This appendix contains guidelines for functions that are defined as part of the POSIX family of standards but are not included in ISO/IEC 9899-1999. These rules and recommendations are not part of the core standard because they do not apply in all C language applications and because they represent an incomplete set. The intent of providing these guidelines is to demonstrate how rules and recommendations for other standards or specific implementations may be integrated with the core C99 recommendations.
|
Information for Editors |
|
Information for Editors |
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
POS01-C |
medium |
likely |
high |
P6 |
L2 |
POS02-C |
high |
likely |
high |
P9 |
L2 |
POS03-C |
Medium |
Probable |
Medium |
P8 |
L2 |
POS04-C |
low |
unlikely |
medium |
P2 |
L3 |
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
POS30-C |
high |
probable |
medium |
P12 |
L1 |
POS33-C |
low |
probable |
low |
P6 |
L2 |
POS34-C |
high |
unlikely |
medium |
P6 |
L2 |
POS35-C |
high |
likely |
medium |
P18 |
L1 |
POS36-C |
high |
probable |
medium |
P12 |
L1 |
POS37-C |
high |
probable |
low |
P18 |
L1 |
POS38-C |
medium |
unlikely |
medium |
P4 |
L3 |
POS39-C |
medium |
likely |
low |
P18 |
L1 |
POS41-C |
low |
unlikely |
high |
P1 |
L3 |
POS44-C |
low |
probable |
low |
P6 |
L2 |
POS45-C |
medium |
unlikely |
medium |
P4 |
L3 |
POS47-C |
medium |
probable |
low |
P12 |
L1 |
MSC39-C. Do not call va_arg() on a va_list that has indeterminate value CERT C Secure Coding Standard