CERT
Skip to end of metadata
Go to start of metadata

Information for Editors
To have a new guideline automatically listed above be sure to label it pre and rule.

Risk Assessment Summary

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

PRE30-CLowUnlikelyMedium

P2

L3

PRE31-CLowUnlikelyLow

P3

L3

PRE32-CLowUnlikelyMedium

P2

L3

Related Rules and Recommendations


2 Comments

  1. PCLint has error 553 (see http://gimpel-online.com/MsgRef.html), which identifies undefined preprocessor macros that are used in a macro context, such as #if. Do we need a secure coding rule about this?

    1. It's not uncommon to reference an undefined macro in the #if directive:

      When HAVE_SOME_FEATURE is not defined by the configuration script it's treated as if its value was 0. That said, some compilers (EDG eccp being one) have an option to make it possible to diagnose these usually benign cases.