Tags (Labels)
Tag | Meaning |
|---|---|
Pages that form the main sections of this standard and that are listed in the Section Index on the SEI CERT C Coding Standard page. | |
Guidelines with links to a rule in 6 The Void. The link should be removed. | |
Guidelines that have been significantly changed since the checker was coded. The checker needs updating. | |
Pages that need work. | |
Pages that need to be deleted. See also void below. | |
Pages that have problems with the citations at the bottom. | |
Pages with comments that might make good sidebars. | |
Guidelines in other CERT secure coding standards (residing in other Wiki spaces) that might make good C guidelines. Port to C those rules that are truly applicable. | |
Guidelines that might be candidates for adoption in the SEI CERT Oracle Coding Standard for Java. | |
Pages tagged for elimination from the standard and that are listed in 6 The Void. |
ROSE-Specific Tags (Labels)
Pages now have tags (also known as
) to indicate the status of their corresponding checker in Compass Rose:
Tag | Meaning |
|---|---|
ROSE catches all violations | |
ROSE catches some violations | |
ROSE could catch some or all violations, but doesn't yet. | |
ROSE doesn't catch violations, but will soon, | |
These rules can't be checked automatically. | |
These rules could be checked automatically in theory, but not by ROSE. | |
ROSE could check these rules if it recognized macro usage. | |
ROSE could check these rules if it operated on multiple files at once. | |
ROSE could enforce this rule, but could not avoid catching some false positives. |
At this point, all rules should have one of these tags. That is, they should be completely or partially checked by ROSE, or they should be marked 'rose-possible', in that we will try to check them with ROSE, or they should have one of the nonapplicable tags indicating we don't think they can be checked with ROSE.
It might also be worth giving these another look.