Checker | Guideline |
|---|
| (customization) | FIO44-C. Only use values for fsetpos() that are returned from fgetpos() |
| (customization) | ERR34-C. Detect errors when converting a string to a number |
| (customization) | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
| (customization) | DCL03-C. Use a static assertion to test the value of a constant expression |
| (customization) | FIO06-C. Create files with appropriate access permissions |
| (customization) | FIO08-C. Take care when calling remove() on an open file |
| (customization) | FIO10-C. Take care when using the rename() function |
| (customization) | FIO13-C. Never push back anything other than one read character |
| (customization) | FIO24-C. Do not open a file that is already open |
| (customization) | MEM03-C. Clear sensitive information stored in reusable resources |
| (customization) | MEM04-C. Beware of zero-length allocations |
| (customization) | MSC24-C. Do not use deprecated or obsolescent functions |
| (customization) | STR06-C. Do not assume that strtok() leaves the parse string unchanged |
| (customization) | WIN01-C. Do not forcibly terminate execution |
| (general) | FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful | (general) | ENV01-C. Do not make assumptions about the size of an environment variable |
| (general) | INT04-C. Enforce limits on integer values originating from tainted sources |
| (general) | MEM11-C. Do not assume infinite heap space |
| ALLOC.DF | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| ALLOC.DF | MEM01-C. Store a new value in pointers immediately after free() | ALLOC.FNH | MEM34-C. Only free memory allocated dynamically |
| ALLOC.LEAK | MEM31-C. Free dynamically allocated memory when no longer needed |
| ALLOC.LEAK | FIO42-C. Close files when they are no longer needed |
| ALLOC.LEAK | CON30-C. Clean up thread-specific storage |
| ALLOC.LEAK | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| ALLOC.LEAK | MEM11-C. Do not assume infinite heap space |
| ALLOC.SIZE.ADDOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| ALLOC.SIZE.ADDOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| ALLOC.SIZE.ADDOFLOW | MEM35-C. Allocate sufficient memory for an object |
| ALLOC.SIZE.ADDOFLOW | INT08-C. Verify that all integer values are in range |
| ALLOC.SIZE.ADDOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| ALLOC.SIZE.IOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| ALLOC.SIZE.IOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| ALLOC.SIZE.IOFLOW | ARR32-C. Ensure size arguments for variable length arrays are in a valid range |
| ALLOC.SIZE.IOFLOW | MEM35-C. Allocate sufficient memory for an object |
| ALLOC.SIZE.IOFLOW | INT08-C. Verify that all integer values are in range |
| ALLOC.SIZE.IOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| ALLOC.SIZE.MULOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| ALLOC.SIZE.MULOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| ALLOC.SIZE.MULOFLOW | MEM35 ARR32-C. Ensure size arguments for variable length arrays are in a valid range |
| ALLOC.SIZE.MULOFLOW | MEM35-C. Allocate Allocate sufficient memory for an object |
| ALLOC.SIZE.MULOFLOW | INT08-C. Verify that all integer values are in range |
| ALLOC.SIZE.MULOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| ALLOC.SIZE.MULOFLOW | MEM07-C. Ensure that the arguments to calloc(), when multiplied, do not wrap |
| ALLOC.SIZE.SUBUFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| ALLOC.SIZE.SUBUFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| ALLOC.SIZE.SUBUFLOW | MEM35-C. Allocate sufficient memory for an object |
| ALLOC.SIZE.SUBUFLOW | INT08-C. Verify that all integer values are in range |
| ALLOC.SIZE.SUBUFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| ALLOC.SIZE.TRUNC | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| ALLOC.SIZE.TRUNC | MEM35-C. Allocate sufficient memory for an object |
| ALLOC.SIZE.TRUNC | INT02-C. Understand integer conversion rules |
| ALLOC.SIZE.TRUNC | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| ALLOC.TM | MEM34-C. Only free memory allocated dynamically |
| ALLOC.TM | WIN30-C. Properly pair allocation and deallocation functions |
| ALLOC.TM | API07-C. Enforce type safety |
| ALLOC.UAF | MEM30-C. Do not access freed memory |
| ALLOC.UAF | MEM01-C. Store a new value in pointers immediately after free() |
| BADFUNC.* | MSC23-C. Beware of vendor-specific library and language differences |
| BADFUNC.* | MSC24-C. Do not use deprecated or obsolescent functions |
| BADFUNC.ABORT | ENV32-C. All exit handlers must return normally |
| BADFUNC.ATOF | ERR34-C. Detect errors when converting a string to a number |
| BADFUNC.ATOI | ERR34-C. Detect errors when converting a string to a number |
| BADFUNC.ATOL | ERR34-C. Detect errors when converting a string to a number |
| BADFUNC.ATOLL | ERR34-C. Detect errors when converting a string to a number |
| BADFUNC.BO.* | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| BADFUNC.BO.* | API02 STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BADFUNC.BO.* | API02-C. Functions that read or write to or from Functions that read or write to or from an array should take an argument to specify the source or target size |
| BADFUNC.BO.OEMTOCHAR CHROOT | STR07 POS05-C. Use the bounds-checking interfaces for string manipulation Limit access to files by creating a jail |
| BADFUNC.BO.STRCAT CREATEFILE | STR07 FIO06-C. Use the bounds-checking interfaces for string manipulation Create files with appropriate access permissions |
| BADFUNC.BO.STRCATCHAINW CREATEPROCESS | STR07 WIN02-C. Use the bounds-checking interfaces for string manipulation Restrict privileges when spawning child processes |
| BADFUNC.BO.STRCMP EXIT | STR07 ENV32-C. Use the bounds-checking interfaces for string manipulation All exit handlers must return normally |
| BADFUNC.BO.STRCPY FORK | STR07 POS38-C. Use the bounds-checking interfaces for string manipulation Beware of race conditions when using fork and file descriptors |
| BADFUNC.BO.STRLEN GETENV | STR07 ENV30-C. Use the bounds-checking interfaces for string manipulation Do not modify the object referenced by the return value of certain functions |
