SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 218

changes.mady.by.user Jill Britton

Saved on

compared with

New Version Current

changes.mady.by.user Jon O'Donnell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

IO.RACE

IO.TAINT.FNAME

BADFUNC.TEMP.*

BADFUNC.TMPFILE_S

BADFUNC.TMPNAM_S

File System Race Condition

Tainted Filename

A collection of warning classes that report uses of library functions associated with temporary file vulnerabilities (including name issues).

Use of tmpfile_s

Use of tmpnam_s

Compass/ROSE



Can detect some violations of this recommendation. In particular, it warns when chown(), stat(), or chmod() are called on an open file

Coverity6.5TOCTOUFully implemented
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5011
Klocwork
Include Page
Klocwork_V
Klocwork_V

SV.TOCTOU.FILE_ACCESS


LDRA tool suite
Include Page
LDRA_V
LDRA_V

592 S

Fully implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-FIO01-a
CERT_C-FIO01-b

Don't use chmod(), chown(), chgrp()
Usage of functions prone to race is not allowed

...