Checker | Guideline |
|---|
| -wc atol | INT06-C. Use strtol() or a related function to convert a string token to an integer |
| -wc strcat | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
| -wc strncat | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
| -wc strncpy | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
| -wc strtok | STR06-C. Do not assume that strtok() leaves the parse string unchanged |
| 0160,0161,0162,0163,0164,0165,0166,0167,0168,0169,0170,0171, | MSC15-C. Do not depend on undefined behavior |
| 0172,0173,0174,0175,0176,0177,0178,0179, 0184,0185,0186,0190, | MSC15-C. Do not depend on undefined behavior |
| 0179 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0179 (U) | FIO47-C. Use valid format strings |
| 0180 (C99) | FIO47-C. Use valid format strings |
| 0184 | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
| 0184 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0184 (U) | FIO47-C. Use valid format strings |
| 0185 | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
| 0185 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0185 (U) | FIO47-C. Use valid format strings |
| 0186 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0190 (U) | FIO47-C. Use valid format strings |
| 0190(U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0191 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0191 (U) | FIO47-C. Use valid format strings |
| 0191,0192,0193,0194,0195,0196,0197,0198,0199,0200,0201,0203,0204, | MSC15-C. Do not depend on undefined behavior |
| 0192 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0192 (U) | FIO47-C. Use valid format strings |
| 0193 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0193 (U) | FIO47-C. Use valid format strings |
| 0194 (U) | FIO47-C. Use valid format strings |
| 0194(U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0195 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0195 (U) | FIO47-C. Use valid format strings |
| 0196 (U) | FIO47-C. Use valid format strings |
| 0196(U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0197 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0197 (U) | FIO47-C. Use valid format strings |
| 0198 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0198 (U) | FIO47-C. Use valid format strings |
| 0199 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0199 (U) | FIO47-C. Use valid format strings |
| 0200 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0200 (U) | FIO47-C. Use valid format strings |
| 0201 (U) | FIO47-C. Use valid format strings |
| 0201(U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0202 (I) | FIO47-C. Use valid format strings |
| 0202,284,581,634,1434,0240,0241,0246,0551,0601, | MSC14-C. Do not introduce unnecessary platform dependencies |
| 0206 (U) | DCL11-C. Understand the type issues associated with variadic functions |
| 0206 (U) | FIO47-C. Use valid format strings |
| 0206, 0207,0208,0235,0275,0304,0309,0337,0400,0401,0402,0403,0543, | MSC15-C. Do not depend on undefined behavior |
| 0207 | DCL11-C. Understand the type issues associated with variadic functions |
| 0208 | DCL11-C. Understand the type issues associated with variadic functions |
| 0232,0233,0244,0261,0278,0321,0322,0338,0422,0423,0426,0427,0429,0430,0431,0432, | MSC40-C. Do not violate constraints |
| 0285 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| 0286 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| 0287 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| 0288 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| 0289 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| 0299 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| 0310 | EXP11-C. Do not make assumptions regarding the layout of structures with bit-fields |
| 0310 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| 0311,431 | EXP05-C. Do not cast away a const qualification |
| 0312,563,674 | EXP32-C. Do not access a volatile object through a nonvolatile reference |
| 0339 | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| 0342 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 0400 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
| 0401 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
| 0402 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
| 0403 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
| 0431(C) | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
| 0432 | STR38-C. Do not confuse narrow and wide character strings and functions |
| 0432 (C) | STR04-C. Use plain char for characters in the basic character set |
| 0434 (C) | DCL31-C. Declare identifiers before using them |
| 0435,0436,0437,0446,0447,0448,0449,0450,0451,0452,0453,0454,0456,0457,0458,0466, | MSC40-C. Do not violate constraints |
| 0467,0468,0469,0476,0477,0478,0481,0482,0483,0484,0485,0486,0487,0493,0494,0495, | MSC40-C. Do not violate constraints |
