SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 96

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

Code Block
bgColor#ccccff
langc
#include <stddef.h>
#include <stdint.h>

extern void get_register_bank(volatile int32_t **bank,
                              size_t *num_registers);
extern void external_wait(void);

void func(void) {
  volatile int32_t bank[3];
  size_t num_regs = 3;

  get_register_bank((volatile int32_t **)&bank, &num_regs);
  if (num_regs < 3) {
    /* Handle error */
   }

  bank[0] = 1;
  external_wait();
  bank[0] = 0;
}

Risk Assessment

Blah blah blahFailure to declare variables containing data that cannot be cached as volatile can result in unexpected runtime behavior resulting from compiler optimizations.

Recommendation

Severity

Likelihood

Detectable

Remediation Cost

Repairable

Priority

Level

DCL22-C

Low

Probable

High

No

Yes

P2

P4

L3

Automated Detection

Tool

Version

Checker

Description

PRQA QA-C
LDRA tool suite
 
Include Page
PRQA
LDRA_V
PRQA
LDRA_V
2782
8 DPartially implemented
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-DCL22-a

Avoid unused values
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. DCL22-C


Checks for write without a further read (rule partially covered)

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C Secure Coding StandardSIG31-C. Do not access shared objects in signal handlers
SEI CERT C++
Secure
Coding Standard
DCL34
VOID DCL20-CPP. Use volatile for data that cannot be cached
MISRA C:2012Rule 2.2 (required)

Bibliography

[C99 Rationale 2003] Subclause 6.7.3, "Type Qualifiers"

 


...

Image Modified Image Modified Image Modified