...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <Windows.h>
/*
typedef struct tagPOINT {
long x, y;
} POINT, *LPPOINT;
*/
typedef const POINT *LPCPOINT;
void func(LPCPOINT pt) {
/* Cannot modify pt's contents */
} |
Exceptions
Function pointer types are an exception to this recommendation.
Noncompliant Code Example
In this noncompliant code example, the declaration of the signal() function is difficult to read and comprehend:
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
typedef void SighandlerType(int signum); extern SighandlerType *signal( int signum, SighandlerType *handler ); |
Exceptions
Function pointer types are an exception to this recommendation.
Risk Assessment
Code readability is important for discovering and eliminating vulnerabilities.
Recommendation | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
DCL05-C | Low | Unlikely |
Yes | No | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| pointer-typedef | Fully checked | ||||||
| Axivion Bauhaus Suite |
| CertC-DCL05 | |||||||
| CodeSonar |
| LANG.STRUCT.PIT | Pointer type inside typedef | ||||||
| Compass/ROSE |
| Helix QAC |
| C5004 |
| LDRA tool suite |
| 299 S | Partially implemented | ||||||
| Parasoft C/C++test |
| CERT_C-DCL05-a | Declare a type of parameter as typedef to pointer to const if the pointer is not used to modify the addressed object | |||||||
| RuleChecker |
| pointer-typedef | Fully checked |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
SEI
| CERT C Secure Coding Standard | DCL12-C. Implement abstract data types using opaque types |
| SEI CERT C++ Coding Standard | VOID DCL05-CPP. Use typedefs to improve code readability |
...
...