SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 57

changes.mady.by.user Kris Kafka

Saved on

compared with

New Version 58

changes.mady.by.user Jon O'Donnell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

HARDCODED.AUTH

HARDCODED.KEY

HARDCODED.SALT

MISC.PWD.PLAIN

MISC.PWD.PLAINTRAN

Hardcoded Authentication

Hardcoded Crypto Key

Hardcoded Crypto Salt

Plaintext Storage of Password

Plaintext Transmission of Password

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

586

Partially supported: reports functions that read passwords from the user or that take a password as an argument instead of prompting the user as well as insecure password erasure

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. MSC18-C


Checks for:

  • Constant or predictable block cipher initialization vector
  • Constant or predictable cipher key
  • Sensitive heap memory not cleared before release
  • Uncleared sensitive data in stack
  • Unsafe standard encryption function

Rec. partially covered.

...