| 0487,2771,2772,2773,2761, | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| 0488,2930,2931,2932,2933,2934 | EXP08-C. Ensure pointer arithmetic is used correctly |
| 0496,0513,0514,0515,0536,0537,0540,0541,0542,0546,0547,0550,0554,0555,0556,0557, | MSC40-C. Do not violate constraints |
| 0499 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| 0544,0545,0602,0623,0625,0626,0630,0632,0636,0654,0658,0661,0667, | MSC15-C. Do not depend on undefined behavior |
| 0556 | STR30-C. Do not attempt to modify string literals |
| 0558,0559,0560,0561,0562,0563,0564,0565,0580,0588,0589,0590,0591,0605,0616,0619, | MSC40-C. Do not violate constraints |
| 0563 | EXP40-C. Do not modify constant objects |
| 0597 | MSC01-C. Strive for logical completeness |
| 0602, 4600, 4601, 4602, 4603, 4604, 4605, 4606, 4607 , 4608 | DCL37-C. Do not declare or define a reserved identifier |
| 0620,0621,0622,0627,0628,0629,0631,0638,0640,0641,0642,0643,0644,0645,0646,0649, | MSC40-C. Do not violate constraints |
| 0625 (U) | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
| 0633,0635,0660,0662,0830,0831,0899,1001,1002, | MSC14-C. Do not introduce unnecessary platform dependencies |
| 0634 (I) | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| 0635 | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| 0650,0651,0653,0655,0656,0657,0659,0664,0665,0671,0673,0674,0675,0677,0682,0683, | MSC40-C. Do not violate constraints |
| 0668,0672,0706,0745,0777,0779,0809,0813,0814,0836,0837,0848,0853, | MSC15-C. Do not depend on undefined behavior |
| 0674 | STR04-C. Use plain char for characters in the basic character set |
| 0684,0685,0690,0698,0699,0708,0709,0736,0737,0738,0746,0747,0755,0756,0757,0758, | MSC40-C. Do not violate constraints |
| 0688,3674,3684, 678 | ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
| 0695 | MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type |
| 0697 | EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members |
| 0699 | STR04-C. Use plain char for characters in the basic character set |
| 0724 | INT09-C. Ensure enumeration constants map to unique values |
| 0752 | STR05-C. Use pointers to const when referring to string literals |
| 0752 | STR30-C. Do not attempt to modify string literals |
| 0753 | STR05-C. Use pointers to const when referring to string literals |
| 0753 | STR30-C. Do not attempt to modify string literals |
| 0766,0767,0768,0774,0775,0801,0802,0803,0804,0811,0812,0821,0834,0835,0844,0845, | MSC40-C. Do not violate constraints |
| 0790 | FLP02-C. Avoid using floating-point numbers when precise computation is needed |
| 0801 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 0802 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 0811 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 0851,0852,0856,0866,0873,0877,0940,0941,0943,0944,1023,1024,1025,1033,1047,1048, | MSC40-C. Do not violate constraints |
| 0854,0864,0865,0867,0872,0874,0885,0887,0888,0914,0915,0942,3113,3114, | MSC15-C. Do not depend on undefined behavior |
| 0872 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 0880 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 0881 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 0883 | PRE06-C. Enclose header files in an inclusion guard |
| 0884 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 1003,1006,1008,1012,1014,1015,1019,1020,1021, | MSC14-C. Do not introduce unnecessary platform dependencies |
| 1022,1026,1028,1029,1034,1035,1036,1037,1038, | MSC14-C. Do not introduce unnecessary platform dependencies |
| 1037 | DCL38-C. Use the correct syntax when declaring a flexible array member |
| 1041,1042,1043,1044,1045,1046,3664 | MSC14-C. Do not introduce unnecessary platform dependencies |
| 1051 | ARR32-C. Ensure size arguments for variable length arrays are in a valid range |
| 1051 | MEM05-C. Avoid large stack allocations |
| 1054 | DCL21-C. Understand the storage of compound literals |
| 1250,1251,1252,1253,1260,1263,1274,1800,1802,1803,1804,1810,1811,1812, | INT02-C. Understand integer conversion rules |
| 1256,1257,1266,1290,1291,1292,1293,1294,1295,1296,1297,1298,1299,4401, | INT02-C. Understand integer conversion rules |
| 1272 | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| 1280 | DCL16-C. Use "L," not "l," to indicate a long value |
| 1292,1293,4401,4421, | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| 1302 | DCL31-C. Declare identifiers before using them |
| 1304 | DCL07-C. Include the appropriate type information in function declarators |
| 1312,0690 | STR11-C. Do not specify the bound of a character array initialized with a string literal |
| 1331,1332,1333,3002,3320,3335 | EXP37-C. Call functions with the correct number and type of arguments |
| 1460 | MSC01-C. Strive for logical completeness |
| 1470 | MSC01-C. Strive for logical completeness |
| 1472 | MSC01-C. Strive for logical completeness |