| BADFUNC.BO.STRTRNS LONGJMP | STR07-C. Use the bounds-checking interfaces for string manipulation |
| BADFUNC.CHROOT | POS05-C. Limit access to files by creating a jail |
| BADFUNC.CREATEPROCESS | WIN02-C. Restrict privileges when spawning child processes |
| BADFUNC.CREATETHREAD | WIN02-C. Restrict privileges when spawning child processes ENV32-C. All exit handlers must return normally |
| BADFUNC.LONGJMP | MSC22-C. Use the setjmp(), longjmp() facility securely |
| BADFUNC.MEMCMP | EXP42-C. Do not compare padding data |
| BADFUNC.MEMSET | MSC06-C. Beware of compiler optimizations |
| BADFUNC.PATH.* AFXLOADLIBRARY | FIO02 WIN00-C. Canonicalize path names originating from tainted sources Be specific when dynamically loading libraries |
| BADFUNC.PATH.AFXLOADLIBRARY COLOADLIBRARY | WIN00-C. Be specific when dynamically loading libraries |
| BADFUNC.PATH.COLOADLIBRARY LOADLIBRARY | WIN00-C. Be specific when dynamically loading libraries |
| BADFUNC.PATH.LOADLIBRARY SYSTEM | WIN00 ENV33-C. Be specific when dynamically loading libraries Do not call system() |
| BADFUNC.PATH.SYSTEM PUTENV | ENV33 POS34-C. Do not call systemputenv() with a pointer to an automatic variable as the argument |
| BADFUNC.RANDOM.RAND | CON33-C. Avoid race conditions when using library functions |
| BADFUNC.RANDOM.RAND | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
| BADFUNC.REALLOC | MEM36-C. Do not modify the alignment of objects by calling realloc() |
| BADFUNC.SETJMP | MSC22-C. Use the setjmp(), longjmp() facility securely |
| BADFUNC.SIGNAL | SIG30-C. Call only asynchronous-safe functions within signal handlers |
| BADFUNC.SIGNAL | SIG34-C. Do not call signal() from within interruptible signal handlers |
| BADFUNC.SIGNAL | CON37-C. Do not call signal() in a multithreaded program |
| BADFUNC.SIGNAL | SIG00-C. Mask signals handled by noninterruptible signal handlers |
| BADFUNC.SIGNAL | SIG01-C. Understand implementation-specific details regarding signal handler persistence |
| BADFUNC.SIGNAL | SIG02-C. Avoid using signals to implement normal functionality |
| BADFUNC.TEMP.* | FIO01-C. Be careful using functions that use file names for identification |
| BADFUNC.TEMP.* | FIO21-C. Do not create temporary files in shared directories |
| BADFUNC.TEMP.TMPNAM | CON33-C. Avoid race conditions when using library functions |
| BADFUNC.TTYNAME TIME_H | CON33 MSC33-C. Avoid race conditions when using library functions Do not pass invalid data to the asctime() function |
| BADFUNC.VFORK TMPFILE_S | POS33 FIO01-C. Do not use vfork() Be careful using functions that use file names for identification |
| BADFUNC.TMPFILE_S | FIO21 | BADMACRO.STDARG_H | EXP47-C. Do not call va_arg with an argument of the incorrect type |
| BUILD.WALL | MSC00-C. Compile cleanly at high warning levels |
| BUILD.WERROR | MSC00-C. Compile cleanly at high warning levels |
| create temporary files in shared directories |
| BADFUNC.TMPNAM_S | FIO01-C. Be careful using functions that use file names for identification |
| BADFUNC.TMPNAM_S | FIO21 | CONCURRENCY.DATARACE | SIG31-C. Do not access shared objects in signal handlers |
| CONCURRENCY.DATARACE | CON32-C. Prevent data races when accessing bit-fields from multiple threads |
| create temporary files in shared directories |
| BADFUNC.TTYNAME | CON33-C. Avoid race conditions when using library functions |
| BADFUNC.WEAKCRYPTO | MSC25 | CONCURRENCY.DATARACE | CON43-C. Do not allow data races in multithreaded code |
| CONCURRENCY.DATARACE | POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed |
| CONCURRENCY.LOCK.NOLOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
| CONCURRENCY.LOCK.NOUNLOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
| CONCURRENCY.LOCK.ORDER | CON35-C. Avoid deadlock by locking in a predefined order |
| CONCURRENCY.LOCK.ORDER | POS51-C. Avoid deadlock with POSIX threads by locking in predefined order |
| CONCURRENCY.STARVE.BLOCKING | POS52-C. Do not perform operations that can block while holding a POSIX lock |
| CONCURRENCY.STARVE.BLOCKING | CON05-C. Do not perform operations that can block while holding a lock |
| DIAG.UNEX.* | MSC07-C. Detect and remove dead code |
| DIAG.UNEX.* | MSC12-C. Detect and remove code that has no effect or is never executed |
| HARDCODED.AUTH | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| HARDCODED.KEY | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| HARDCODED.SALT | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| IO.INJ.COMMAND | ENV33-C. Do not call system() |
| IO.INJ.COMMAND | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.FMT | FIO30-C. Exclude user input from format strings |
| IO.INJ.FMT | FIO47-C. Use valid format strings |
| IO.INJ.FMT | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.LDAP | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.LIB | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.SQL | STR02-C. Sanitize data passed to complex subsystems |
| IO.RACE | FIO45-C. Avoid TOCTOU race conditions while accessing files |
| IO.RACE | FIO01-C. Be careful using functions that use file names for identification |
| IO.RACE | FIO24-C. Do not open a file that is already open |
| IO.TAINT.ADDR | INT04-C. Enforce limits on integer values originating from tainted sources |
| IO.TAINT.FNAME | FIO01-C. Be careful using functions that use file names for identification |
| IO.TAINT.FNAME | FIO02-C. Canonicalize path names originating from tainted sources |
| IO.TAINT.SIZE | MEM35-C. Allocate sufficient memory for an object |
| IO.TAINT.SIZE | INT04-C. Enforce limits on integer values originating from tainted sources |
| IO.TAINT.SIZE | MEM05-C. Avoid large stack allocations |
| IO.TAINT.SIZE | MEM11-C. Do not assume infinite heap space |
| IO.UAC | FIO46-C. Do not access a closed file |
| LANG.ARITH.BIGSHIFT | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| LANG.ARITH.DIVZERO | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| LANG.ARITH.NEGSHIFT | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| LANG.CAST.COERCE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.COERCE | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
| LANG.CAST.COERCE | API07-C. Enforce type safety |
