SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 93 Next »

Generated Content

This page is automatically generated from the "Automated Detection" sections in the individual guidelines. Do not modify this page directly.

Version number:
6.5

C checkers

Guideline

ARRAY_VS_SINGLETON

ARR30-C. Do not form or use out-of-bounds pointers or array subscripts

ASSERT_SIDE_EFFECT

MSC11-C. Incorporate diagnostic tests using assertions

ASSERT_SIDE_EFFECTS

PRE31-C. Avoid side effects in arguments to unsafe macros

BAD_ALLOC_STRLEN

MEM35-C. Allocate sufficient memory for an object

BAD_COMPARE

EXP16-C. Do not compare function pointers to constant values

BAD_FREE

MEM34-C. Only free memory allocated dynamically

BUFFER_SIZE

ARR38-C. Guarantee that library functions do not form invalid pointers

CHAR_IO

FIO34-C. Distinguish between characters read from a file and EOF or WEOF

CHECKED_RETURN

ERR33-C. Detect and handle standard library errors

CHECKED_RETURN

EXP12-C. Do not ignore values returned by functions

CHECKED_RETURN

EXP34-C. Do not dereference null pointers

CHECKED_RETURN

POS54-C. Detect and handle POSIX library errors

CONSTANT_EXPRESSION_RESULT

EXP17-C. Do not use a bitwise operator in place of logical operator, or vice versa

DEADCODE

MSC07-C. Detect and remove dead code

DEADLOCK

CON35-C. Avoid deadlock by locking in a predefined order

DIVIDE_BY_ZERO

INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors

EVALUATION_ORDER

EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place

EVALUATION_ORDER

EXP30-C. Do not depend on the order of evaluation for side effects

FORWARD_NULL

EXP34-C. Do not dereference null pointers

INTEGER_OVERFLOW

INT30-C. Ensure that unsigned integer operations do not wrap

LINKAGE_CONFLICT

DCL36-C. Do not declare an identifier with conflicting linkage classifications

LOCK

CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction

MISRA_CAST

FLP34-C. Ensure that floating-point conversions are within range of the new type

MISRA_CAST

INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data

MISSING_BREAK

MSC17-C. Finish every set of statements associated with a case label with a break statement

MISSING_LOCK

CON00-C. Avoid race conditions with multiple threads

NEGATIVE_RETURNS

ARR30-C. Do not form or use out-of-bounds pointers or array subscripts

NEGATIVE_RETURNS

INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data

NO_EFFECT

EXP33-C. Do not read uninitialized memory

NO_EFFECT

MSC12-C. Detect and remove code that has no effect

NULL_RETURNS

EXP34-C. Do not dereference null pointers

OPEN_ARGS

FIO03-C. Do not make assumptions about fopen() and file creation

OVERFLOW_BEFORE_WIDEN

INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size

OVERRUN_DYNAMIC

ARR30-C. Do not form or use out-of-bounds pointers or array subscripts

OVERRUN_STATIC

ARR30-C. Do not form or use out-of-bounds pointers or array subscripts

POINTER_CONVERSION_LOSES_BITS

INT36-C. Converting a pointer to integer or integer to pointer

RACE_CONDITION

CON32-C. Prevent data races when accessing bit-fields from multiple threads

READLINK

POS30-C. Use the readlink() function properly

RESOURCE_LEAK

MEM00-C. Allocate and free memory in the same module, at the same level of abstraction

RESOURCE_LEAK

MEM31-C. Free dynamically allocated memory when no longer needed

RETURN_LOCAL

DCL30-C. Declare objects with appropriate storage durations

REVERSE_INULL

EXP34-C. Do not dereference null pointers

REVERSE_NEGATIVE

ARR32-C. Ensure size arguments for variable length arrays are in a valid range

REVERSE_NEGATIVE

INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data

SECURE_CODING

STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator

SECURE_TEMP

FIO21-C. Do not create temporary files in shared directories

SIZECHECK

MEM35-C. Allocate sufficient memory for an object

STACK_USE

MEM05-C. Avoid large stack allocations

STRING_NULL

STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string

STRING_OVERFLOW

STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator

STRING_SIZE

STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator

TAINTED_STATIC

INT32-C. Ensure that operations on signed integers do not result in overflow

TAINTED_STRING

STR02-C. Sanitize data passed to complex subsystems

TAINTED_STRING_WARNING

FIO30-C. Exclude user input from format strings

TOCTOU

FIO01-C. Be careful using functions that use file names for identification

UNCAUGHT_EXCEPT

ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure

UNINIT

EXP33-C. Do not read uninitialized memory

UNREACHABLE

MSC07-C. Detect and remove dead code

UNUSED_VALUE

MSC13-C. Detect and remove unused values

USE_AFTER_FREE

MEM01-C. Store a new value in pointers immediately after free()

USE_AFTER_FREE

MEM30-C. Do not access freed memory

>

  • No labels