SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 65

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

Failure to understand and properly use pointer arithmetic can allow an attacker to execute arbitrary code.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

ARR39-C

High

Probable

No

High

No

P6

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
scaled-pointer-arithmetic

Partially checked

Besides direct rule violations, Astrée reports all (resulting) out-of-bound array accesses.

Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-ARR39Fully implemented
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.MEM.BO
LANG.MEM.BU
LANG.MEM.TBA
LANG.MEM.TO
LANG.MEM.TU
LANG.STRUCT.PARITH
LANG.STRUCT.PBB
LANG.STRUCT.PPE

Buffer overrun
Buffer underrun
Tainted buffer access
Type overrun
Type underrun
Pointer Arithmetic
Pointer before beginning of object
Pointer past end of object

Coverity
Include Page
Coverity_V
Coverity_V

BAD_SIZEOF

 

Partially implemented
Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-arr39-c
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF4955, DF4956, DF4957


Klocwork
Include Page
Klocwork_V
Klocwork_V

CERT.ARR.PTR.ARITH


LDRA tool suite
 
Include Page
LDRA_V
LDRA_V
47 S, 489 S, 567 S,
64 X, 66 X, 68 X,
69 X, 70 X, 71 X		Partially implemented
 
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-ARR39-a
CERT_C-ARR39-b
CERT_C-ARR39-c

Avoid accessing arrays out of bounds
Pointer arithmetic should not be used
Do not add or subtract a scaled integer to a pointer

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder

R2016a

Incorrect pointer scaling, Pointer access out of bounds, Possible misuse of sizeof

Implicit scaling in pointer arithmetic might be ignored

Pointer dereferenced outside its bounds

Use of sizeof operator can cause unintended results

_V

CERT C: Rule ARR39-C

Checks for incorrect pointer scaling (rule fully covered).

RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

scaled-pointer-arithmetic
Partially checked
TrustInSoft Analyzer

Include Page
TrustInSoft Analyzer_V
TrustInSoft Analyzer_V

index_in_address

Exhaustively detects undefined behavior (see one compliant and one non-compliant example).

 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

CERT C Secure Coding StandardARR30-C. Do not form or use out-of-bounds pointers or array subscriptsPrior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding StandardARR37-C. Do not add or subtract an integer to a pointer to a non-array objectPrior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Pointer Casting and Pointer Type
Changes 
Changes [HFC]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Pointer Arithmetic [RVG]Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012Rule 18.1 (required)Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012Rule 18.2 (required)Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012Rule 18.3 (required)Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012Rule 18.4 (advisory)
MITRE CWE
Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11CWE-468, Incorrect Pointer Scaling2017-07-07: CERT: Exact

Bibliography

[Dowd 2006]Chapter 6, "C Language Issues"
[Murenin 07]
 

...



...

Image Modified Image Modified Image Modified