Checker | Guideline |
---|
-wc atol | INT06-C. Use strtol() or a related function to convert a string token to an integer |
-wc strcat | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
-wc strncat | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
-wc strncpy | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
-wc strtok | STR06-C. Do not assume that strtok() leaves the parse string unchanged |
0160,0161,0162,0163,0164,0165,0166,0167,0168,0169,0170,0171, | MSC15-C. Do not depend on undefined behavior |
0172,0173,0174,0175,0176,0177,0178,0179, 0184,0185,0186,0190, | MSC15-C. Do not depend on undefined behavior |
0179 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0179 (U) | FIO47-C. Use valid format strings |
0180 (C99) | FIO47-C. Use valid format strings |
0184 | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
0184 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0184 (U) | FIO47-C. Use valid format strings |
0185 | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
0185 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0185 (U) | FIO47-C. Use valid format strings |
0186 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0190 (U) | FIO47-C. Use valid format strings |
0190(U) | DCL11-C. Understand the type issues associated with variadic functions |
0191 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0191 (U) | FIO47-C. Use valid format strings |
0191,0192,0193,0194,0195,0196,0197,0198,0199,0200,0201,0203,0204, | MSC15-C. Do not depend on undefined behavior |
0192 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0192 (U) | FIO47-C. Use valid format strings |
0193 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0193 (U) | FIO47-C. Use valid format strings |
0194 (U) | FIO47-C. Use valid format strings |
0194(U) | DCL11-C. Understand the type issues associated with variadic functions |
0195 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0195 (U) | FIO47-C. Use valid format strings |
0196 (U) | FIO47-C. Use valid format strings |
0196(U) | DCL11-C. Understand the type issues associated with variadic functions |
0197 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0197 (U) | FIO47-C. Use valid format strings |
0198 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0198 (U) | FIO47-C. Use valid format strings |
0199 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0199 (U) | FIO47-C. Use valid format strings |
0200 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0200 (U) | FIO47-C. Use valid format strings |
0201 (U) | FIO47-C. Use valid format strings |
0201(U) | DCL11-C. Understand the type issues associated with variadic functions |
0202 (I) | FIO47-C. Use valid format strings |
0202,284,581,634,1434,0240,0241,0246,0551,0601, | MSC14-C. Do not introduce unnecessary platform dependencies |
0206 (U) | DCL11-C. Understand the type issues associated with variadic functions |
0206 (U) | FIO47-C. Use valid format strings |
0206, 0207,0208,0235,0275,0304,0309,0337,0400,0401,0402,0403,0543, | MSC15-C. Do not depend on undefined behavior |
0207 | DCL11-C. Understand the type issues associated with variadic functions |
0208 | DCL11-C. Understand the type issues associated with variadic functions |
0232,0233,0244,0261,0278,0321,0322,0338,0422,0423,0426,0427,0429,0430,0431,0432, | MSC40-C. Do not violate constraints |
0285 | MSC09-C. Character encoding: Use subset of ASCII for safety |
0286 | MSC09-C. Character encoding: Use subset of ASCII for safety |
0287 | MSC09-C. Character encoding: Use subset of ASCII for safety |
0288 | MSC09-C. Character encoding: Use subset of ASCII for safety |
0289 | MSC09-C. Character encoding: Use subset of ASCII for safety |
0299 | MSC09-C. Character encoding: Use subset of ASCII for safety |
0310 | EXP11-C. Do not make assumptions regarding the layout of structures with bit-fields |
0310 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
0311,431 | EXP05-C. Do not cast away a const qualification |
0312,563,674 | EXP32-C. Do not access a volatile object through a nonvolatile reference |
0339 | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
0342 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
0400 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
0401 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
0402 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
0403 [U] | EXP30-C. Do not depend on the order of evaluation for side effects |
0431(C) | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
0432 | STR38-C. Do not confuse narrow and wide character strings and functions |
0432 (C) | STR04-C. Use plain char for characters in the basic character set |
0434 (C) | DCL31-C. Declare identifiers before using them |
0435,0436,0437,0446,0447,0448,0449,0450,0451,0452,0453,0454,0456,0457,0458,0466, | MSC40-C. Do not violate constraints |
