SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

It is only appropriate to add or subtract integers to pointers to an element of an array object.

If the pointer operand points to an element of an array object, and the array is large enough, the result points to an element offset from the original element such that the difference of the subscripts of the resulting and original array elements equals the integer expression.

When two pointers are subtracted, both must point to elements of the same array object, or one past the last element of the array object; the result is the difference of the subscripts of the two array elements.

Non-Compliant Code Example







Compliant Solution











Risk Assessment







 Rule 


 Severity 


 Likelihood 


 Remediation Cost 


 Priority 


 Level 






 ARR38-C 


 3 (high) 


 3 (likely) 


 2 (medium) 


 P18 


 L1 








Related Vulnerabilities



Search for vulnerabilities resulting from the violation of this rule on the CERT website.



References



[[Banahan 03]] Section 5.3, "Pointers," and Section 5.7, "Expressions involving pointers"

[[ISO/IEC 9899-1999]] Section 6.5.6, "Additive operators"

[[VU#162289]]


                
        
    
        


                        
    





    

	

		
    
    
            
  • 
            No labels
        
    •