| LANG.CAST.COERCE | INT02-C. Understand integer conversion rules |
| LANG.CAST.COERCE | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| LANG.CAST.PC.AV | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.PC.CONST2PTR | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.PC.CONST2PTR | INT36-C. Converting a pointer to integer or integer to pointer |
| LANG.CAST.PC.CRCQ | DCL00-C. Const-qualify immutable objects |
| LANG.CAST.PC.CRCQ | EXP05-C. Do not cast away a const qualification |
| LANG.CAST.PC.INT | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.PC.INT | INT36-C. Converting a pointer to integer or integer to pointer |
| LANG.CAST.RIP | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int |
| LANG.CAST.VALUE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.VALUE | API07-C. Enforce type safety |
| LANG.CAST.VALUE | INT02-C. Understand integer conversion rules |
| LANG.CAST.VALUE | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| LANG.FUNCS.APM | EXP37-C. Call functions with the correct number and type of arguments |
| LANG.FUNCS.ASSERTS | MSC11-C. Incorporate diagnostic tests using assertions |
| LANG.FUNCS.IRV | ERR33-C. Detect and handle standard library errors |
| LANG.FUNCS.IRV | POS54-C. Detect and handle POSIX library errors |
| LANG.FUNCS.IRV | EXP12-C. Do not ignore values returned by functions |
| LANG.FUNCS.PROT | DCL07-C. Include the appropriate type information in function declarators |
| LANG.FUNCS.PROT | DCL20-C. Explicitly specify void when a function accepts no arguments |
| LANG.ID.AMBIG | DCL02-C. Use visually distinct identifiers |
| LANG.ID.ND.EXT | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.MM | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.MO | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.NEST | DCL01-C. Do not reuse variable names in subscopes |
| LANG.ID.ND.NEST | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.SS | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.EXT | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.INT | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.TAG | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.TYPE | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.MEM.BO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.BO | ENV01-C. Do not make assumptions about the size of an environment variable |
| LANG.MEM.BO | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.BU | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.BU | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.NPD | EXP34-C. Do not dereference null pointers |
| LANG.MEM.TBA | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.MEM.TBA | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.TBA | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.TBA | INT04-C. Enforce limits on integer values originating from tainted sources |
| LANG.MEM.TO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.TO | ENV01-C. Do not make assumptions about the size of an environment variable |
| LANG.MEM.TO | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.TU | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| use insecure or weak cryptographic algorithms |
| BADMACRO.STDARG_H | EXP47-C. Do not call va_arg with an argument of the incorrect type |
| BADMACRO.STDARG_H | MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro |
| BADMACRO.STDARG_H | MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value |
| BADMACRO.WEAK_CRYPTO | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| BUILD.WALL | MSC00-C. Compile cleanly at high warning levels |
| BUILD.WERROR | MSC00-C. Compile cleanly at high warning levels |
| CONCURRENCY.BADFUNC.CNDSIGNAL | CON38-C. Preserve thread safety and liveness when using condition variables |
| CONCURRENCY.BADFUNC.CNDWAIT | CON36-C. Wrap functions that can spuriously wake up in a loop |
| CONCURRENCY.BADFUNC.PTHREAD_KILL | POS44-C. Do not use signals to terminate threads |
| CONCURRENCY.C_ATOMIC | MSC23-C. Beware of vendor-specific library and language differences |
| CONCURRENCY.C_THREAD.ISD | CON34-C. Declare objects shared between threads with appropriate storage durations |
| CONCURRENCY.DATARACE | SIG31-C. Do not access shared objects in signal handlers |
| CONCURRENCY.DATARACE | CON32-C. Prevent data races when accessing bit-fields from multiple threads |
| CONCURRENCY.DATARACE | CON43-C. Do not allow data races in multithreaded code |
| CONCURRENCY.DATARACE | POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed |
| CONCURRENCY.DATARACE | CON07-C. Ensure that compound operations on shared variables are atomic |
| CONCURRENCY.DU | POS48-C. Do not unlock or destroy another POSIX thread's mutex |
| CONCURRENCY.LOCALARG | CON31-C. Do not destroy a mutex while it is locked |
| CONCURRENCY.LOCALARG | CON34-C. Declare objects shared between threads with appropriate storage durations |
| CONCURRENCY.LOCK.NOLOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
| CONCURRENCY.LOCK.NOUNLOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
| CONCURRENCY.LOCK.ORDER | CON35-C. Avoid deadlock by locking in a predefined order |
| CONCURRENCY.LOCK.ORDER | POS51-C. Avoid deadlock with POSIX threads by locking in predefined order |
| CONCURRENCY.MAA | CON32-C. Prevent data races when accessing bit-fields from multiple threads |
| CONCURRENCY.MAA | CON40-C. Do not refer to an atomic variable twice in an expression |
| CONCURRENCY.MAA | CON43-C. Do not allow data races in multithreaded code |
| CONCURRENCY.MAA | POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed |
| CONCURRENCY.STARVE.BLOCKING | POS52-C. Do not perform operations that can block while holding a POSIX lock |
| CONCURRENCY.STARVE.BLOCKING | CON05-C. Do not perform operations that can block while holding a lock |
| CONCURRENCY.THREADLOCAL | MSC23-C. Beware of vendor-specific library and language differences |
| CONCURRENCY.TNJ | CON39-C. Do not join or detach a thread that was previously joined or detached |
| DIAG.UNEX.* | MSC07-C. Detect and remove dead code |
| DIAG.UNEX.* | MSC12-C. Detect and remove code that has no effect or is never executed |
| HARDCODED.AUTH | MSC41-C. Never hard code sensitive information |