| 1500,1502,3203,3205,3206,3207,3229,3196, 2980,2981,2982,2983,2984,2985,2986 | MSC13-C. Detect and remove unused values |
| 1501,1503,2008,2880,2881,2882,2883,2877,3196, | MSC07-C. Detect and remove dead code |
| 1504 | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
| 1504,1505,1531,1532,3210,3218 | DCL19-C. Minimize the scope of variables and functions |
| 1510,778.779 | DCL40-C. Do not create incompatible declarations of the same function or object |
| 1520 | MEM05-C. Avoid large stack allocations |
| 1531 | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
| 1813,1820,1821,1822,1823,1824,1830,1831,1832,1833,1834,1840,1841,1842, | INT02-C. Understand integer conversion rules |
| 1843,1844,1850,1851,1852,1853,1854,1860,1861,1862,1863,1864,1880,1881,1882, | INT02-C. Understand integer conversion rules |
| 1890 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 1891 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 1892 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 1893 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 1894 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 1895 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 2,2124,2130,2132,2134 | INT02-C. Understand integer conversion rules |
| 2000 | MSC01-C. Strive for logical completeness |
| 2002 | MSC01-C. Strive for logical completeness |
| 2003 | MSC17-C. Finish every set of statements associated with a case label with a break statement |
| 2004 | MSC01-C. Strive for logical completeness |
| 2008 | DCL41-C. Do not declare variables inside a switch statement before the first case label |
| 2019 | MSC20-C. Do not use a switch statement to transfer control into a complex block |
| 2050 | DCL07-C. Include the appropriate type information in function declarators |
| 2050 | DCL31-C. Declare identifiers before using them |
| 2051 | DCL31-C. Declare identifiers before using them |
| 2100,2101,2102,2103,2104,2105,2106,2107,2109,2110,2111,2112,2113,2114, | INT02-C. Understand integer conversion rules |
| 2106 | STR09-C. Don't assume numeric values for expressions with type plain character |
| 2107 | STR09-C. Don't assume numeric values for expressions with type plain character |
| 2115,2116,2117,2118,2119,2120,212 | INT02-C. Understand integer conversion rules |
| 2212 | EXP19-C. Use braces for the body of an if, for, or while statement |
| 2547 | DCL01-C. Do not reuse variable names in subscopes |
| 2762,2763, 2766, 2767, 2768 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| 2790 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| 2791 (D) | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| 2792 (A) | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| 2793 (S) | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| 2800,2801,2802,2803 | INT32-C. Ensure that operations on signed integers do not result in overflow |
| 2800,2801,2802,2803, | INT08-C. Verify that all integer values are in range |
| 2810,2811,2812,2813,2814,2820,2821,2822,2823,2824 | EXP34-C. Do not dereference null pointers |
| 2830 (C) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| 2831 (D) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| 2832 (A) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| 2833 (S) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| 2834 (P) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| 2840,2841,2842,2843,2844,2930, | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| 2845,2846,2847,2848, | ARR38-C. Guarantee that library functions do not form invalid pointers |
| 2849,2930,2932,2933,2934 | ARR38-C. Guarantee that library functions do not form invalid pointers |
| 2850,2851,2852,2853,2900,2901,2902,2903, | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| 2882 | DCL41-C. Do not declare variables inside a switch statement before the first case label |
| 2888 | MSC37-C. Ensure that control never reaches the end of a non-void function |
| 2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898 | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| 2905,2906,2907,2908, 2855, 2856, 2857, 2858, | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| 2910 (C) | INT30-C. Ensure that unsigned integer operations do not wrap |
| 2910,2911,2912,2913 | INT08-C. Verify that all integer values are in range |
| 2911 (D) | INT30-C. Ensure that unsigned integer operations do not wrap |
| 2912 (A) | INT30-C. Ensure that unsigned integer operations do not wrap |
| 2913 (S) | INT30-C. Ensure that unsigned integer operations do not wrap |
| 2930, 2931, 2932, 2933, 2934 | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| 2931,2932,2933,2934,2950,2951, | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| 2940, 2941, 2942, 2943, 2945, 2946, 2947, 2948 | INT16-C. Do not make assumptions about representation of signed integers |
