Page History

The C Standard, subclause 3.45.3 [ISO/IEC 9899:20112024], defines undefined behavior as

behavior, upon use of a nonportable or erroneous program construct or of erroneous data, for
which this International Standard
which this document imposes no requirements
.

Subclause 4 explains how the standard identifies undefined behavior (see also undefined behavior 1 of Annex J).

If a "shall" or "shall not" requirement that appears outside of a constraint
is violated
or runtime-constraint is violated, the behavior is undefined. Undefined behavior is otherwise indicated in this
International Standard by the
document by the words "undefined behavior" or by the omission of any explicit definition of behavior. There is no difference in emphasis among these three; they all describe "behavior that is undefined".

Annex J, subclause J.2, "Undefined behavior," enumerates the circumstances under which the behavior of a program is undefined. This list is duplicated on the CC. Undefined Behavior page.

...

Recommendation	Severity	Likelihood	Detectable	Remediation CostRepairable	Priority	Level
MSC15-C	High	Likely	No	MediumNo	P18P9	L1L2

Automated Detection

0160, 0161, 0162, 0163, 0164, 0165, 0166,

0167, 0168, 0169, 0170, 0171, 0172, 0173,

0174, 0175, 0176, 0177, 0178, 0179, 0184, 0185, 0186, 0190, 0191, 0192, 0193, 0194,

0195, 0196, 0197, 0198, 0199, 0200, 0201,

0203, 0204, 0206, 0207, 0208, 0235, 0275,

0301, 0302, 0304, 0307, 0309, 0323, 0327,

0337, 0400, 0401, 0402, 0403, 0475, 0543,

0544, 0545, 0602, 0603, 0623, 0625, 0626,

0630, 0632, 0636, 0654, 0658, 0661, 0667,

0668, 0672, 0676, 0678, 0680, 0706, 0745,

0777, 0779, 0813, 0814, 0821, 0836, 0837,

0848, 0853, 0854, 0864, 0865, 0867, 0872,

0874, 0885, 0887, 0888, 0914, 0915, 0942,

1509, 1510, 3113, 3114, 3239, 3311, 3312,

3319, 3437, 3438

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

Supported: Astrée reports undefined behavior.

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C0160, C0161, C0162, C0163, C0164, C0165, C0166, C0167, C0168, C0169, C0170, C0171, C0172, C0173, C0174, C0175, C0176, C0177, C0178, C0179, C0184, C0185, C0186, C0190, C0191, C0192, C0193, C0194, C0195, C0196, C0197, C0198, C0199, C0200, C0201, C0203, C0204, C0206, C0207, C0208, C0235, C0275, C0301, C0302, C0304, C0307, C0309, C0323, C0327, C0337, C0400, C0401, C0402, C0403, C0475, C0543, C0544, C0545, C0602, C0603, C0623, C0625, C0626, C0630, C0632, C0636, C0654, C0658, C0661, C0667, C0668, C0672, C0676, C0678, C0680, C0706, C0745, C0777, C0779, C0813, C0814, C0821, C0836, C0837, C0848, C0853, C0854, C0864, C0865, C0867, C0872, C0874, C0885, C0887, C0888, C0914, C0915, C0942, C1509, C1510, C3113, C3114, C3239, C3311, C3312, C3319, C3437, C3438

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

48 D, 63 D, 84 D, 113 D, 5 Q, 64 S, 65 S, 100 S, 109 S, 156 S, 296 S, 324 S, 335 S, 336 S, 339 S, 412 S, 427 S, 465 S, 482 S, 497 S, 545 S, 587 S, 608 S, 642 S, 62 X, 63 X

Partially implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-MSC15-a
CERT_C-MSC15-b

Evaluation of constant unsigned integer expressions should not lead to wrap-around
Evaluation of constant unsigned integer expressions in preprocessor directives should not lead to wraparound

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rec. MSC15-C

Checks for undefined behavior (rec. partially covered)

PRQA QA-C

Include Page

PRQA QA-C_v

Partially implemented

PVS-Studio

Include Page

	PVS-Studio_V
	PVS-Studio_V

V772

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Bibliography

[ISO/IEC 9899:20112024]	Subclause 3.45.3, "Undefined Behavior" Subclause 4, "Conformance" Subclause J.2, "Undefined Behavior"
[Seacord 2013]	Chapter 5, "Integer Security"

...

Space shortcuts

Page tree

Versions Compared

Old Version 76

New Version Current

Key

Automated Detection

Related Vulnerabilities

Bibliography