| HARDCODED.AUTH | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| HARDCODED.DNS | MSC41-C. Never hard code sensitive information |
| HARDCODED.KEY | MSC41-C. Never hard code sensitive information |
| HARDCODED.KEY | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| HARDCODED.SALT | MSC41-C. Never hard code sensitive information |
| HARDCODED.SALT | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| HARDCODED.SEED | MSC32-C. Properly seed pseudorandom number generators |
| HARDCODED.SEED | MSC41-C. Never hard code sensitive information |
| IO.BRAW | FIO24-C. Do not open a file that is already open |
| IO.INJ.COMMAND | ENV33-C. Do not call system() |
| IO.INJ.COMMAND | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.FMT | FIO30-C. Exclude user input from format strings |
| IO.INJ.FMT | FIO47-C. Use valid format strings |
| IO.INJ.FMT | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.LDAP | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.LIB | STR02-C. Sanitize data passed to complex subsystems |
| IO.INJ.SQL | STR02-C. Sanitize data passed to complex subsystems |
| IO.IOWOP | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call |
| IO.OIWOP | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call |
| IO.RACE | FIO45-C. Avoid TOCTOU race conditions while accessing files |
| IO.RACE | FIO01-C. Be careful using functions that use file names for identification |
| IO.RACE | FIO24-C. Do not open a file that is already open |
| IO.TAINT.ADDR | INT04-C. Enforce limits on integer values originating from tainted sources |
| IO.TAINT.FNAME | FIO01-C. Be careful using functions that use file names for identification |
| IO.TAINT.FNAME | FIO02-C. Canonicalize path names originating from tainted sources |
| IO.TAINT.SIZE | MEM35-C. Allocate sufficient memory for an object |
| IO.TAINT.SIZE | INT04-C. Enforce limits on integer values originating from tainted sources |
| IO.TAINT.SIZE | MEM05-C. Avoid large stack allocations |
| IO.TAINT.SIZE | MEM11-C. Do not assume infinite heap space |
| IO.UAC | FIO46-C. Do not access a closed file |
| IO.UT.HOST | INT04-C. Enforce limits on integer values originating from tainted sources |
| IO.UT.LIB | STR02-C. Sanitize data passed to complex subsystems |
| IO.UT.PORT | INT04-C. Enforce limits on integer values originating from tainted sources |
| IO.UT.PROC | STR02-C. Sanitize data passed to complex subsystems |
| LANG.ARITH.BIGSHIFT | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| LANG.ARITH.BIGSHIFT | INT35-C. Use correct integer precisions |
| LANG.ARITH.DIVZERO | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| LANG.ARITH.FDIVZERO | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| LANG.ARITH.FMULOFLOW | FLP00-C. Understand the limitations of floating-point numbers |
| LANG.ARITH.FPEQUAL | FLP00-C. Understand the limitations of floating-point numbers |
| LANG.ARITH.FPEQUAL | FLP02-C. Avoid using floating-point numbers when precise computation is needed |
| LANG.ARITH.NEGSHIFT | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| LANG.CAST.ARRAY.TEMP | EXP35-C. Do not modify objects with temporary lifetime |
| LANG.CAST.ARRAY.TEMP | ARR00-C. Understand how arrays work |
| LANG.CAST.COERCE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.COERCE | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
| LANG.CAST.COERCE | API07-C. Enforce type safety |
| LANG.CAST.COERCE | INT02-C. Understand integer conversion rules |
| LANG.CAST.COERCE | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| LANG.CAST.PC.AV | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.PC.CONST2PTR | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.PC.CONST2PTR | INT36-C. Converting a pointer to integer or integer to pointer |
| LANG.CAST.PC.CRCQ | DCL00-C. Const-qualify immutable objects |
| LANG.CAST.PC.CRCQ | EXP05-C. Do not cast away a const qualification |
| LANG.CAST.PC.DCVBASE | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| LANG.CAST.PC.INT | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.PC.INT | INT36-C. Converting a pointer to integer or integer to pointer |
| LANG.CAST.PC.OBJ | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| LANG.CAST.PC.VBASE | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| LANG.CAST.RIP | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int |
| LANG.CAST.VALUE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.CAST.VALUE | API07-C. Enforce type safety |
| LANG.CAST.VALUE | INT02-C. Understand integer conversion rules |
| LANG.CAST.VALUE | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| LANG.ERRCODE.NOTEST | ERR33-C. Detect and handle standard library errors |
| LANG.ERRCODE.NOTEST | POS54-C. Detect and handle POSIX library errors |
| LANG.ERRCODE.NZ | ERR33-C. Detect and handle standard library errors |
| LANG.ERRCODE.NZ | POS54-C. Detect and handle POSIX library errors |
| LANG.FUNCS.APM | EXP37-C. Call functions with the correct number and type of arguments |
| LANG.FUNCS.ASSERTS | MSC11-C. Incorporate diagnostic tests using assertions |
| LANG.FUNCS.IRV | ERR33-C. Detect and handle standard library errors |
| LANG.FUNCS.IRV | POS54-C. Detect and handle POSIX library errors |
| LANG.FUNCS.IRV | EXP12-C. Do not ignore values returned by functions |
| LANG.FUNCS.NORETURN | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.FUNCS.PROT | DCL07-C. Include the appropriate type information in function declarators |
| LANG.FUNCS.PROT | DCL20-C. Explicitly specify void when a function accepts no arguments |
| LANG.ID.AMBIG | DCL02-C. Use visually distinct identifiers |
| LANG.ID.ND.EXT | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.MM | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.MO | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.NEST | DCL01-C. Do not reuse variable names in subscopes |
| LANG.ID.ND.NEST | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.ND.SS | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.EXT | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.INT | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.LIBFN | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.TAG | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.ID.NU.TYPE | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.MEM.BO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.BO | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.MEM.BO | ARR38-C. Guarantee that library functions do not form invalid pointers |