| 2952,2953 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| 2961,2962,2963,2966,2967,2968,2971,2972,2973, 2976, 2977, 2978 | EXP33-C. Do not read uninitialized memory |
| 3001 | DCL20-C. Explicitly specify void when a function accepts no arguments |
| 3004,3344,428 | EXP16-C. Do not compare function pointers to constant values |
| 3007 | DCL20-C. Explicitly specify void when a function accepts no arguments |
| 305, 306, 309, 674 | INT36-C. Converting a pointer to integer or integer to pointer |
| 3103 | INT10-C. Do not assume a positive remainder when using the % operator |
| 3108 | MSC04-C. Use comments consistently and in a readable fashion |
| 3109 | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
| 3120 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| 3120, 3121, 3122, 3123, 3131,3132 | EXP07-C. Do not diminish the benefits of constants by assuming their values in expressions |
| 3121 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| 3122 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| 3123 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| 3131 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| 3132 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| 3200 | EXP12-C. Do not ignore values returned by functions |
| 3200 | ERR33-C. Detect and handle standard library errors |
| 3200 | POS54-C. Detect and handle POSIX library errors |
| 3202,3203,3205,3206,3207,3210,3219,3229,3404, | MSC07-C. Detect and remove dead code |
| 3204 | DCL00-C. Const-qualify immutable objects |
| 3217 | DCL30-C. Declare objects with appropriate storage durations |
| 3217 | DCL21-C. Understand the storage of compound literals |
| 3225 | DCL30-C. Declare objects with appropriate storage durations |
| 3226,3326,0400, 0401, 0402,0403 | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| 3227 | DCL00-C. Const-qualify immutable objects |
| 3230 | DCL30-C. Declare objects with appropriate storage durations |
| 3232 | DCL00-C. Const-qualify immutable objects |
| 3234 | DCL41-C. Do not declare variables inside a switch statement before the first case label |
| 3236,3237,3238,3244 | MSC40-C. Do not violate constraints |
| 3239,3319,3438,0301,0302,0307,0475,0676,0678,0680,3311,3312,3437,1509,1510 | MSC15-C. Do not depend on undefined behavior |
| 3305 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| 3305 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| 3307 | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| 3314 | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers |
| 3314,3326, 3344,3416 | EXP45-C. Do not perform assignments in selection statements |
| 3334 | DCL01-C. Do not reuse variable names in subscopes |
| 3335 | DCL07-C. Include the appropriate type information in function declarators |
| 3335 | DCL31-C. Declare identifiers before using them |
| 3340 | FLP30-C. Do not use floating-point variables as loop counters |
| 3344 | EXP20-C. Perform explicit tests to determine success, true and false, and equality |
| 3344,4502 | EXP17-C. Do not use a bitwise operator in place of logical operator, or vice versa |
| 3389 | EXP00-C. Use parentheses for precedence of operation |
| 3390 | EXP00-C. Use parentheses for precedence of operation |
| 3391 | EXP00-C. Use parentheses for precedence of operation |
| 3392 | EXP00-C. Use parentheses for precedence of operation |
| 3392 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
| 3393 | EXP00-C. Use parentheses for precedence of operation |
| 3394 | EXP00-C. Use parentheses for precedence of operation |
| 3395 | EXP00-C. Use parentheses for precedence of operation |
| 3396 | EXP00-C. Use parentheses for precedence of operation |
| 3397 | EXP00-C. Use parentheses for precedence of operation |
| 3398 | EXP00-C. Use parentheses for precedence of operation |
| 3399 | EXP00-C. Use parentheses for precedence of operation |
| 3400 | EXP00-C. Use parentheses for precedence of operation |
| 3401 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
| 3408 | DCL07-C. Include the appropriate type information in function declarators |
| 3409 | PRE02-C. Macro replacement lists should be parenthesized |
| 341 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 3410 | PRE01-C. Use parentheses within macros around parameter names |
| 3412 | PRE10-C. Wrap multistatement macros in a do-while loop |
| 3412 | PRE11-C. Do not conclude macro definitions with a semicolon |
| 3413 | PRE03-C. Prefer typedefs to defines for encoding types |
| 3415 | EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
| 3422,3423,3425,3470,2980,2981,2982,2983,2984,2985,2986, | MSC07-C. Detect and remove dead code |
| 3426,3427,3307,3110,3112,3404 | MSC12-C. Detect and remove code that has no effect |
| 3450 | DCL07-C. Include the appropriate type information in function declarators |
| 3453 | PRE00-C. Prefer inline or static functions to function-like macros |
