SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 72

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version Current

changes.mady.by.user Francesco Mariani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Unlike passed-by-value arguments and pointers, pointed-to values are a concern. A function may modify a value referenced by a pointer argument, leading to a side effect that persists even after the function exits. Modification of the pointed-to value is not diagnosed by the compiler, which assumes this behavior was intended.

...

The const-qualification of the second argument, s2, eliminates the spurious warning in the initial invocation but maintains the valid warning on the final invocation in which a const-qualified object is passed as the first argument (which can change). Finally, the middle strcat() invocation is now valid because c_str3 is a valid destination string and may be safely modified.

Risk Assessment

Not declaring Failing to declare an unchanging value const prohibits the function from working with values already cast as const. This problem can be sidestepped by type casting away the const, but doing so violates EXP05-C. Do not cast away a const qualification.

Recommendation

Severity

Likelihood

Detectable

Remediation Cost

Repairable

Priority

Level

DCL13-C

Low

low

Unlikely

unlikely

Yes

low

Yes

P3

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
parameter-missing-constFully checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-DCL13
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.TYPE.CBCONST

Compass/ROSE

 

 

Pointed-to Type Could Be const

Compass/ROSE



Can detect violations of this recommendation while checking for violations of recommendation DCL00-C. Const-qualify immutable objects

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.DCL13

Fully implemented

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C0431, C3673, C3677
Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.PPARAM.NEEDS.CONST
LDRA tool suite
Include Page
LDRA_V
LDRA_V
62

120 D

Fully implemented

PRQA QA-C Include PagePRQA_VPRQA_V

3673
0431(C)

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-DCL13-a

A pointer parameter in a function prototype should be declared as pointer to const if the pointer is not used to modify the addressed object

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

111, 818

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. DCL13-CChecks for pointer to non-const qualified function parameter (rec. fully covered)


RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
parameter-missing-constFully checked
Security Reviewer - Static Reviewer
6.02
C16Fully Implemented
Fully implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++
Secure
Coding StandardVOID DCL13-CPP. Declare function parameters that are pointers to values not changed by the function as const
ISO/IEC TR 24772:2013Passing Parameters and Return Values [CSJ]

Bibliography

[ISO/IEC 9899:2011]Annex I "Common Warnings"

...

MISRA C:2012Rule 8.13 (advisory)


...

Image Modified Image Modified Image Modified