| LANG.MEM.BO | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.MEM.BO | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| LANG.MEM.BO | STR38-C. Do not confuse narrow and wide character strings and functions |
| LANG.MEM.BO | MEM35-C. Allocate sufficient memory for an object |
| LANG.MEM.BO | POS30-C. Use the readlink() function properly |
| LANG.MEM.BO | ENV01-C. Do not make assumptions about the size of an environment variable |
| LANG.MEM.BO | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.BU | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.BU | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.MEM.BU | ARR38-C. Guarantee that library functions do not form invalid pointers |
| LANG.MEM.BU | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.MEM.BU | MEM35-C. Allocate sufficient memory for an object |
| LANG.MEM.BU | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.NPD | EXP34-C. Do not dereference null pointers |
| LANG.MEM.TBA | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| LANG.MEM.TBA | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.TBA | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.MEM.TBA | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.MEM.TBA | STR38-C. Do not confuse narrow and wide character strings and functions |
| LANG.MEM.TBA | MEM35-C. Allocate sufficient memory for an object |
| LANG.MEM.TBA | POS30-C. Use the readlink() function properly |
| LANG.MEM.TBA | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.TBA | INT04-C. Enforce limits on integer values originating from tainted sources |
| LANG.MEM.TO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.TO | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.MEM.TO | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.MEM.TO | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| LANG.MEM.TO | MEM35-C. Allocate sufficient memory for an object |
| LANG.MEM.TO | ENV01-C. Do not make assumptions about the size of an environment variable |
| LANG.MEM.TO | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.TU | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.MEM.TU | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.MEM.TU | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.MEM.TU | MEM35-C. Allocate sufficient memory for an object |
| LANG.MEM.TU | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.MEM.UVAR | EXP33-C. Do not read uninitialized memory |
| LANG.MEM.UVAR | FIO40-C. Reset strings on fgets() or fgetws() failure |
| LANG.PREPROC.FUNCMACRO | PRE31-C. Avoid side effects in arguments to unsafe macros |
| LANG.PREPROC.FUNCMACRO | PRE00-C. Prefer inline or static functions to function-like macros |
| LANG.PREPROC.HASH | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| LANG.PREPROC.INCL.TGMATH_H | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.PREPROC.MACROARG | PRE32-C. Do not use preprocessor directives in invocations of function-like macros |
| LANG.PREPROC.MACROEND | PRE02-C. Macro replacement lists should be parenthesized |
| LANG.PREPROC.MACROEND | PRE11-C. Do not conclude macro definitions with a semicolon |
| LANG.PREPROC.MACROSTART | PRE02-C. Macro replacement lists should be parenthesized |
| LANG.PREPROC.MARGME | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| LANG.PREPROC.PASTE | PRE30-C. Do not create a universal character name through concatenation |
| LANG.PREPROC.PASTE | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| LANG.PREPROC.PASTEHASH | PRE30-C. Do not create a universal character name through concatenation |
| LANG.STRUCT.ALIGNAS | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.ALIGNAS.EZA | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.ALIGNAS.EZA | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.ALIGNAS.IAS | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.ALIGNAS.TMAS | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.ALIGNOF | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.CONDASSIG | EXP45-C. Do not perform assignments in selection statements |
| LANG.STRUCT.CUP | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| LANG.STRUCT.CUP | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.STRUCT.DECL.FAM | MEM33-C. Allocate and copy structures containing a flexible array member dynamically |
| LANG.STRUCT.DECL.IF | DCL40-C. Do not create incompatible declarations of the same function or object |
| LANG.STRUCT.DECL.IMPFN | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.DECL.IO | DCL40-C. Do not create incompatible declarations of the same function or object |
| LANG.STRUCT.DECL.MGT | DCL23-C. Guarantee that mutually visible identifiers are unique |
| LANG.STRUCT.DECL.ML | DCL04-C. Do not declare more than one variable per declaration |
| LANG.STRUCT.DECL.NOEXT | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
| LANG.STRUCT.DECL.RESERVED | DCL37-C. Do not declare or define a reserved identifier |
| LANG.STRUCT.DECL.VLA | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.EBS | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
| LANG.STRUCT.EBS | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.ELLIPSIS | DCL11-C. Understand the type issues associated with variadic functions |
| LANG.STRUCT.ICOL | CON36-C. Wrap functions that can spuriously wake up in a loop |
| LANG.STRUCT.ICOL | CON41-C. Wrap functions that can fail spuriously in a loop |
| LANG.STRUCT.INIT.ENUM | INT09-C. Ensure enumeration constants map to unique values |
| LANG.STRUCT.INIT.UADI | MSC23-C. Beware of vendor-specific library and language differences |
| LANG.STRUCT.LOOP.FPC | FLP30-C. Do not use floating-point variables as loop counters |
| LANG.STRUCT.LOOP.HR | MSC21-C. Use robust loop termination conditions |
| LANG.STRUCT.LOOP.UB | MSC21-C. Use robust loop termination conditions |
| LANG.STRUCT.MRS | MSC37-C. Ensure that control never reaches the end of a non-void function |