| 3453 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| 3455 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| 3456 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| 3456 | PRE12-C. Do not define unsafe macros |
| 3458 | PRE10-C. Wrap multistatement macros in a do-while loop |
| 3601 | PRE07-C. Avoid using repeated question marks |
| 3670 | MEM05-C. Avoid large stack allocations |
| 3673 | DCL00-C. Const-qualify immutable objects |
| 3673 | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
| 4111 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
| 4112 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
| 4113 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
| 4116 | EXP20-C. Perform explicit tests to determine success, true and false, and equality |
| 4117 | FLP06-C. Convert integers to floating point for floating-point operations |
| 4118 | FLP06-C. Convert integers to floating point for floating-point operations |
| 4140 | DCL30-C. Declare objects with appropriate storage durations |
| 4402,4403,4404,4405,4410,4412,4413,4414,4415,4420,4421,4422,4423,4424,4425,4430, | INT02-C. Understand integer conversion rules |
| 4413,4414 | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| 4413,4414 | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
| 4431,4432,4434,4435,4436,4437,4440,4441,4442,4443,4445,4446,4447, | INT02-C. Understand integer conversion rules |
| 4431,4441,4451 | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| 4450 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| 4451 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| 4452 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| 4453 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| 4454 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| 4460,4461,4463,4464,4470,4471,4480,4481, | INT02-C. Understand integer conversion rules |
| 4462 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| 4465 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| 4490 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 4491 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 4492 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| 4532, 4533, 4534, 4543, 4544 | INT13-C. Use bitwise operators only on unsigned operands |
| 627,776,0777,778,0779 | DCL23-C. Guarantee that mutually visible identifiers are unique |
| 696 | MEM35-C. Allocate sufficient memory for an object |
| 803 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| 853 | PRE32-C. Do not use preprocessor directives in invocations of function-like macros |
| 874 | STR10-C. Do not concatenate different type of string literals |
| Secondary Analysis | PRE08-C. Guarantee that header file names are unique |
| Secondary analysis | PRE04-C. Do not reuse a standard header file name |
| Secondary analysis | PRE09-C. Do not replace secure functions with deprecated or obsolescent functions |
| Secondary analysis | DCL05-C. Use typedefs of non-pointer types only |
| Warncall -wc atoi | INT06-C. Use strtol() or a related function to convert a string token to an integer |
| Warncall -wc rand | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
| Warncall -wc remove | FIO08-C. Take care when calling remove() on an open file |
| Warncall -wc signal | SIG34-C. Do not call signal() from within interruptible signal handlers |
| Warncall -wc strcpy | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
| Warncall -wc system | ENV33-C. Do not call system() |
| Warncall -wc vfork | POS33-C. Do not use vfork() |
| Warncall for scanf etc | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
| Warncall remove | FIO01-C. Be careful using functions that use file names for identification |
| fopen | FIO01-C. Be careful using functions that use file names for identification |
| freopen | FIO01-C. Be careful using functions that use file names for identification |
| rename | FIO01-C. Be careful using functions that use file names for identification |
| warncall -wc rename | FIO10-C. Take care when using the rename() function |
| warncall -wc system | ENV03-C. Sanitize the environment when invoking external programs |
| warncall fopen | FIO06-C. Create files with appropriate access permissions |
| warncall for 'gets' | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| warncall for fopen and fopen_s | FIO03-C. Do not make assumptions about fopen() and file creation |
| warncall for putenv | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
| warncall for realloc | MEM03-C. Clear sensitive information stored in reusable resources |
| warncall for signal | SIG00-C. Mask signals handled by noninterruptible signal handlers |
| warncall for signal | SIG01-C. Understand implementation-specific details regarding signal handler persistence |
| warncall tmpnam, tmpfile, mktemp, tmpnam_s | FIO21-C. Do not create temporary files in shared directories |