0467,0468,0469,0476,0477,0478,0481,0482,0483,0484,0485,0486,0487,0493,0494,0495, | MSC40-C. Do not violate constraints |
0487,2771,2772,2773,2761, | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
0488,2930,2931,2932,2933,2934 | EXP08-C. Ensure pointer arithmetic is used correctly |
0496,0513,0514,0515,0536,0537,0540,0541,0542,0546,0547,0550,0554,0555,0556,0557, | MSC40-C. Do not violate constraints |
0499 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
0544,0545,0602,0623,0625,0626,0630,0632,0636,0654,0658,0661,0667, | MSC15-C. Do not depend on undefined behavior |
0556 | STR30-C. Do not attempt to modify string literals |
0558,0559,0560,0561,0562,0563,0564,0565,0580,0588,0589,0590,0591,0605,0616,0619, | MSC40-C. Do not violate constraints |
0563 | EXP40-C. Do not modify constant objects |
0597 | MSC01-C. Strive for logical completeness |
0602, 4600, 4601, 4602, 4603, 4604, 4605, 4606, 4607 , 4608 | DCL37-C. Do not declare or define a reserved identifier |
0620,0621,0622,0627,0628,0629,0631,0638,0640,0641,0642,0643,0644,0645,0646,0649, | MSC40-C. Do not violate constraints |
0625 (U) | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
0633,0635,0660,0662,0830,0831,0899,1001,1002, | MSC14-C. Do not introduce unnecessary platform dependencies |
0634 (I) | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
0635 | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
0650,0651,0653,0655,0656,0657,0659,0664,0665,0671,0673,0674,0675,0677,0682,0683, | MSC40-C. Do not violate constraints |
0668,0672,0706,0745,0777,0779,0809,0813,0814,0836,0837,0848,0853, | MSC15-C. Do not depend on undefined behavior |
0674 | STR04-C. Use plain char for characters in the basic character set |
0684,0685,0690,0698,0699,0708,0709,0736,0737,0738,0746,0747,0755,0756,0757,0758, | MSC40-C. Do not violate constraints |
0688,3674,3684, 678 | ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
0695 | MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type |
0697 | EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members |
0699 | STR04-C. Use plain char for characters in the basic character set |
0724 | INT09-C. Ensure enumeration constants map to unique values |
0752 | STR05-C. Use pointers to const when referring to string literals |
0752 | STR30-C. Do not attempt to modify string literals |
0753 | STR05-C. Use pointers to const when referring to string literals |
0753 | STR30-C. Do not attempt to modify string literals |
0766,0767,0768,0774,0775,0801,0802,0803,0804,0811,0812,0821,0834,0835,0844,0845, | MSC40-C. Do not violate constraints |
0790 | FLP02-C. Avoid using floating-point numbers when precise computation is needed |
0801 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
0802 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
0811 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
0851,0852,0856,0866,0873,0877,0940,0941,0943,0944,1023,1024,1025,1033,1047,1048, | MSC40-C. Do not violate constraints |
0854,0864,0865,0867,0872,0874,0885,0887,0888,0914,0915,0942,3113,3114, | MSC15-C. Do not depend on undefined behavior |
0872 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
0880 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
0881 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
0883 | PRE06-C. Enclose header files in an inclusion guard |
0884 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
1003,1006,1008,1012,1014,1015,1019,1020,1021, | MSC14-C. Do not introduce unnecessary platform dependencies |
1022,1026,1028,1029,1034,1035,1036,1037,1038, | MSC14-C. Do not introduce unnecessary platform dependencies |
1037 | DCL38-C. Use the correct syntax when declaring a flexible array member |
1041,1042,1043,1044,1045,1046,3664 | MSC14-C. Do not introduce unnecessary platform dependencies |
1051 | ARR32-C. Ensure size arguments for variable length arrays are in a valid range |
1051 | MEM05-C. Avoid large stack allocations |
1054 | DCL21-C. Understand the storage of compound literals |
1250,1251,1252,1253,1260,1263,1274,1800,1802,1803,1804,1810,1811,1812, | INT02-C. Understand integer conversion rules |
1256,1257,1266,1290,1291,1292,1293,1294,1295,1296,1297,1298,1299,4401, | INT02-C. Understand integer conversion rules |
1272 | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
1280 | DCL16-C. Use "L," not "l," to indicate a long value |
1292,1293,4401,4421, | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
1302 | DCL31-C. Declare identifiers before using them |
1304 | DCL07-C. Include the appropriate type information in function declarators |
1312,0690 | STR11-C. Do not specify the bound of a character array initialized with a string literal |
1331,1332,1333,3002,3320,3335 | EXP37-C. Call functions with the correct number and type of arguments |
1460 | MSC01-C. Strive for logical completeness |
1470 | MSC01-C. Strive for logical completeness |
