...
Location | Before (with error) | After (with correction) | Rationale |
p. 30, Section 2.3.1 | ); | } | The last line of the Noncompliant Code Example in section 2.3.1 closes the code block incorrectly with a close-parent-semicolin ");", but should be a closed brace "}". |
p. 43, Section 3.4.1 | Noncompliant Code Example (Header Guard) | Noncompliant Code Example (Include Guard) A common, but noncompliant, practice is to choose a reserved name for a macro used in a prepro- cessor conditional guarding against multiple inclusions of a header file. (See also PRE06-C. En- close header files in an include guard.) | Standardized the term to be "include guard". |
p 44, Section 3.4.2 | Compliant Solution (Header Guard) | Compliant Solution (Include Guard) This compliant solution avoids using leading underscores in the name of the include guard: | Standardized the term to be "include guard". |
p.138, Section 4.15 | Previous section is 4.14, rule EXP46-C | New rule EXP47-C. (See wiki for contents) | New rule deemed necessary (vulnerability not covered by pre-existing rule). |
p. 150, Section 5.3.5.2 | This compliant solution eliminates signed overflow on systems where | This compliant solution eliminates signed overflow on systems where | The phrase should be “ |
p. 186 Section 6.3.2 | i |
| Code now safely handles NaN. |
p. 187 Section 6.3.4 |
|
| Code now safely handles NaN. |
p. 189, Section 6.4.1 | long int big = 1234567890; | long int big = 1234567890L; | Addition of type suffix in initialization statement. |
p. 190, Section 6.4.2 | long int big = 1234567890; | long int big = 1234567890L; | Addition of type suffix in initialization statement. |
p. 203, Section 7.2.1 | In this noncompliant code example, a variable length array of size is declared. | In this noncompliant code example, a variable length array of size | The second ” |
p. 226, Section 8.1 | A character string literal is a sequence of zero or more multibyte characters enclosed in double-quotes, as in | A character string literal is a sequence of zero or more multibyte characters enclosed in double-quotes, as in | The period should appear outside the quote, not inside the quote because the quote is part of the character string. |
p. 279 Section 9.5.1 | The code checks for unsigned integer overflow in compliance with INT32-C. Ensure that operations on signed integers do not result in overflow and also ensures that | The code attempts to check for unsigned integer overflow in compliance with INT30-C. Ensure that unsigned integer operations do not wrap and also ensures that len is not equal to zero. | The code uses only unsigned integers. |
p. 286, Section 10.2.2 | When opening a FIFO with When opening a block special or character special file that supports nonblocking opens: Otherwise, the behavior of | When opening a FIFO with
When opening a block special or character special file that supports nonblocking opens:
Otherwise, the behavior of | Bulleted items were missing. |
p. 365, Section 12.2.3 | Signal handlers can refer to objects with static or thread storage a duration that are lock-free atomic objects, as in this compliant solution: | Signal handlers can refer to objects with static or thread storage durations that are lock-free atomic objects, as in this compliant solution: | The phrase should be “storage durations” not “storage a duration.” |
p. 380 Section 13.1 | Library functions fall into the following categories: | Library functions fall into the following categories: | The sentences were ungrammatical. |
p. 447, Section 14.11.1 | This noncompliant code example declares a shared | This noncompliant code example declares a shared | The variable should be “ |
p. 447, Section 14.11.1 | Execution of this code may result in a data race because the value of flag is read, negated, and written back. | Execution of this code may result in unexpected behavior because the value of flag is read, negated, and written back. | Changed "data race" to a more appropriate term. |