| LANG.STRUCT.NTAD | EXP34-C. Do not dereference null pointers |
| LANG.STRUCT.PARENS | EXP00-C. Use parentheses for precedence of operation |
| LANG.STRUCT.PARITH | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.STRUCT.PARITH | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.STRUCT.PARITH | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.STRUCT.PARITH | MEM35-C. Allocate sufficient memory for an object |
| LANG.STRUCT.PARITH | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.STRUCT.PBB | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.STRUCT.PBB | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.STRUCT.PBB | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.STRUCT.PBB | MEM35-C. Allocate sufficient memory for an object |
| LANG.STRUCT.PBB | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.STRUCT.PIT | DCL05-C. Use typedefs of non-pointer types only |
| LANG.STRUCT.PPE | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| LANG.STRUCT.PPE | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| LANG.STRUCT.PPE | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| LANG.STRUCT.PPE | MEM35-C. Allocate sufficient memory for an object |
| LANG.STRUCT.PPE | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.STRUCT.RC | ERR30-C. Take care when reading errno |
| LANG.STRUCT.RC | MSC07-C. Detect and remove dead code |
| LANG.STRUCT.RC | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.RFCESH | SIG35-C. Do not return from a computational exception signal handler |
| LANG.STRUCT.RPL | DCL30-C. Declare objects with appropriate storage durations |
| LANG.STRUCT.RPNTC | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| LANG.STRUCT.RPNTC | DCL00-C. Const-qualify immutable objects |
| LANG.STRUCT.SCOPE.FILE | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
| LANG.STRUCT.SCOPE.FILE | DCL19-C. Minimize the scope of variables and functions |
| LANG.STRUCT.SCOPE.LOCAL | DCL19-C. Minimize the scope of variables and functions |
| LANG.STRUCT.SE.CGEN | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| LANG.STRUCT.SE.COND | EXP45-C. Do not perform assignments in selection statements |
| LANG.STRUCT.SE.DEC | PRE31-C. Avoid side effects in arguments to unsafe macros |
| LANG.STRUCT.SE.DEC | EXP30-C. Do not depend on the order of evaluation for side effects |
| LANG.STRUCT.SE.INC | PRE31-C. Avoid side effects in arguments to unsafe macros |
| LANG.STRUCT.SE.INC | EXP30-C. Do not depend on the order of evaluation for side effects |
| LANG.STRUCT.SE.INIT | EXP30-C. Do not depend on the order of evaluation for side effects |
| LANG.STRUCT.SE.IOE | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| LANG.STRUCT.SE.SIZEOF | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| LANG.STRUCT.SUP | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| LANG.STRUCT.SUP LANG.MEM.TU | EXP08-C. Ensure pointer arithmetic is used correctly |
| LANG.STRUCT.MEMSW.UVAR BAD | EXP33 DCL41-C. Do not read uninitialized memory declare variables inside a switch statement before the first case label |
| LANG.PREPROCSTRUCT.SW.HASH MB | PRE05 MSC17-C. Understand macro replacement when concatenating tokens or performing stringification Finish every set of statements associated with a case label with a break statement |
| LANG.STRUCT.SW.MPC | MSC20 | LANG.PREPROC.MACROARG | PRE32-C. Do not use preprocessor directives in invocations of function-like macros a switch statement to transfer control into a complex block |
| LANG.PREPROCSTRUCT.SW.MACROEND SWNEE | PRE02 DCL06-C. Macro replacement lists should be parenthesized Use meaningful symbolic constants to represent literal values |
| LANG.PREPROCSTRUCT.MACROEND UA | PRE11 MSC12-C. Do not conclude macro definitions with a semicolon Detect and remove code that has no effect or is never executed |
| LANG.PREPROCSTRUCT.MACROSTART UC | PRE02 MSC07-C. Macro replacement lists should be parenthesized Detect and remove dead code |
| LANG.PREPROCSTRUCT.PASTE UC | PRE30 MSC12-C. Do not create a universal character name through concatenation Detect and remove code that has no effect or is never executed |
| LANG.PREPROCSTRUCT.PASTE UPD | PRE05 EXP34-C. Understand macro replacement when concatenating tokens or performing stringification Do not dereference null pointers |
| LANG.PREPROCSTRUCT.PASTEHASH UPD | PRE30-C. Do not create a universal character name through concatenation API00-C. Functions should validate their parameters |
| LANG.STRUCT.CONDASSIG USEASSIGN | EXP45-C. Do not perform assignments in selection statements |
| LANG.STRUCT.DECL.FAM .UULABEL | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UUMACRO | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UUPARAM | MSC12-C. Detect and remove code that has no effect or is never executed ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
| LANG.STRUCT.DECL.IF UUTAG | DCL40 MSC12-C. Do not create incompatible declarations of the same function or object Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.DECL.IO UUTYPE | DCL40 MSC12-C. Do not create incompatible declarations of the same function or object Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.DECL.MGT UUVAL | MSC13-C. Detect and remove unused values |
| LANG.STRUCT.UUVAR | MSC12 DCL23-C. Guarantee that mutually visible identifiers are unique Detect and remove code that has no effect or is never executed |
| LANG.STRUCTTYPE.DECL.ML AWID | DCL04 INT18-C. Do not declare more than one variable per declaration Evaluate integer expressions in a larger size before comparing or assigning to that size |
| LANG.STRUCTTYPE.DECL.RESERVED BASIC | DCL37 INT01-C. Do not declare or define a reserved identifier Use size_t or rsize_t for all integer values representing the size of an object |
| LANG.STRUCTTYPE.EBS BFSIGN | EXP15 INT12-C. Do not place a semicolon on the same line as an if, for, or while statement make assumptions about the type of a plain int bit-field when used in an expression |
| LANG.STRUCTTYPE.EBS CBCONST | MSC12 DCL13-C. Detect and remove code that has no effect or is never executed Declare function parameters that are pointers to values not changed by the function as const |
