| Content by Label | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| Info |
|---|
Information for Editors |
Risk Assessment Summary
Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| MSC30-C | Medium | Unlikely | Yes | No | P4 | L3 |
| MSC32-C | Medium | Likely | Yes | Yes | P18 | L1 |
| MSC33-C | High | Likely | No | No | P9 | L2 |
| MSC37-C | High | Unlikely | Yes | No | P6 | L2 |
| MSC38-C | Low | Unlikely | Yes | No | P2 | L3 |
| MSC39-C | Low | Unlikely | Yes | No | P2 | L3 |
| MSC40-C | Low | Unlikely | No | No | P1 | L3 |
| MSC41-C | High | Probable | No | No | P6 | L2 |
...
Recommendations
MSC00-A. Compile cleanly at high warning levels
MSC01-A. Strive for logical completeness
MSC02-A. Avoid errors of omission
MSC03-A. Avoid errors of addition
MSC04-A. Use comments consistently and in a readable fashion
MSC05-A. Do not manipulate time_t typed values directly
MSC06-A. Be aware of compiler optimization when dealing with sensitive data
MSC07-A. Detect and remove dead code
MSC08-A. Library functions should validate their parameters
MSC09-A. Character Encoding - Use Subset of ASCII for Safety
MSC10-A. Character Encoding - UTF8 Related Issues
MSC11-A. Incorporate diagnostic tests using assertions
MSC12-A. Detect and remove code that has no effect
MSC13-A. Detect and remove unused values
MSC14-A. Do not introduce unnecessary platform dependencies
MSC15-A. Do not depend on undefined behavior
Rules
MSC30-C. Do not use the rand() function for generating pseudorandom numbers
MSC31-C. Ensure that return values are compared against the proper type
Risk Assessment Summary
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC00-A | 3 (high) | 2 (probable) | 1 (high) | P6 | L2 |
MSC01-A | 2 (medium) | 1 (unlikely) | 2 (medium) | P4 | L3 |
MSC02-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
MSC03-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
MSC04-A | 2 (medium) | 1 (unlikely) | 2 (medium) | P4 | L3 |
MSC05-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
MSC06-A | 2 (medium) | 2 (probable) | 2 (medium) | P8 | L2 |
MSC07-A | 1 (low) | 1 (unlikely) | 1 (high) | P1 | L3 |
MSC08-A | 2 (medium) | 1 (unlikely) | 1 (high) | P2 | L3 |
MSC09-A | 1 (low) | 1 (unlikely) | 3 (low) | P3 | L3 |
MSC10-A | 2 (medium) | 1 (unlikely) | 1 (high) | P2 | L3 |
MSC11-A | 1 (low) | 1 (unlikely) | 3 (low) | P3 | L3 |
MSC12-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
MSC13-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
MSC14-A | low | unlikely | medium | P2 | L3 |
MSC15-A | high | high | medium | P18 | L1 |
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC30-C | 1 (low) | 1 (unlikely) | 1 (high) | P1 | L3 |
MSC31-C | 1 (low) | 2 (probable) | 2 (medium) | P4 | L3 |
12. Error Handling (ERR) MSC00-A. Compile cleanly at high warning levels