Recommendations
MSC00-C. Compile cleanly at high warning levels
MSC01-C. Strive for logical completeness
MSC02-C. Avoid errors of omission
MSC03-C. Avoid errors of addition
MSC04-C. Use comments consistently and in a readable fashion
MSC05-C. Do not manipulate time_t typed values directly
MSC06-C. Be aware of compiler optimization when dealing with sensitive data
MSC07-C. Detect and remove dead code
MSC08-C. Library functions should validate their parameters
MSC09-C. Character Encoding - Use Subset of ASCII for Safety
MSC10-C. Character Encoding - UTF8 Related Issues
MSC11-C. Incorporate diagnostic tests using assertions
MSC12-C. Detect and remove code that has no effect
MSC13-C. Detect and remove unused values
MSC14-C. Do not introduce unnecessary platform dependencies
MSC15-C. Do not depend on undefined behavior
Rules
MSC30-C. Do not use the rand() function for generating pseudorandom numbers
MSC31-C. Ensure that return values are compared against the proper type
Risk Assessment Summary
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
MSC00-C |
medium |
probable |
medium |
P8 |
L2 |
MSC01-C |
medium |
probable |
medium |
P8 |
L2 |
MSC02-C |
low |
likely |
medium |
P6 |
L2 |
MSC03-C |
low |
likely |
medium |
P6 |
L2 |
MSC04-C |
medium |
unlikely |
medium |
P4 |
L3 |
MSC05-C |
low |
unlikely |
medium |
P2 |
L3 |
MSC06-C |
medium |
probable |
medium |
P8 |
L2 |
MSC07-C |
low |
unlikely |
medium |
P2 |
L3 |
MSC08-C |
medium |
unlikely |
high |
P2 |
L3 |
MSC09-C |
medium |
unlikely |
medium |
P4 |
L3 |
MSC10-C |
medium |
unlikely |
high |
P2 |
L3 |
MSC11-C |
low |
unlikely |
high |
P1 |
L3 |
MSC12-C |
low |
unlikely |
medium |
P2 |
L3 |
MSC13-C |
low |
unlikely |
medium |
P2 |
L3 |
MSC14-C |
low |
unlikely |
medium |
P2 |
L3 |
MSC15-C |
high |
likely |
medium |
P18 |
L1 |
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
MSC30-C |
medium |
unlikely |
low |
P6 |
L2 |
MSC31-C |
low |
probable |
medium |
P4 |
L3 |