SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 29 Next »

These are rules and recommendations for functions that are defined as part of the POSIX family of standards but are not included in ISO/IEC 9899-1999. These rules and recommendations are not part of the core standard because they do not apply in all C language applications and because they represent an incomplete list. The intent of providing these rules is to demonstrate how rules and recommendations for other standards or specific implementations may be integrated with the core C99 recommendations.

Recommendations

POS00-A. Avoid race conditions with multiple threads

POS01-A. Check for the existence of links

Rules

POS30-C. Use the readlink() function properly

POS31-C. Do not unlock or destroy another thread's mutex

POS32-C. Include a mutex when using bit-fields in a multi-threaded environment

POS33-C. Do not use vfork()

POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument

POS35-C. Avoid race conditions while checking for the existence of a symbolic link

Risk Assessment

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

POS00-A

2 (medium)

2 (probable)

1 (high)

P4

L3

POS01-A

2 (medium)

3 (likely)

1 (high)

P6

L2

POS02-A

1 (low)

1 (unlikely)

1 (high)

P1

L3

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

POS30-C

1 (low)

2 (probable)

2 (medium)

P4

L3

POS31-C

2 (medium)

2 (probable)

1 (high)

P4

L3

POS32-C

2 (medium)

2 (probable)

2 (medium)

P8

L2

POS33-C

1 (low)

2 (probable)

3 (low)

P6

L2

POS34-C

3 (high)

1 (unlikely)

2 (medium)

P6

L2

POS35-C

3 (high)

3 (likely)

2 (medium)

P18

L1

Related Rules and Recommendations

CON04-C. Join or detach threads even if their exit status is unimportant
ENV03-C. Sanitize the environment when invoking external programs
ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it
ENV33-C. Do not call system()
ERR32-C. Do not rely on indeterminate values of errno
FIO01-C. Be careful using functions that use file names for identification
FIO02-C. Canonicalize path names originating from tainted sources
FIO05-C. Identify files using multiple file attributes
FIO08-C. Take care when calling remove() on an open file
FIO22-C. Close files before spawning processes
FIO30-C. Exclude user input from format strings
FIO32-C. Do not perform operations on devices that are only appropriate for files
POS04-C. Avoid using PTHREAD_MUTEX_NORMAL type mutex locks
POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed
POS51-C. Avoid deadlock with POSIX threads by locking in predefined order
POS54-C. Detect and handle POSIX library errors
SIG00-C. Mask signals handled by noninterruptible signal handlers
SIG01-C. Understand implementation-specific details regarding signal handler persistence
SIG02-C. Avoid using signals to implement normal functionality

MSC31-C. Ensure that return values are compared against the proper type      13. Miscellaneous (MSC)       POS00-A. Avoid race conditions with multiple threads

  • No labels