CERT
Skip to end of metadata
Go to start of metadata

This page was automatically generated and should not be edited.

The information on this page was provided by outside contributors and has not been verified by SEI CERT.

The table below can be re-ordered, by clicking column headers.

Tool Version: 10.3

Checker

Guideline

BD-BP-NOTINIT EXP33-C. Do not read uninitialized memory
BD-PB-ARRAY ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
BD-PB-ARRAY FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful
BD-PB-ARRAY EXP08-C. Ensure pointer arithmetic is used correctly
BD-PB-ARRAY INT10-C. Do not assume a positive remainder when using the % operator
BD-PB-ARRAY MSC19-C. For functions that return an array, prefer returning an empty array over a null value
BD-PB-CC EXP45-C. Do not perform assignments in selection statements
BD-PB-CC EXP16-C. Do not compare function pointers to constant values
BD-PB-NP EXP34-C. Do not dereference null pointers
BD-PB-NP ERR33-C. Detect and handle standard library errors
BD-PB-NP POS54-C. Detect and handle POSIX library errors
BD-PB-NP MSC19-C. For functions that return an array, prefer returning an empty array over a null value
BD-PB-OVERFNZT STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
BD-PB-OVERFNZT POS30-C. Use the readlink() function properly
BD-PB-OVERFWR STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
BD-PB-OVERFWR API01-C. Avoid laying out strings in memory directly before sensitive data
BD-PB-OVERFWR ENV01-C. Do not make assumptions about the size of an environment variable
BD-PB-OVERF{RD,WR,FMT,NZT} ARR38-C. Guarantee that library functions do not form invalid pointers
BD-PB-OVERNZT STR03-C. Do not inadvertently truncate a string
BD-PB-SWITCH MSC07-C. Detect and remove dead code
BD-PB-SWITCH MSC12-C. Detect and remove code that has no effect or is never executed
BD-PB-ZERO INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
BD-PB-ZERO FLP03-C. Detect and handle floating-point errors
BD-RES-FREE MEM30-C. Do not access freed memory
BD-RES-FREE FIO46-C. Do not access a closed file
BD-RES-FREE CON31-C. Do not destroy a mutex while it is locked
BD-RES-FREE MEM01-C. Store a new value in pointers immediately after free()
BD-RES-INVFREE MEM34-C. Only free memory allocated dynamically
BD-RES-INVFREE CON31-C. Do not destroy a mutex while it is locked
BD-RES-LEAK MEM31-C. Free dynamically allocated memory when no longer needed
BD-RES-LEAK MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources
BD-RES-LEAKS FIO42-C. Close files when they are no longer needed
BD-RES-LEAKS CON30-C. Clean up thread-specific storage
BD-RES-LEAKS WIN30-C. Properly pair allocation and deallocation functions
BD-SECURITY-INTOVERF INT04-C. Enforce limits on integer values originating from tainted sources
BD-SECURITY-OVERFRD INT04-C. Enforce limits on integer values originating from tainted sources
BD-SECURITY-OVERFWR INT04-C. Enforce limits on integer values originating from tainted sources
BD-SECURITY-{TDCMD,TDFNAMES,TDSQL} STR02-C. Sanitize data passed to complex subsystems
BD-TRS-DLOCK CON35-C. Avoid deadlock by locking in a predefined order
BD-TRS-LOCK CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction
BD-TRS-TSHL POS52-C. Do not perform operations that can block while holding a POSIX lock
BD-TRS-TSHL CON05-C. Do not perform operations that can block while holding a lock
CERT-EXP-19 EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement
CODSTA-11 MSC11-C. Incorporate diagnostic tests using assertions
CODSTA-16 STR11-C. Do not specify the bound of a character array initialized with a string literal
CODSTA-26 DCL06-C. Use meaningful symbolic constants to represent literal values
CODSTA-60 EXP20-C. Perform explicit tests to determine success, true and false, and equality
CODSTA-69 STR09-C. Don't assume numeric values for expressions with type plain character
CODSTA-86 API00-C. Functions should validate their parameters
CODSTA-97 EXP00-C. Use parentheses for precedence of operation
CODSTA-117 DCL18-C. Do not begin integer constants with 0 when specifying a decimal value
CODSTA-121 EXP43-C. Avoid undefined behavior when using restrict-qualified pointers
CODSTA-122_{a,b} ERR33-C. Detect and handle standard library errors
CODSTA-122_{a,b} POS54-C. Detect and handle POSIX library errors
CODSTA-122_{a,b} EXP12-C. Do not ignore values returned by functions
CODSTA-123 PRE31-C. Avoid side effects in arguments to unsafe macros
CODSTA-123 FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
CODSTA-CPP-53 DCL00-C. Const-qualify immutable objects
COMMENT-13 MSC04-C. Use comments consistently and in a readable fashion
Detect at runtime MEM34-C. Only free memory allocated dynamically
Detects accessing freed memory at runtime MEM30-C. Do not access freed memory
Detects dangling pointers at runtime MEM01-C. Store a new value in pointers immediately after free()
