Use type definitions (typedef) to improve code readability.

Noncompliant Code Example

The following declaration of the signal() function is difficult to read and comprehend.

void (*signal(int, void (*)(int)))(int);

Compliant Solution

This compliant solution makes use of type definitions to specify the same type as in the noncompliant code example.

typedef void (*SighandlerType)(int signum);
extern SighandlerType signal(
  int signum,
  SighandlerType handler
);

Risk Assessment

Code readability is important for discovering and eliminating vulnerabilities.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

DCL05-C

low

unlikely

medium

P2

L3

Automated Detection

Tool

Version

Checker

Description

LDRA tool suite

 

 

Compass/ROSE

 

 

 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

C++ Secure Coding Standard: DCL05-CPP. Use typedefs to improve code readability

Bibliography

\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.7.7, "Type definitions"
\[[ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] "BRS Leveraging human experience"

      02. Declarations and Initialization (DCL)