C3110, C3112, C3307, C3404, C3426, C3427


Klocwork
Include Page
Klocwork_V
Klocwork_V
CWARN.NOEFFECT.SELF_ASSIGN
CWARN.NOEFFECT.UCMP.GE
CWARN.NOEFFECT.UCMP.GE.MACRO
CWARN.NOEFFECT.UCMP.LT
CWARN.NOEFFECT.UCMP.LT.MACRO
CWARN.NULLCHECK.FUNCNAME
EFFECT
MISRA.STMT.NO_EFFECT
UNREACH.GEN
UNREACH.RETURN
UNREACH.SIZEOF
UNREACH.ENUM
LA_UNUSED
VA_UNUSED.GEN
VA_UNUSED.INIT
INVARIANT_CONDITION.UNREACH


LDRA tool suite
Include Page
LDRA_V
LDRA_V

 

8 D, 65 D, 105 D, I J, 139 S, 140 S, 57 S

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-MSC12-a
CERT_C-MSC12-b
CERT_C-MSC12-c
CERT_C-MSC12-d
CERT_C-MSC12-e
CERT_C-MSC12-f
CERT_C-MSC12-g
CERT_C-MSC12-h
CERT_C-MSC12-i
CERT_C-MSC12-j
CERT_C-MSC12-k

There shall be no unreachable code in "else" block
There shall be no unreachable code after 'return', 'break', 'continue', 'goto', 'throw' statements, and after calls to functions with the 'noreturn' attribute
There shall be no unreachable code in "if/else/while/for" block
There shall be no unreachable code in switch statement
There shall be no unreachable code in 'for' loop
There shall be no unreachable code after 'if' or 'switch' statement
There shall be no unreachable code after "if" or "switch" statement inside while/for/do...while loop
Avoid switch with unreachable branches
Avoid unreachable methods
Avoid conditions that always evaluate to the same value
All non-null statements shall either have at least one side-effect however executed or cause control flow to change

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

438, 474, 505, 522, 523,
527, 528, 529, 563, 612,
714, 715, 719, 749, 750,
751, 752, 753, 754, 755,
756, 757, 758, 768, 769,
774, 827, 838, 1972

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. MSC12-C


Checks for:

  • Unreachable code
  • Dead code

Rec. partially covered.

RuleChecker
Include Page
RuleChecker_V
RuleChecker_V

dead-assignment
dead-initializer
expression-result-unused
redundant-operation
unreachable-code-after-jump
unused-function
statement-sideeffect

Partially checked
Security Reviewer - Static Reviewer

Include Page
Security Reviewer - Static Reviewer_V
Security Reviewer - Static Reviewer_V

CPtr

Fully implemented
SonarQube C/C++ Plugin
 
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S1764, S2589, S2583, S1116, S1172, S1763, S1862, S1065, S1656, S2754, S1751
Splint
Include Page
Splint_V
Splint_V

 -standard

The default mode checks for unreachable code.

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V551, V606, V649, V779

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...