Detects leaks at runtime MEM31-C. Free dynamically allocated memory when no longer needed
FORMAT-33 DCL04-C. Do not declare more than one variable per declaration
JSF-166{b,c} EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic
JSF-193 MSC17-C. Finish every set of statements associated with a case label with a break statement
JSF-203 MSC14-C. Do not introduce unnecessary platform dependencies
JSF-203 MSC15-C. Do not depend on undefined behavior
MEM-18 MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
MEM-19 MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
MEM-20 MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
MISRA2004-4_2-3 PRE07-C. Avoid using repeated question marks
MISRA2004-5_2_{a,b} DCL01-C. Do not reuse variable names in subscopes
MISRA2004-6_1 STR00-C. Represent characters using an appropriate type
MISRA2004-6_1 STR04-C. Use plain char for characters in the basic character set
MISRA2004-6_{1,2} INT07-C. Use only explicitly signed or unsigned char type for numeric values
MISRA2004-7_1_a DCL18-C. Do not begin integer constants with 0 when specifying a decimal value
MISRA2004-9_3 INT09-C. Ensure enumeration constants map to unique values
MISRA2004-10_1_d FLP34-C. Ensure that floating-point conversions are within range of the new type
MISRA2004-10_1_d FIO34-C. Distinguish between characters read from a file and EOF or WEOF
MISRA2004-10_2_{b,c,d} FLP03-C. Detect and handle floating-point errors
MISRA2004-11_4 EXP36-C. Do not cast pointers into more strictly aligned pointer types
MISRA2004-11_5 EXP32-C. Do not access a volatile object through a nonvolatile reference
MISRA2004-11_5 EXP05-C. Do not cast away a const qualification
MISRA2004-12_2_{a,b,c,d} EXP30-C. Do not depend on the order of evaluation for side effects
MISRA2004-12_2_{a,b,c,d} FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
MISRA2004-12_2_{a,b,c,d} EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place
MISRA2004-12_4a EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators
MISRA2004-12_6_{a,b} EXP46-C. Do not use a bitwise operator with a Boolean-like operand
MISRA2004-13_3 FLP00-C. Understand the limitations of floating-point numbers
MISRA2004-13_3 FLP02-C. Avoid using floating-point numbers when precise computation is needed
MISRA2004-14_8 EXP19-C. Use braces for the body of an if, for, or while statement
MISRA2004-15_0_b DCL41-C. Do not declare variables inside a switch statement before the first case label
MISRA2004-15_3 MSC01-C. Strive for logical completeness
MISRA2004-16_6 DCL20-C. Explicitly specify void when a function accepts no arguments
MISRA2004-16_7_b DCL05-C. Use typedefs of non-pointer types only
MISRA2004-17_6_{a,b} DCL30-C. Declare objects with appropriate storage durations
MISRA2004-19_7 PRE00-C. Prefer inline or static functions to function-like macros
MISRA2004-19_8 MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro
MISRA2004-19_10 PRE01-C. Use parentheses within macros around parameter names
MISRA2004-20_1_a DCL37-C. Do not declare or define a reserved identifier
MISRA2004-20_7 MSC22-C. Use the setjmp(), longjmp() facility securely
MISRA2004-20_10 ERR34-C. Detect errors when converting a string to a number
MISRA2005-16_7 DCL13-C. Declare function parameters that are pointers to values not changed by the function as const
MISRA2008-0_1_3_b MSC13-C. Detect and remove unused values
MISRA2008-0_1_{a,b,c,d,e,f,g} MSC07-C. Detect and remove dead code
MISRA2008-0_1_{a,b,c,d,e,f,g} MSC12-C. Detect and remove code that has no effect or is never executed
MISRA2008-2_13_5 STR10-C. Do not concatenate different type of string literals
MISRA2008-5_0_17 ARR36-C. Do not subtract or compare two pointers that do not refer to the same array
MISRA2008-5_0_21 INT13-C. Use bitwise operators only on unsigned operands
MISRA2008-5_0_21 INT16-C. Do not make assumptions about representation of signed integers
MISRA2008-5_2_8 INT36-C. Converting a pointer to integer or integer to pointer
MISRA2008-9_6_2 INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression
MISRA2012-RULE-3_1{a,b,c} MSC04-C. Use comments consistently and in a readable fashion
MISRA2012-RULE-15_7 MSC01-C. Strive for logical completeness
MISRA2012-RULE-17_4 MSC37-C. Ensure that control never reaches the end of a non-void function
MISRA2012-RULE-21_5_b SIG34-C. Do not call signal() from within interruptible signal handlers
MISRA2012-RULE-21_5_b CON37-C. Do not call signal() in a multithreaded program
MISRA2012-RULE-21_5_b POS44-C. Do not use signals to terminate threads
MISRA2012-RULE-21_5_b SIG00-C. Mask signals handled by noninterruptible signal handlers
MISRA2012-RULE-21_5_b SIG01-C. Understand implementation-specific details regarding signal handler persistence
MISRA2012-RULE-21_5_b SIG02-C. Avoid using signals to implement normal functionality
MISRA2012-RULE-21_7 ERR07-C. Prefer functions that support error checking over equivalent functions that don't
