Checker
|
Guideline
|
---|
ABV.ITERATOR
|
ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
|
ASSIGCOND.CALL
|
EXP45-C. Do not perform assignments in selection statements
|
ASSIGCOND.GEN
|
EXP45-C. Do not perform assignments in selection statements
|
Can detect violations of this rule with a number of checkers
|
MSC13-C. Detect and remove unused values
|
EFFECT
|
EXP16-C. Do not compare function pointers to constant values
|
EFFECT
|
MSC12-C. Detect and remove code that has no effect or is never executed
|
FNH.MIGHT
|
MEM34-C. Only free memory allocated dynamically
|
FNH.MUST
|
MEM34-C. Only free memory allocated dynamically
|
FUM.GEN.MIGHT
|
MEM34-C. Only free memory allocated dynamically
|
FUM.GEN.MUST
|
MEM34-C. Only free memory allocated dynamically
|
IF_DEF_IN_HEADER_DECL
|
DCL36-C. Do not declare an identifier with conflicting linkage classifications
|
IF_DUPL_HEADER
|
PRE08-C. Guarantee that header file names are unique
|
IF_MISS_DECL
|
DCL31-C. Declare identifiers before using them
|
IF_MULTI_DECL
|
DCL36-C. Do not declare an identifier with conflicting linkage classifications
|
IF_MULTI_DECL
|
DCL01-C. Do not reuse variable names in subscopes
|
IF_MULTI_DEF
|
DCL01-C. Do not reuse variable names in subscopes
|
IF_MULTI_KIND
|
DCL01-C. Do not reuse variable names in subscopes
|
INCORRECT.ALLOC_SIZE
|
MEM35-C. Allocate sufficient memory for an object
|
LA_UNUSED
|
MSC01-C. Strive for logical completeness
|
LOCRET.*
|
DCL30-C. Declare objects with appropriate storage durations
|
LV_UNUSED.GEN
|
MSC07-C. Detect and remove dead code
|
LV_UNUSED.GEN
|
MSC12-C. Detect and remove code that has no effect or is never executed
|
MLK
|
MEM31-C. Free dynamically allocated memory when no longer needed
|
NNTS
|
STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
|
NNTS
|
STR03-C. Do not inadvertently truncate a string
|
NNTS.TAINTED
|
STR02-C. Sanitize data passed to complex subsystems
|
NPD.* *RNPD.*
|
EXP34-C. Do not dereference null pointers
|
PRECISION.LOSS
|
INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
|
RETVOID.IMPLICIT
|
DCL31-C. Declare identifiers before using them
|
RH.LEAK
|
FIO42-C. Close files when they are no longer needed
|
RH.LEAK
|
FIO46-C. Do not access a closed file
|
RH.LEAK
|
FIO22-C. Close files before spawning processes
|
SEMICOL
|
EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement
|
SV.CODE_INJECTION.SHELL_EXEC
|
ENV33-C. Do not call system()
|
SV.CUDS.MISSING_ABSOLUTE_PATH
|
FIO02-C. Canonicalize path names originating from tainted sources
|
SV.FIU.PERMISSIONS
|
POS36-C. Observe correct revocation order while relinquishing privileges
|
SV.FIU.PERMISSIONS
|
POS37-C. Ensure that privilege relinquishment is successful
|
SV.FMTSTR.GENERIC
|
FIO30-C. Exclude user input from format strings
|
SV.FMT_STR
|
FIO47-C. Use valid format strings
|
SV.RVT.RETVAL_NOTTESTED
|
EXP12-C. Do not ignore values returned by functions
|
SV.TAINTED.FMTSTR
|
FIO30-C. Exclude user input from format strings
|
SV.TAINTED.INJECTION
|
ENV33-C. Do not call system()
|
SV.TAINTED.INJECTION
|
STR02-C. Sanitize data passed to complex subsystems
|
SV.TAINTED.LOOP_BOUND
|
ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
|
SV.TOCTOU.FILE_ACCESS
|
FIO01-C. Be careful using functions that use file names for identification
|
SV.USAGERULES.PERMISSIONS
|
POS36-C. Observe correct revocation order while relinquishing privileges
|
SV.USAGERULES.PERMISSIONS
|
POS37-C. Ensure that privilege relinquishment is successful
|
SV.USAGERULES.PROCESS_VARIANTS
|
POS33-C. Do not use vfork()
|
SV.USAGERULES.UNINTENDED_COPY
|
MEM03-C. Clear sensitive information stored in reusable resources
|
UFM.DEREF.MIGHT
|
MEM30-C. Do not access freed memory
|
UFM.DEREF.MUST
|
MEM30-C. Do not access freed memory
|
UFM.FFM
|
MEM31-C. Free dynamically allocated memory when no longer needed
|
UFM.RETURN.MIGHT
|
MEM30-C. Do not access freed memory
|
UFM.RETURN.MUST
|
MEM30-C. Do not access freed memory
|
UFM.USE.MIGHT
|
MEM30-C. Do not access freed memory
|
UFM.USE.MUST
|
MEM30-C. Do not access freed memory
|
UNINIT.HEAP.MIGHT
|
EXP33-C. Do not read uninitialized memory
|
UNINIT.HEAP.MUST
|
EXP33-C. Do not read uninitialized memory
|
UNINIT.STACK.ARRAY.MIGHT
|
EXP33-C. Do not read uninitialized memory
|
UNINIT.STACK.ARRAY.MUST
|
EXP33-C. Do not read uninitialized memory
|
UNINIT.STACK.ARRAY.PARTIAL.MUST
|
EXP33-C. Do not read uninitialized memory
|
UNINIT.STACK.MUST
|
EXP33-C. Do not read uninitialized memory
|
UNREACH.*
|
MSC07-C. Detect and remove dead code
|
UNREACH.*
|
MSC12-C. Detect and remove code that has no effect or is never executed
|
VA_UNUSED.*
|
MSC07-C. Detect and remove dead code
|
VA_UNUSED.*
|
MSC12-C. Detect and remove code that has no effect or is never executed
|