Checker
|
Guideline
|
---|
ALLOC.DF
|
MEM51-CPP. Properly deallocate dynamically allocated resources
|
ALLOC.DF
|
OOP54-CPP. Gracefully handle self-copy assignment
|
ALLOC.FNH
|
MEM51-CPP. Properly deallocate dynamically allocated resources
|
ALLOC.LEAK
|
MEM51-CPP. Properly deallocate dynamically allocated resources
|
ALLOC.LEAK
|
FIO51-CPP. Close files when they are no longer needed
|
ALLOC.LEAK
|
ERR56-CPP. Guarantee exception safety
|
ALLOC.LEAK
|
ERR57-CPP. Do not leak resources when handling exceptions
|
ALLOC.LEAK
|
OOP54-CPP. Gracefully handle self-copy assignment
|
ALLOC.TM
|
EXP51-CPP. Do not delete an array through a pointer of the incorrect type
|
ALLOC.TM
|
MEM51-CPP. Properly deallocate dynamically allocated resources
|
ALLOC.UAF
|
EXP54-CPP. Do not access an object outside of its lifetime
|
ALLOC.UAF
|
CTR51-CPP. Use valid references, pointers, and iterators to reference elements of a container
|
ALLOC.UAF
|
STR52-CPP. Use valid references, pointers, and iterators to reference elements of a basic_string
|
ALLOC.UAF
|
MEM50-CPP. Do not access freed memory
|
ALLOC.UAF
|
OOP54-CPP. Gracefully handle self-copy assignment
|
BADFUNC.ABORT
|
ERR50-CPP. Do not abruptly terminate the program
|
BADFUNC.ATOF
|
ERR62-CPP. Detect errors when converting a string to a number
|
BADFUNC.ATOI
|
ERR62-CPP. Detect errors when converting a string to a number
|
BADFUNC.ATOL
|
ERR62-CPP. Detect errors when converting a string to a number
|
BADFUNC.ATOLL
|
ERR62-CPP. Detect errors when converting a string to a number
|
BADFUNC.BO.*
|
CTR52-CPP. Guarantee that library functions do not overflow
|
BADFUNC.EXIT
|
ERR50-CPP. Do not abruptly terminate the program
|
BADFUNC.LONGJMP
|
ERR52-CPP. Do not use setjmp() or longjmp()
|
BADFUNC.MEMCMP
|
EXP62-CPP. Do not access the bits of an object representation that are not part of the object's value representation
|
BADFUNC.MEMCMP
|
OOP57-CPP. Prefer special member functions and overloaded operators to C Standard Library functions
|
BADFUNC.MEMSET
|
EXP62-CPP. Do not access the bits of an object representation that are not part of the object's value representation
|
BADFUNC.MEMSET
|
OOP57-CPP. Prefer special member functions and overloaded operators to C Standard Library functions
|
BADFUNC.RANDOM.RAND
|
MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers
|
BADFUNC.SETJMP
|
ERR52-CPP. Do not use setjmp() or longjmp()
|
BADMACRO.OFFSETOF
|
EXP59-CPP. Use offsetof() on valid types and members
|
BADMACRO.STDARG_H
|
EXP58-CPP. Pass an object of the correct type to va_start
|
CONCURRENCY.BADFUNC.CNDSIGNAL
|
CON55-CPP. Preserve thread safety and liveness when using condition variables
|
CONCURRENCY.BADFUNC.CNDWAIT
|
CON54-CPP. Wrap functions that can spuriously wake up in a loop
|
CONCURRENCY.DATARACE
|
CON52-CPP. Prevent data races when accessing bit-fields from multiple threads
|
CONCURRENCY.LOCALARG
|
CON50-CPP. Do not destroy a mutex while it is locked
|
CONCURRENCY.LOCK.NOUNLOCK
|
CON51-CPP. Ensure actively held locks are released on exceptional conditions
|
CONCURRENCY.LOCK.ORDER
|
CON53-CPP. Avoid deadlock by locking in a predefined order
|
CONCURRENCY.TL
|
CON56-CPP. Do not speculatively lock a non-recursive mutex that is already owned by the calling thread
|
HARDCODED.SEED
|
MSC51-CPP. Ensure your random number generator is properly seeded
|
IO.DC
|
OOP54-CPP. Gracefully handle self-copy assignment
|
IO.IOWOP
|
FIO50-CPP. Do not alternately input and output from a file stream without an intervening positioning call
|
IO.OIWOP
|
FIO50-CPP. Do not alternately input and output from a file stream without an intervening positioning call
|
IO.UAC
|
EXP54-CPP. Do not access an object outside of its lifetime
|
IO.UAC
|
OOP54-CPP. Gracefully handle self-copy assignment
|
LANG.CAST.COERCE
|
INT50-CPP. Do not cast to an out-of-range enumeration value
|
LANG.CAST.OBJSLICE
|
OOP51-CPP. Do not slice derived objects
|
LANG.CAST.PC.INC
|
EXP57-CPP. Do not cast or delete pointers to incomplete classes
|
LANG.CAST.VALUE
|
INT50-CPP. Do not cast to an out-of-range enumeration value
|
LANG.FUNCS.COPINC
|
OOP58-CPP. Copy operations must not mutate the source object
|
LANG.ID.NU.MK
|
DCL51-CPP. Do not declare or define a reserved identifier
|
LANG.MEM.BO
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.MEM.BO
|
CTR52-CPP. Guarantee that library functions do not overflow
|
LANG.MEM.BO
|
CTR53-CPP. Use valid iterator ranges
|
LANG.MEM.BO
|
STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator
|
LANG.MEM.BO
|
STR53-CPP. Range check element access
|
LANG.MEM.BO
|
