This page is automatically generated from the "Automated Detection" sections in the individual guidelines. Do not modify this page directly.
Version number: v8.1
C checkers
Guideline
0160
MSC15-C. Do not depend on undefined behavior
0202
MSC14-C. Do not introduce unnecessary platform dependencies
0310
EXP39-C. Do not access a variable through a pointer of an incompatible type
2931
ARR38-C. Guarantee that library functions do not form invalid pointers
3409
PRE02-C. Macro replacement lists should be parenthesized
3410
PRE01-C. Use parentheses within macros around parameter names
3412
PRE10-C. Wrap multi-statement macros in a do-while loop
PRE11-C. Do not conclude macro definitions with a semicolon
3453
PRE00-C. Prefer inline or static functions to function-like macros
3458
ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer
ARR30-C. Do not form or use out of bounds pointers or array subscripts
ARR31-C. Use consistent array notation across all source files
ARR32-C. Ensure size arguments for variable length arrays are in a valid range
ARR34-C. Ensure that array types in expressions are compatible
ARR36-C. Do not subtract or compare two pointers that do not refer to the same array
DCL00-C. Const-qualify immutable objects
DCL01-C. Do not reuse variable names in subscopes
DCL02-C. Use visually distinct identifiers
DCL03-C. Use a static assertion to test the value of a constant expression
DCL04-C. Do not declare more than one variable per declaration
DCL05-C. Use typedefs to improve code readability
DCL06-C. Use meaningful symbolic constants to represent literal values
DCL07-C. Include the appropriate type information in function declarators
DCL10-C. Maintain the contract between the writer and caller of variadic functions
DCL11-C. Understand the type issues associated with variadic functions
DCL13-C. Declare function parameters that are pointers to values not changed by the function as const
DCL15-C. Declare file-scope objects or functions that do not need external linkage as static
DCL16-C. Use 'L', not 'l', to indicate a long value
DCL30-C. Declare objects with appropriate storage durations
DCL31-C. Declare identifiers before using them
DCL32-C. Guarantee that mutually visible identifiers are unique
DCL34-C. Use volatile for data that cannot be cached
DCL35-C. Do not invoke a function using a type that does not match the function definition
DCL36-C. Do not declare an identifier with conflicting linkage classifications
ENV03-C. Sanitize the environment when invoking external programs
ENV04-C. Do not call system() if you do not need a command processor
ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it
EXP00-C. Use parentheses for precedence of operation
EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators
EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members
EXP05-C. Do not cast away a const qualification
EXP06-C. Operands to the sizeof operator should not contain side effects
EXP07-C. Do not diminish the benefits of constants by assuming their values in expressions
EXP08-C. Ensure pointer arithmetic is used correctly
EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place
EXP11-C. Do not apply operators expecting one type to data of an incompatible type
EXP12-C. Do not ignore values returned by functions
EXP13-C. Treat relational and equality operators as if they were nonassociative
EXP30-C. Do not depend on order of evaluation between sequence points
EXP31-C. Avoid side effects in assertions
EXP32-C. Do not access a volatile object through a non-volatile reference
EXP33-C. Do not reference uninitialized memory
EXP34-C. Do not dereference null pointers
EXP36-C. Do not convert pointers into more strictly aligned pointer types
EXP37-C. Call functions with the arguments intended by the API
FIO00-C. Take care when creating format strings
FIO01-C. Be careful using functions that use file names for identification
FIO03-C. Do not make assumptions about fopen() and file creation
FIO04-C. Detect and handle input and output errors
FIO06-C. Create files with appropriate access permissions
FIO07-C. Prefer fseek() to rewind()
FIO08-C. Take care when calling remove() on an open file
FIO10-C. Take care when using the rename() function
FIO12-C. Prefer setvbuf() to setbuf()
FIO43-C. Do not create temporary files in shared directories
FLP02-C. Avoid using floating point numbers when precise computation is needed
FLP03-C. Detect and handle floating point errors
FLP30-C. Do not use floating point variables as loop counters
FLP33-C. Convert integers to floating point for floating point operations
FLP34-C. Ensure that floating point conversions are within range of the new type
INT00-C. Understand the data model used by your implementation(s)
INT02-C. Understand integer conversion rules
INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs
INT06-C. Use strtol() or a related function to convert a string token to an integer
INT07-C. Use only explicitly signed or unsigned char type for numeric values
INT08-C. Verify that all integer values are in range
INT09-C. Ensure enumeration constants map to unique values
INT10-C. Do not assume a positive remainder when using the % operator
INT11-C. Take care when converting from pointer to integer or integer to pointer
INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression
INT13-C. Use bitwise operators only on unsigned operands
INT30-C. Ensure that unsigned integer operations do not wrap
INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
INT32-C. Ensure that operations on signed integers do not result in overflow
INT33-C. Ensure that division and modulo operations do not result in divide-by-zero errors
INT34-C. Do not shift a negative number of bits or more bits than exist in the operand
INT35-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type
MEM03-C. Clear sensitive information stored in reusable resources
MEM05-C. Avoid large stack allocations
MSC00-C. Compile cleanly at high warning levels
MSC01-C. Strive for logical completeness
MSC02-C. Avoid errors of omission
MSC07-C. Detect and remove dead code
MSC09-C. Character Encoding - Use Subset of ASCII for Safety
MSC12-C. Detect and remove code that has no effect
MSC13-C. Detect and remove unused values
MSC30-C. Do not use the rand() function for generating pseudorandom numbers
MSC31-C. Ensure that return values are compared against the proper type
POS33-C. Do not use vfork()
POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument
PRE03-C. Prefer typedefs to defines for encoding types
PRE04-C. Do not reuse a standard header file name
PRE06-C. Enclose header files in an inclusion guard
PRE07-C. Avoid using repeated question marks
PRE08-C. Guarantee that header file names are unique
PRE31-C. Avoid side-effects in arguments to unsafe macros
Secondary Analysis
PRE09-C. Do not replace secure functions with deprecated or obsolescent functions
SIG00-C. Mask signals handled by noninterruptible signal handlers
SIG01-C. Understand implementation-specific details regarding signal handler persistence
SIG34-C. Do not call signal() from within interruptible signal handlers
STR04-C. Use plain char for characters in the basic character set
STR05-C. Use pointers to const when referring to string literals
STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code
STR30-C. Do not attempt to modify string literals
STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
STR34-C. Cast characters to unsigned char before converting to larger integer sizes
STR35-C. Do not copy data from an unbounded source to a fixed-length array
STR36-C. Do not specify the bound of a character array initialized with a string literal
STR37-C. Arguments to character handling functions must be representable as an unsigned char