SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 201

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 202

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Referencing an object outside of its lifetime can result in an attacker being able to execute arbitrary code.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL30-C

High

Probable

High

P6

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
pointered-deallocationFully checked
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
LANG.STRUCT.RPLReturns pointer to local
Compass/ROSE
  


Can detect violations of this rule. It automatically detects returning pointers to local variables. Detecting more general cases, such as examples where static pointers are set to local variables which then go out of scope, would be difficult

Coverity

Include Page
Coverity_V
Coverity_V

RETURN_LOCAL

Finds many instances where a function will return a pointer to a local stack variable. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary

Klocwork
Include Page
Klocwork_V
Klocwork_V

LOCRET.ARG
LOCRET.GLOB

LOCRET.RET
 

LDRA tool suite
Include Page
LDRA_V
LDRA_V

42 D, 77 D, 71 S, 565 S

Enhanced Enforcement
Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
MISRA2004-17_6_{a,b}
 

Polyspace Bug FinderR2016aPointer or reference to stack variable leaving scope

Pointer to local variable leaves the variable scope

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v

3217
3225
3230
4140

Partially implemented
PRQA QA-C++
Include Page
cplusplus:PRQA QA-C++_V
cplusplus:PRQA QA-C++_V

2515, 2516, 2527, 2528, 4026, 4624, 4629

 


Splint
Include Page
Splint_V
Splint_V
 


PVS-Studio6.22V506, V507, V558, V623, V723, V738

General analysis rule set

 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

CERT C Secure Coding StandardMSC00-C. Compile cleanly at high warning levelsPrior to 2018-01-12: CERT: Unspecified Relationship
CERT CEXP54-CPP. Do not access an object outside of its lifetimePrior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Dangling References to Stack Frames [DCM]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961Escaping of the address of an automatic object [addrescape]Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012Rule 18.6 (required)Prior to 2018-01-12: CERT: Unspecified Relationship

CERT-CWE Mapping Notes

Key here for mapping notes

...

  • Assigning a stack pointer to an argument (thereby letting it outlive the current function


Bibliography

[Coverity 2007]
 

[ISO/IEC 9899:2011]6.2.4, "Storage Durations of Objects"

...


...