MISRA2012-RULE-21_8 ENV33-C. Do not call system()
MISRA2012-RULE-21_8 ERR04-C. Choose an appropriate termination strategy
MISRA2012-RULE-21_8 ERR05-C. Application-independent code should provide error detection without dictating error handling
MISRA2012-RULE-21_10 MSC33-C. Do not pass invalid data to the asctime() function
MISRA2012-RULE-21_{7,8} MSC24-C. Do not use deprecated or obsolescent functions
MISRA-005 MSC09-C. Character encoding: Use subset of ASCII for safety
MISRA-11_5 EXP40-C. Do not modify constant objects
MISRA-020 DCL31-C. Declare identifiers before using them
MISRA-023 DCL15-C. Declare file-scope objects or functions that do not need external linkage as static
MISRA-024 DCL36-C. Do not declare an identifier with conflicting linkage classifications
MISRA-038 INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
MISRA-043_{c,d} FLP36-C. Preserve precision when converting integral values to floating-point type
MISRA-043_{c,d} FLP06-C. Convert integers to floating point for floating-point operations
MISRA-043{b} EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int
MISRA-043{b} INT02-C. Understand integer conversion rules
MISRA-043{b} INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
MISRA-046_a CON02-C. Do not use volatile as a synchronization primitive
MISRA-065 FLP30-C. Do not use floating-point variables as loop counters
MISRA-096 PRE02-C. Macro replacement lists should be parenthesized
MISRA-101 EXP08-C. Ensure pointer arithmetic is used correctly
MRM-07 EXP42-C. Do not compare padding data
MRM-09 MEM01-C. Store a new value in pointers immediately after free()
MRM-10 MEM01-C. Store a new value in pointers immediately after free()
MRM-11 MEM01-C. Store a new value in pointers immediately after free()
MRM-39 ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure
MRM-45 MEM35-C. Allocate sufficient memory for an object
NAMING-44 DCL02-C. Use visually distinct identifiers
OPT-01 DCL19-C. Minimize the scope of variables and functions
PB-27 STR30-C. Do not attempt to modify string literals
PB-32 ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array
PB-45 FIO47-C. Use valid format strings
PB-46 FIO47-C. Use valid format strings
PB-47 FIO47-C. Use valid format strings
PB-48 FIO47-C. Use valid format strings
PB-49 FIO47-C. Use valid format strings
PB-50 FIO47-C. Use valid format strings
PB-51 ARR37-C. Do not add or subtract an integer to a pointer to a non-array object
PFO-02 PRE06-C. Enclose header files in an inclusion guard
PORT-01 DCL16-C. Use "L," not "l," to indicate a long value
runtime DCL40-C. Do not create incompatible declarations of the same function or object
Runtime DCL11-C. Understand the type issues associated with variadic functions
Runtime analysis EXP33-C. Do not read uninitialized memory
Runtime analysis EXP34-C. Do not dereference null pointers
Runtime analysis ARR38-C. Guarantee that library functions do not form invalid pointers
Runtime analysis FLP03-C. Detect and handle floating-point errors
Runtime analysis STR07-C. Use the bounds-checking interfaces for string manipulation
Runtime analysis for over- or under- read or write EXP08-C. Ensure pointer arithmetic is used correctly
Runtime analysis will detect all leaks MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
Runtime detection INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
SECURITY-02 MSC30-C. Do not use the rand() function for generating pseudorandom numbers
SECURITY-02 API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
SECURITY-03 POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument
SECURITY-03 ENV02-C. Beware of multiple environment variables with the same effective name
SECURITY-04 WIN00-C. Be specific when dynamically loading libraries
SECURITY-07 API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
SECURITY-07 ENV01-C. Do not make assumptions about the size of an environment variable
SECURITY-07 MSC24-C. Do not use deprecated or obsolescent functions
SECURITY-10 POS33-C. Do not use vfork()
SECURITY-12 STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
SECURITY-12 API01-C. Avoid laying out strings in memory directly before sensitive data
SECURITY-12 ENV01-C. Do not make assumptions about the size of an environment variable
SECURITY-12 MSC24-C. Do not use deprecated or obsolescent functions
SECURITY-13 INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs
SECURITY-13 STR07-C. Use the bounds-checking interfaces for string manipulation
SECURITY-19 POS35-C. Avoid race conditions while checking for the existence of a symbolic link
SECURITY-19 FIO01-C. Be careful using functions that use file names for identification
SECURITY-19 FIO21-C. Do not create temporary files in shared directories
SECURITY-25 CON33-C. Avoid race conditions when using library functions
SECURITY-27 FIO01-C. Be careful using functions that use file names for identification