| Content by Label | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| Info |
|---|
Information for Editors |
Risk Assessment Summary
Rule |
|---|
Recommendations
MSC00-A. Compile cleanly at high warning levels
MSC01-A. Strive for logical completeness
MSC02-A. Avoid errors of omission
MSC03-A. Avoid errors of addition
MSC04-A. Use comments consistently and in a readable fashion
MSC05-A. Do not manipulate time_t typed values directly
MSC06-A. Be aware of insecure compiler optimization when dealing with sensitive data
MSC07-A. Detect and remove dead code
MSC08-A. Library functions should validate their parameters
MSC09-A. Character Encoding - Use Subset of ASCII for Safety
MSC10-A. Character Encoding - UTF8 Related Issues
MSC11-A. Incorporate diagnostic tests using assertions
MSC12-A. Detect and remove code that has no effect
MSC13-A. Detect and remove unused values
Rules
MSC30-C. Do not use the rand() function for generating pseudorandom numbers
MSC31-C. Ensure that return values are compared against the proper type
Risk Assessment Summary
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level | |||
|---|---|---|---|---|---|---|---|---|
| MSC00MSC30-A | 3 (high) | 2 (probable) | C | Medium | Unlikely | Low 1 (high) | P6 | L2 MSC01 |
| MSC32-A | 2 (medium) | 1 (unlikely) | 2 (medium) | P4 | L3 | |||
MSC02-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 | |||
MSC03-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 | |||
MSC04-A | 2 (medium) | 1 (unlikely) | 2 (medium) | P4 | L3 | |||
MSC05-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 | |||
MSC06-A | 2 (medium) | 2 (probable) | 2 (medium) | P8 | L2 | |||
MSC07-A | 1 (low) | 1 (unlikely) | 1 (high) | P1 | L3 | |||
MSC08-A | 2 (medium) | 1 (unlikely) | 1 (high) | P2 | L3 | |||
MSC09-A | 1 (low) | 1 (unlikely) | 3 (low) | P3 | L3 | |||
MSC10-A | 2 (medium) | 1 (unlikely) | 1 (high) | P2 | L3 | |||
MSC12-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 | |||
MSC13-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC30-C | 1 (low) | 1 (unlikely) | 1 (high) | P1 | L3 |
MSC31-C | 1 (low) | 2 (probable) | 2 (medium) | P4 | L3 |
| C | Medium | Likely | Low | P18 | L1 |
| MSC33-C | High | Likely | Low | P27 | L1 |
| MSC37-C | High | Unlikely | Low | P9 | L2 |
| MSC38-C | Low | Unlikely | Medium | P2 | L3 |
| MSC39-C | Low | Unlikely | Low | P3 | L3 |
| MSC40-C | Low | Unlikely | Medium | P2 | L3 |
| MSC41-C | High | Probable | Medium | P12 | L1 |
...
ERR33-C. Only examine the value of errno when it is indicated to be valid by a function's return value 13. Error Handling (ERR)