1472 | MSC01-C. Strive for logical completeness |
1500,1502,3203,3205,3206,3207,3229,3196, 2980,2981,2982,2983,2984,2985,2986 | MSC13-C. Detect and remove unused values |
1501,1503,2008,2880,2881,2882,2883,2877,3196, | MSC07-C. Detect and remove dead code |
1504 | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
1504,1505,1531,1532,3210,3218 | DCL19-C. Minimize the scope of variables and functions |
1510,778.779 | DCL40-C. Do not create incompatible declarations of the same function or object |
1520 | MEM05-C. Avoid large stack allocations |
1531 | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
1813,1820,1821,1822,1823,1824,1830,1831,1832,1833,1834,1840,1841,1842, | INT02-C. Understand integer conversion rules |
1843,1844,1850,1851,1852,1853,1854,1860,1861,1862,1863,1864,1880,1881,1882, | INT02-C. Understand integer conversion rules |
1890 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
1891 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
1892 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
1893 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
1894 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
1895 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
2,2124,2130,2132,2134 | INT02-C. Understand integer conversion rules |
2000 | MSC01-C. Strive for logical completeness |
2002 | MSC01-C. Strive for logical completeness |
2003 | MSC17-C. Finish every set of statements associated with a case label with a break statement |
2004 | MSC01-C. Strive for logical completeness |
2008 | DCL41-C. Do not declare variables inside a switch statement before the first case label |
2019 | MSC20-C. Do not use a switch statement to transfer control into a complex block |
2050 | DCL07-C. Include the appropriate type information in function declarators |
2050 | DCL31-C. Declare identifiers before using them |
2051 | DCL31-C. Declare identifiers before using them |
2100,2101,2102,2103,2104,2105,2106,2107,2109,2110,2111,2112,2113,2114, | INT02-C. Understand integer conversion rules |
2106 | STR09-C. Don't assume numeric values for expressions with type plain character |
2107 | STR09-C. Don't assume numeric values for expressions with type plain character |
2115,2116,2117,2118,2119,2120,212 | INT02-C. Understand integer conversion rules |
2212 | EXP19-C. Use braces for the body of an if, for, or while statement |
2547 | DCL01-C. Do not reuse variable names in subscopes |
2762,2763, 2766, 2767, 2768 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
2790 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
2791 (D) | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
2792 (A) | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
2793 (S) | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
2800,2801,2802,2803 | INT32-C. Ensure that operations on signed integers do not result in overflow |
2800,2801,2802,2803, | INT08-C. Verify that all integer values are in range |
2810,2811,2812,2813,2814,2820,2821,2822,2823,2824 | EXP34-C. Do not dereference null pointers |
2830 (C) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
2831 (D) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
2832 (A) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
2833 (S) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
2834 (P) | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
2840,2841,2842,2843,2844,2930, | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
2845,2846,2847,2848, | ARR38-C. Guarantee that library functions do not form invalid pointers |
2849,2930,2932,2933,2934 | ARR38-C. Guarantee that library functions do not form invalid pointers |
2850,2851,2852,2853,2900,2901,2902,2903, | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
2882 | DCL41-C. Do not declare variables inside a switch statement before the first case label |
2888 | MSC37-C. Ensure that control never reaches the end of a non-void function |
2890, 2891, 2892, 2893, 2895, 2896, 2897, 2898 | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
2905,2906,2907,2908, 2855, 2856, 2857, 2858, | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
2910 (C) | INT30-C. Ensure that unsigned integer operations do not wrap |
2910,2911,2912,2913 | INT08-C. Verify that all integer values are in range |
2911 (D) | INT30-C. Ensure that unsigned integer operations do not wrap |
2912 (A) | INT30-C. Ensure that unsigned integer operations do not wrap |
2913 (S) | INT30-C. Ensure that unsigned integer operations do not wrap |
2930, 2931, 2932, 2933, 2934 | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
2931,2932,2933,2934,2950,2951, | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
2940, 2941, 2942, 2943, 2945, 2946, 2947, 2948 | INT16-C. Do not make assumptions about representation of signed integers |
2952,2953 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