| LANG.STRUCTTYPE.INIT.ENUM CSUF | INT09 DCL16-C. Ensure enumeration constants map to unique values Use "L," not "l," to indicate a long value |
| LANG.STRUCTTYPE.LOOP.FPC IAT | FLP30 FLP34-C. Do not use Ensure that floating-point variables as loop counters conversions are within range of the new type |
| LANG.STRUCTTYPE.LOOP.HR IAT | MSC21 FLP36-C. Use robust loop termination conditions Preserve precision when converting integral values to floating-point type |
| LANG.STRUCTTYPE.LOOP.UB IAT | MSC21 STR04-C. Use robust loop termination conditions plain char for characters in the basic character set |
| LANG.STRUCTTYPE.MRS ICA | MSC37 STR04-C. Ensure that control never reaches the end of a non-void function Use plain char for characters in the basic character set |
| LANG.STRUCTTYPE.NTAD IOT | EXP34 EXP46-C. Do not dereference null pointers use a bitwise operator with a Boolean-like operand |
| LANG.STRUCTTYPE.PARENS IOT | EXP00 INT07-C. Use parentheses for precedence of operation only explicitly signed or unsigned char type for numeric values |
| LANG.STRUCTTYPE.PARITH IOT | EXP08 INT13-C. Ensure pointer arithmetic is used correctly Use bitwise operators only on unsigned operands |
| LANG.STRUCTTYPE.PBB IOT | ARR30 STR04-C. Do not form or use out-of-bounds pointers or array subscripts Use plain char for characters in the basic character set |
| LANG.STRUCTTYPE.PBB IVD | EXP08 CON02-C. Ensure pointer arithmetic is used correctly Do not use volatile as a synchronization primitive |
| LANG.STRUCTTYPE.PIT MOT | DCL05 FLP06-C. Use typedefs of non-pointer types only Convert integers to floating point for floating-point operations |
| LANG.STRUCTTYPE.PPE MOT | ARR30 STR04-C. Do not form or use out-of-bounds pointers or array subscripts Use plain char for characters in the basic character set |
| LANG.STRUCTTYPE.PPE NCS | EXP08-C. Ensure pointer arithmetic is used correctly STR05-C. Use pointers to const when referring to string literals |
| LANG.STRUCTTYPE.RC OC | MSC07 DCL18-C. Detect and remove dead code Do not begin integer constants with 0 when specifying a decimal value |
| LANG.STRUCTTYPE.RC OWID | MSC12 INT18-C. Detect and remove code that has no effect or is never executed Evaluate integer expressions in a larger size before comparing or assigning to that size |
| LANG.STRUCTTYPE.RPL RESTRICT | DCL30 EXP43-C. Declare objects with appropriate storage durations Avoid undefined behavior when using restrict-qualified pointers |
| LANG.STRUCTTYPE.SCOPE.FILE SAP | DCL15 ARR01-C. Declare file-scope objects or functions that do not need external linkage as static Do not apply the sizeof operator to a pointer when taking the size of an array |
| LANG.STRUCTTYPE.SCOPE.FILE VCBC | DCL19 DCL00-C. Minimize the scope of variables and functions Const-qualify immutable objects |
| LANG.STRUCTTYPE.SCOPE.LOCAL VMAT | DCL19 MSC23-C. Minimize the scope of variables and functions |
| LANG.STRUCT.SE.COND | EXP45-C. Do not perform assignments in selection statements |
| LANG.STRUCT.SE.SIZEOF | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| LANG.STRUCT.SW.MB | MSC17-C. Finish every set of statements associated with a case label with a break statement |
| LANG.STRUCT.SW.MPC | MSC20-C. Do not use a switch statement to transfer control into a complex block |
| LANG.STRUCT.UA | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UC | MSC07-C. Detect and remove dead code |
| LANG.STRUCT.UC | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UPD | EXP34-C. Do not dereference null pointers |
| LANG.STRUCT.UPD | API00-C. Functions should validate their parameters |
| LANG.STRUCT.USEASSIGN | EXP45-C. Do not perform assignments in selection statements |
| LANG.STRUCT.UULABEL | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UUMACRO | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UUPARAM | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UUTAG | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UUTYPE | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.STRUCT.UUVAL | MSC13-C. Detect and remove unused values |
| LANG.STRUCT.UUVAR | MSC12-C. Detect and remove code that has no effect or is never executed |
| LANG.TYPE.AWID | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| LANG.TYPE.BASIC | INT01-C. Use rsize_t or size_t for all integer values representing the size of an object |
| LANG.TYPE.BFSIGN | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| LANG.TYPE.CSUF | DCL16-C. Use "L," not "l," to indicate a long value |
| LANG.TYPE.IAT | STR04-C. Use plain char for characters in the basic character set |
| LANG.TYPE.ICA | STR04-C. Use plain char for characters in the basic character set |
| LANG.TYPE.IOT | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| LANG.TYPE.IOT | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| LANG.TYPE.IOT | INT13-C. Use bitwise operators only on unsigned operands |
| LANG.TYPE.IOT | STR04-C. Use plain char for characters in the basic character set |
| LANG.TYPE.MOT | FLP06-C. Convert integers to floating point for floating-point operations |
| LANG.TYPE.MOT | STR04-C. Use plain char for characters in the basic character set |
| LANG.TYPE.NCS | STR05-C. Use pointers to const when referring to string literals |
| LANG.TYPE.OC | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| Beware of vendor-specific library and language differences |
| MATH.DOMAIN | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.DOMAIN.ATAN | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.DOMAIN.FE_INVALID | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.DOMAIN.LOG | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.DOMAIN.POW | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.DOMAIN.SQRT | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.DOMAIN.TOOHIGH | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.DOMAIN.TOOLOW | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.RANGE | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.RANGE.COSH.TOOHIGH | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.RANGE.COSH.TOOLOW | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.RANGE.GAMMA | FLP32-C. Prevent or detect domain and range errors in math functions |
| MATH.RANGE.GAMMA | MSC23-C. Beware of vendor-specific library and language differences |
