Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

02. Declarations and Initialization (DCL)

Created by Admin, last modified by Robert Seacord on Apr 01, 2008

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Recommendations

DCL00-A. Declare immutable values using enum or const

DCL01-A. Do not reuse variable names in subscopes

DCL02-A. Use visually distinct identifiers

DCL03-A. Use a static assertion to test the value of a constant expression

DCL04-A. Take care when declaring more than one variable per declaration

DCL05-A. Use typedefs to improve code readability

DCL06-A. Use meaningful symbolic constants to represent literal values in program logic

DCL07-A. Include the appropriate type information in function declarators

DCL08-A. Properly encode relationships in constant definitions

DCL09-A. Declare functions that return an errno error code with a return type of errno_t

DCL10-A. Maintain the contract between the writer and caller of variadic functions

DCL11-A. Understand the type issues associated with variadic functions

DCL12-A. Create and use abstract data types

Rules

DCL30-C. Declare objects with appropriate storage durations

DCL31-C. Declare identifiers before using them

DCL32-C. Guarantee identifiers are unique

DCL33-C. Ensure that restrict-qualified source and destination pointers in function arguments do not reference overlapping objects

DCL34-C. Use volatile for data that cannot be cached

DCL35-C. Do not convert a function pointer to an incompatible type

DCL36-C. Do not declare an identifier with conflicting linkage classifications

Risk Assessment Summary

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
DCL00-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
DCL01-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
DCL02-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
DCL04-A	1 (low)	1 (unlikely)	3 (low)	P3	L3
DCL05-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
DCL06-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
DCL07-A	1 (low)	1 (unlikely)	3 (low)	P3	L3
DCL08-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
DCL09-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
DCL10-A	2 (medium)	2 (probable)	2 (medium)	P8	L2
DCL11-A	2 (medium)	2 (probable)	2 (medium)	P8	L2
DCL12-A	1 (low)	1 (unlikely)	1 (high)	P1	L3

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
DCL30-C	3 (high)	2 (probable)	1 (high)	P6	L2
DCL32-C	2 (medium)	1 (unlikely)	3 (low)	P6	L2
DCL33-C	2 (medium)	2 (probable)	1 (high)	P4	L3
DCL34-C	2 (medium)	1 (unlikely)	2 (medium)	P4	L3
DCL35-C	1 (low)	1 (unlikely)	3 (low)	P3	L3
DCL36-C	1 (low)	2 (probable)	3 (low)	P6	L2

PRE31-C. Never invoke an unsafe macro with arguments containing assignment, increment, decrement, volatile access, or function call CERT C Secure Coding Standard DCL00-A. Declare immutable values using enum or const

No labels