2961,2962,2963,2966,2967,2968,2971,2972,2973, 2976, 2977, 2978 | EXP33-C. Do not read uninitialized memory |
3001 | DCL20-C. Explicitly specify void when a function accepts no arguments |
3004,3344,428 | EXP16-C. Do not compare function pointers to constant values |
3007 | DCL20-C. Explicitly specify void when a function accepts no arguments |
305, 306, 309, 674 | INT36-C. Converting a pointer to integer or integer to pointer |
3103 | INT10-C. Do not assume a positive remainder when using the % operator |
3108 | MSC04-C. Use comments consistently and in a readable fashion |
3109 | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
3120 | DCL06-C. Use meaningful symbolic constants to represent literal values |
3120, 3121, 3122, 3123, 3131,3132 | EXP07-C. Do not diminish the benefits of constants by assuming their values in expressions |
3121 | DCL06-C. Use meaningful symbolic constants to represent literal values |
3122 | DCL06-C. Use meaningful symbolic constants to represent literal values |
3123 | DCL06-C. Use meaningful symbolic constants to represent literal values |
3131 | DCL06-C. Use meaningful symbolic constants to represent literal values |
3132 | DCL06-C. Use meaningful symbolic constants to represent literal values |
3200 | EXP12-C. Do not ignore values returned by functions |
3200 | ERR33-C. Detect and handle standard library errors |
3200 | POS54-C. Detect and handle POSIX library errors |
3202,3203,3205,3206,3207,3210,3219,3229,3404, | MSC07-C. Detect and remove dead code |
3204 | DCL00-C. Const-qualify immutable objects |
3217 | DCL30-C. Declare objects with appropriate storage durations |
3217 | DCL21-C. Understand the storage of compound literals |
3225 | DCL30-C. Declare objects with appropriate storage durations |
3226,3326,0400, 0401, 0402,0403 | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
3227 | DCL00-C. Const-qualify immutable objects |
3230 | DCL30-C. Declare objects with appropriate storage durations |
3232 | DCL00-C. Const-qualify immutable objects |
3234 | DCL41-C. Do not declare variables inside a switch statement before the first case label |
3236,3237,3238,3244 | MSC40-C. Do not violate constraints |
3239,3319,3438,0301,0302,0307,0475,0676,0678,0680,3311,3312,3437,1509,1510 | MSC15-C. Do not depend on undefined behavior |
3305 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
3305 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
3307 | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
3314 | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers |
3314,3326, 3344,3416 | EXP45-C. Do not perform assignments in selection statements |
3334 | DCL01-C. Do not reuse variable names in subscopes |
3335 | DCL07-C. Include the appropriate type information in function declarators |
3335 | DCL31-C. Declare identifiers before using them |
3340 | FLP30-C. Do not use floating-point variables as loop counters |
3344 | EXP20-C. Perform explicit tests to determine success, true and false, and equality |
3344,4502 | EXP17-C. Do not use a bitwise operator in place of logical operator, or vice versa |
3389 | EXP00-C. Use parentheses for precedence of operation |
3390 | EXP00-C. Use parentheses for precedence of operation |
3391 | EXP00-C. Use parentheses for precedence of operation |
3392 | EXP00-C. Use parentheses for precedence of operation |
3392 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
3393 | EXP00-C. Use parentheses for precedence of operation |
3394 | EXP00-C. Use parentheses for precedence of operation |
3395 | EXP00-C. Use parentheses for precedence of operation |
3396 | EXP00-C. Use parentheses for precedence of operation |
3397 | EXP00-C. Use parentheses for precedence of operation |
3398 | EXP00-C. Use parentheses for precedence of operation |
3399 | EXP00-C. Use parentheses for precedence of operation |
3400 | EXP00-C. Use parentheses for precedence of operation |
3401 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
3408 | DCL07-C. Include the appropriate type information in function declarators |
3409 | PRE02-C. Macro replacement lists should be parenthesized |
341 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
3410 | PRE01-C. Use parentheses within macros around parameter names |
3412 | PRE10-C. Wrap multistatement macros in a do-while loop |
3412 | PRE11-C. Do not conclude macro definitions with a semicolon |
3413 | PRE03-C. Prefer typedefs to defines for encoding types |
3415 | EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
3422,3423,3425,3470,2980,2981,2982,2983,2984,2985,2986, | MSC07-C. Detect and remove dead code |
3426,3427,3307,3110,3112,3404 | MSC12-C. Detect and remove code that has no effect |
3450 | DCL07-C. Include the appropriate type information in function declarators |
3453 | PRE00-C. Prefer inline or static functions to function-like macros |