| MATH.RANGE.LOG | FLP32-C. Prevent or detect domain and range errors in math functions |
| MISC.CHROOT.NOCHDIR | POS05-C. Limit access to files by creating a jail |
| MISC.CRYPTO.TIMESEED | MSC32-C. Properly seed pseudorandom number generators |
| MISC.FMT | FIO30-C. Exclude user input from format strings |
| MISC.FMT | FIO47-C. Use valid format strings |
| MISC.FMTTYPE | FIO47-C. Use valid format strings |
| MISC.MEM.NTERM | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| MISC.MEM.NTERM | STR03-C. Do not inadvertently truncate a string |
| MISC.MEM.NTERM.CSTRING | STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string |
| MISC.MEM.NTERM.CSTRING | POS30-C. Use the readlink() function properly |
| MISC.MEM.SIZE.ADDOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| MISC.MEM.SIZE.ADDOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| MISC.MEM.SIZE.ADDOFLOW | INT08-C. Verify that all integer values are in range |
| MISC.MEM.SIZE.ADDOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISC.MEM.SIZE.BAD | INT30-C. Ensure that unsigned integer operations do not wrap |
| MISC.MEM.SIZE.BAD | INT32-C. Ensure that operations on signed integers do not result in overflow |
| MISC.MEM.SIZE.BAD | ARR32-C. Ensure size arguments for variable length arrays are in a valid range |
| MISC.MEM.SIZE.BAD | MEM35-C. Allocate sufficient memory for an object |
| MISC.MEM.SIZE.BAD | INT08-C. Verify that all integer values are in range |
| MISC.MEM.SIZE.BAD LANG.TYPE.OWID | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size | LANG.TYPE.RESTRICT | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers |
| MISC.CRYPTO.NOPAD | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| MISC.FMT | FIO30-C. Exclude user input from format strings |
| MEM.SIZE.BAD | MEM05-C. Avoid large stack allocations | MISC.FMT | FIO47-C. Use valid format strings |
| MISC.MEM.SIZE.NTERM BAD | STR03 MEM11-C. Do not inadvertently truncate a string assume infinite heap space |
| MISC.MEM.SIZE.ADDOFLOW MULOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| MISC.MEM.SIZE.ADDOFLOW MULOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| MISC.MEM.SIZE.ADDOFLOW MULOFLOW | INT08-C. Verify that all integer values are in range |
| MISC.MEM.SIZE.ADDOFLOW MULOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISC.MEM.SIZE.BAD SUBUFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| MISC.MEM.SIZE.BAD SUBUFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow in overflow |
| MISC.MEM.SIZE.SUBUFLOW | INT08-C. Verify that all integer values are in range |
| MISC.MEM.SIZE.SUBUFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISC.MEM.SIZE.BAD TRUNC | MEM35 INT31-C. Allocate sufficient memory for an object Ensure that integer conversions do not result in lost or misinterpreted data |
| MISC.MEM.SIZE.BAD TRUNC | INT08 INT02-C. Verify that all integer values are in range Understand integer conversion rules |
| MISC.MEM.SIZE.BAD TRUNC | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISC.MEM.SIZE.BAD NEGCHAR | STR34 MEM05-C. Avoid large stack allocations Cast characters to unsigned char before converting to larger integer sizes |
| MISC.MEM.SIZE.BAD | MEM11-C. Do not assume infinite heap space |
| MISC.MEM.SIZE.MULOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| MISC.MEM.SIZE.MULOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| MISC.MEM.SIZE.MULOFLOW | INT08-C. Verify that all integer values are in range |
| MISC.MEM.SIZE.MULOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISC.MEM.SIZE.SUBUFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| MISC.MEM.SIZE.SUBUFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| MISC.MEM.SIZE.SUBUFLOW | INT08-C. Verify that all integer values are in range |
| MISC.MEM.SIZE.SUBUFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISC.MEM.SIZE.TRUNC | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| MISC.MEM.SIZE.TRUNC | INT02-C. Understand integer conversion rules |
| MISC.MEM.SIZE.TRUNC | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISC.NEGCHAR | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| MISC.NEGCHAR | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
| MISC.NEGCHAR | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
| MISC.NEGCHAR | STR00-C. Represent characters using an appropriate type |
| MISC.NOEFFECT | MSC12-C. Detect and remove code that has no effect or is never executed |
| NEGCHAR | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
| MISC.NEGCHAR | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
| MISC.NEGCHAR | STR00-C. Represent characters using an appropriate type |
| MISC.NOEFFECT | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISC.PADDING.POTB | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| MISC.PWD.PLAIN | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| MISC.PWD.PLAINTRAN | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| PARSE.BAD.TOKEN | MSC09-C. Character encoding: Use subset of ASCII for safety |
| PARSE.BIH | MSC20-C. Do not use a switch statement to transfer control into a complex block |
| PARSE.BITB | MSC20-C. Do not use a switch statement to transfer control into a complex block |
| PARSE.DBNR | MSC12-C. Detect and remove code that has no effect or is never executed |
| PARSE.DE | MSC24-C. Do not use deprecated or obsolescent functions |
| PARSE.IMPLICIT.IOM | DCL07-C. Include the appropriate type information in function declarators |
| PARSE.MISSING.DS | DCL07-C. Include the appropriate type information in function declarators |
| PARSE.MISSING.TS | DCL07-C. Include the appropriate type information in function declarators |
| PARSE.NONSTD.II | DCL07-C. Include the appropriate type information in function declarators |
| PARSE.PCLB | INT36-C. Converting a pointer to integer or integer to pointer |
| PARSE.PCTSSI | INT36-C. Converting a pointer to integer or integer to pointer |
| PARSE.PILNFD | DCL07-C. Include the appropriate type information in function declarators |
| PARSE.UNDECLPARAM | DCL07-C. Include the appropriate type information in function declarators | MISC.PWD.PLAIN | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