MEM54-CPP. Provide placement new with properly aligned pointers to sufficient storage capacity
|
LANG.MEM.BU
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.MEM.BU
|
STR53-CPP. Range check element access
|
LANG.MEM.NPD
|
EXP63-CPP. Do not rely on the value of a moved-from object
|
LANG.MEM.NPD
|
STR51-CPP. Do not attempt to create a std::string from a null pointer
|
LANG.MEM.NPD
|
OOP54-CPP. Gracefully handle self-copy assignment
|
LANG.MEM.TBA
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.MEM.TBA
|
CTR52-CPP. Guarantee that library functions do not overflow
|
LANG.MEM.TBA
|
STR53-CPP. Range check element access
|
LANG.MEM.TO
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.MEM.TO
|
STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator
|
LANG.MEM.TO
|
STR53-CPP. Range check element access
|
LANG.MEM.TU
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.MEM.TU
|
STR53-CPP. Range check element access
|
LANG.MEM.UVAR
|
EXP53-CPP. Do not read uninitialized memory
|
LANG.MEM.UVAR
|
EXP63-CPP. Do not rely on the value of a moved-from object
|
LANG.MEM.UVAR
|
OOP55-CPP. Do not use pointer-to-member operators to access nonexistent members
|
LANG.STRUCT.CUP
|
CTR54-CPP. Do not subtract iterators that do not refer to the same container
|
LANG.STRUCT.DECL.ANH
|
DCL59-CPP. Do not define an unnamed namespace in a header file
|
LANG.STRUCT.DECL.FNEST
|
DCL53-CPP. Do not write syntactically ambiguous declarations
|
LANG.STRUCT.DECL.RESERVED
|
DCL51-CPP. Do not declare or define a reserved identifier
|
LANG.STRUCT.DECL.SNM
|
DCL58-CPP. Do not modify the standard namespaces
|
LANG.STRUCT.DEF.FDH
|
DCL60-CPP. Obey the one-definition rule
|
LANG.STRUCT.DEF.ODH
|
DCL60-CPP. Obey the one-definition rule
|
LANG.STRUCT.DNVD
|
OOP52-CPP. Do not delete a polymorphic object without a virtual destructor
|
LANG.STRUCT.ELLIPSIS
|
DCL50-CPP. Do not define a C-style variadic function
|
LANG.STRUCT.EXCP.CATCH
|
DCL57-CPP. Do not let exceptions escape from destructors or deallocation functions
|
LANG.STRUCT.EXCP.CATCH
|
ERR61-CPP. Catch exceptions by lvalue reference
|
LANG.STRUCT.EXCP.THROW
|
DCL57-CPP. Do not let exceptions escape from destructors or deallocation functions
|
LANG.STRUCT.EXCP.THROW
|
ERR55-CPP. Honor exception specifications
|
LANG.STRUCT.EXCP.THROW
|
ERR58-CPP. Handle all exceptions thrown before main() begins executing
|
LANG.STRUCT.EXCP.THROW
|
ERR61-CPP. Catch exceptions by lvalue reference
|
LANG.STRUCT.ICOL
|
CON54-CPP. Wrap functions that can spuriously wake up in a loop
|
LANG.STRUCT.INIT.CYCLE
|
DCL56-CPP. Avoid cycles during initialization of static objects
|
LANG.STRUCT.INIT.OOMI
|
OOP53-CPP. Write constructor member initializers in the canonical order
|
LANG.STRUCT.INIT.UNORDERED
|
DCL56-CPP. Avoid cycles during initialization of static objects
|
LANG.STRUCT.MRS
|
MSC52-CPP. Value-returning functions must return a value from all exit paths
|
LANG.STRUCT.NVNR
|
MSC52-CPP. Value-returning functions must return a value from all exit paths
|
LANG.STRUCT.PARITH
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.STRUCT.PARITH
|
CTR56-CPP. Do not use pointer arithmetic on polymorphic objects
|
LANG.STRUCT.PBB
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.STRUCT.PPE
|
CTR50-CPP. Guarantee that container indices and iterators are within the valid range
|
LANG.STRUCT.RC
|
OOP54-CPP. Gracefully handle self-copy assignment
|
LANG.STRUCT.RFNR
|
MSC53-CPP. Do not return from a function declared [[noreturn]]
|
LANG.STRUCT.RPL
|
EXP53-CPP. Do not read uninitialized memory
|
LANG.STRUCT.SE.DEC
|
EXP50-CPP. Do not depend on the order of evaluation for side effects
|
LANG.STRUCT.SE.INC
|
EXP50-CPP. Do not depend on the order of evaluation for side effects
|
LANG.STRUCT.SE.SIZEOF
|
EXP52-CPP. Do not rely on side effects in unevaluated operands
|
LANG.STRUCT.SUP
|
CTR54-CPP. Do not subtract iterators that do not refer to the same container
|
LANG.STRUCT.UCTCH
|
ERR51-CPP. Handle all exceptions
|
LANG.STRUCT.UCTCH
|
ERR54-CPP. Catch handlers should order their parameter types from most derived to least derived
|
LANG.STRUCT.VCALL_IN_CTOR
|
OOP50-CPP. Do not invoke virtual functions from constructors or destructors
|
LANG.STRUCT.VCALL_IN_DTOR
|
OOP50-CPP. Do not invoke virtual functions from constructors or destructors
|
MISC.CRYPTO.TIMESEED
|
MSC51-CPP. Ensure your random number generator is properly seeded
|
MISC.MEM.NTERM
|
STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator
|
MISC.PADDING.POTB
|
DCL55-CPP. Avoid information leakage when passing a class object across a trust boundary
|