3453 | PRE31-C. Avoid side effects in arguments to unsafe macros |
3455 | PRE31-C. Avoid side effects in arguments to unsafe macros |
3456 | PRE31-C. Avoid side effects in arguments to unsafe macros |
3456 | PRE12-C. Do not define unsafe macros |
3458 | PRE10-C. Wrap multistatement macros in a do-while loop |
3601 | PRE07-C. Avoid using repeated question marks |
3670 | MEM05-C. Avoid large stack allocations |
3673 | DCL00-C. Const-qualify immutable objects |
3673 | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
4111 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
4112 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
4113 | EXP13-C. Treat relational and equality operators as if they were nonassociative |
4116 | EXP20-C. Perform explicit tests to determine success, true and false, and equality |
4117 | FLP06-C. Convert integers to floating point for floating-point operations |
4118 | FLP06-C. Convert integers to floating point for floating-point operations |
4140 | DCL30-C. Declare objects with appropriate storage durations |
4402,4403,4404,4405,4410,4412,4413,4414,4415,4420,4421,4422,4423,4424,4425,4430, | INT02-C. Understand integer conversion rules |
4413,4414 | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
4413,4414 | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
4431,4432,4434,4435,4436,4437,4440,4441,4442,4443,4445,4446,4447, | INT02-C. Understand integer conversion rules |
4431,4441,4451 | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
4450 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
4451 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
4452 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
4453 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
4454 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
4460,4461,4463,4464,4470,4471,4480,4481, | INT02-C. Understand integer conversion rules |
4462 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
4465 | FLP34-C. Ensure that floating-point conversions are within range of the new type |
4490 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
4491 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
4492 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
4532, 4533, 4534, 4543, 4544 | INT13-C. Use bitwise operators only on unsigned operands |
627,776,0777,778,0779 | DCL23-C. Guarantee that mutually visible identifiers are unique |
696 | MEM35-C. Allocate sufficient memory for an object |
803 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
853 | PRE32-C. Do not use preprocessor directives in invocations of function-like macros |
874 | STR10-C. Do not concatenate different type of string literals |
Secondary Analysis | PRE08-C. Guarantee that header file names are unique |
Secondary analysis | PRE04-C. Do not reuse a standard header file name |
Secondary analysis | PRE09-C. Do not replace secure functions with deprecated or obsolescent functions |
Secondary analysis | DCL05-C. Use typedefs of non-pointer types only |
Warncall -wc atoi | INT06-C. Use strtol() or a related function to convert a string token to an integer |
Warncall -wc rand | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
Warncall -wc remove | FIO08-C. Take care when calling remove() on an open file |
Warncall -wc signal | SIG34-C. Do not call signal() from within interruptible signal handlers |
Warncall -wc strcpy | STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code |
Warncall -wc system | ENV33-C. Do not call system() |
Warncall -wc vfork | POS33-C. Do not use vfork() |
Warncall for scanf etc | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
Warncall remove | FIO01-C. Be careful using functions that use file names for identification |
fopen | FIO01-C. Be careful using functions that use file names for identification |
freopen | FIO01-C. Be careful using functions that use file names for identification |
rename | FIO01-C. Be careful using functions that use file names for identification |
warncall -wc rename | FIO10-C. Take care when using the rename() function |
warncall -wc system | ENV03-C. Sanitize the environment when invoking external programs |
warncall fopen | FIO06-C. Create files with appropriate access permissions |
warncall for 'gets' | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
warncall for fopen and fopen_s | FIO03-C. Do not make assumptions about fopen() and file creation |
warncall for putenv | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
warncall for realloc | MEM03-C. Clear sensitive information stored in reusable resources |
warncall for signal | SIG00-C. Mask signals handled by noninterruptible signal handlers |
warncall for signal | SIG01-C. Understand implementation-specific details regarding signal handler persistence |
warncall tmpnam, tmpfile, mktemp, tmpnam_s | FIO21-C. Do not create temporary files in shared directories |