SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 90

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 91

changes.mady.by.user Anirban Gangopadhyay

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added Polyspace Bug Finder

...

Failure to handle error codes or other values returned by functions can lead to incorrect program flow and violations of data integrity.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP12-C

Medium

Unlikely

Medium

P4

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

error-information-unused-computed

Fully checked
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
LANG.FUNCS.IRVIgnored return value
Compass/ROSE

 

 

 




Coverity

Include Page
Coverity_V
Coverity_V

CHECKED_RETURN

Finds inconsistencies in how function call return values are handled. Coverity Prevent cannot discover all violations of this recommendation, so further verification is necessary

Cppcheck
 
Include Page
Cppcheck_V
Cppcheck_V
leakReturnValNotUsed, ignoredReturnValue

Return value of memory allocation function is not used.

Ignored return value from function when configuration says it must be used. See the chapter "Library configuration" in the cppcheck manual

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.EXP12

Fully implemented

Klocwork
Include Page
Klocwork_V
Klocwork_V

MISRA.FUNC.UNUSEDRET.2012
SV.RVT.RETVAL_NOTTESTED

 


LDRA tool suite
Include Page
LDRA_V
LDRA_V

382 S

Fully implemented

Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
CODSTA-122_{a,b}Fully implemented

Polyspace Bug Finder

R2016bReturned value of a sensitive function not checkedSensitive functions called without checking for unexpected return values and errors
PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
3200Fully implemented
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V

error-information-unused

Partially checked
Splint
Include Page
Splint_V
Splint_V

 

 



Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID EXP12-CPP. Do not ignore values returned by functions or methods
CERT Oracle Secure Coding Standard for JavaEXP00-J. Do not ignore values returned by methods
ISO/IEC TR 24772:2013Passing Parameters and Return Values [CSJ]
MITRE CWECWE-754, Improper check for unusual or exceptional conditions

Bibliography

[ISO/IEC 9899:2011]Subclause 6.8.3, "Expression and Null Statements"

...


...