Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
SEI CERT C Coding Standard
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
SEI CERT C Coding Standard
2 Rules
Rule 09. Input Output (FIO)
FIO30-C. Exclude user input from format strings
Page Information
Title:
FIO30-C. Exclude user input from format strings
Author:
Hal Burch
Jun 16, 2006
Last Changed by:
David Svoboda
May 05, 2025
Tiny Link:
(useful for email)
https://wiki.sei.cmu.edu/confluence/x/RdYxBQ
Export As:
Word
·
PDF
Incoming Links
SEI CERT Perl Coding Standard (1)
Page:
IDS30-PL. Exclude user input from format strings
SEI CERT Oracle Coding Standard for Java (1)
Page:
IDS06-J. Exclude unsanitized user input from format strings
Android (1)
Page:
Applicable in Principle to Android (C Rules/Recomendations)
SEI CERT C Coding Standard (3)
Page:
FIO47-C. Use valid format strings
Page:
EXP43-C. Avoid undefined behavior when using restrict-qualified pointers
Page:
MSC09-C. Character encoding: Use subset of ASCII for safety
Hierarchy
Parent Page
Page:
Rule 09. Input Output (FIO)
Labels
Global Labels (16)
char-strings
gcc
fortify
compass/rose
splint
nptc
sample
fio
rose-complete
input
posix
rule
cwe-134
klocwork
nptc-aliasing
in-cpp
Recent Changes
Time
Editor
May 05, 2025 09:01
Swasti Shrivastava
View Changes
REM Cost Reform
Dec 12, 2024 01:22
Swasti Shrivastava
View Changes
Sep 19, 2024 13:03
Swasti Shrivastava
View Changes
Sep 19, 2024 12:58
Swasti Shrivastava
View Changes
Apr 20, 2023 05:24
Jill Britton
View Page History
Outgoing Links
External Links (17)
https://wiki.sei.cmu.edu/confluence/display/c/Cppcheck+Prem…
https://wiki.sei.cmu.edu/confluence/display/perl/SEI+CERT+P…
https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliogra…
https://wiki.sei.cmu.edu/confluence/display/c/How+this+Codi…
https://wiki.sei.cmu.edu/confluence/display/c/AA.+Bibliogra…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/display/c/PVS-Studio
https://wiki.sei.cmu.edu/confluence/display/java/SEI+CERT+O…
https://cwe.mitre.org/data/definitions/20.html
https://wiki.sei.cmu.edu/confluence/display/java/IDS06-J.+E…
https://pvs-studio.com/en/docs/warnings/v618/
cwe.mitre.org/data/definitions/134.html
https://www.mathworks.com/help/bugfinder/ref/certcrulefio30…
https://wiki.sei.cmu.edu/confluence/display/perl/IDS30-PL.+…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.kb.cert.org/vulnotes/bymetric?searchview&query=…
https://cwe.mitre.org/data/index.html
SEI CERT C Coding Standard (30)
Page:
PC-lint Plus_V
Page:
Helix QAC
Page:
CodeSonar
Page:
Helix QAC_V
Page:
GCC
Page:
Polyspace Bug Finder_V
Page:
Parasoft_V
Page:
PC-lint Plus
Page:
Polyspace Bug Finder
Page:
AA. Bibliography
Page:
Axivion Bauhaus Suite
Page:
Klocwork_V
Page:
BB. Definitions
Page:
Astrée_V
Page:
Cppcheck Premium_V
Page:
CodeSonar_V
Page:
Splint
Home page:
SEI CERT C Coding Standard
Page:
Axivion Bauhaus Suite_V
Page:
GCC_V
Page:
LDRA
Page:
PVS-Studio_V
Page:
LDRA_V
Page:
Astrée
Page:
Klocwork
Page:
Rose
Page:
Coverity_V
Page:
Splint_V
Page:
Coverity
Page:
Parasoft
Overview
Content Tools
{"serverDuration": 100, "requestCorrelationId": "8ead95dbff0e8b8f"}