SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 157

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 158

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Attempting to modify an object multiple times between sequence points may cause that object to take on an unexpected value, which can lead to unexpected program behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP30-C

Medium

Probable

Medium

P8

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
evaluation-orderFully checked
Clang
Include Page
Clang_V
Clang_V
-WunsequencedDetects simple violations of this rule, but does not diagnose unsequenced function call arguments.
Compass/ROSE

 

 



Can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. It also must check that no variable is modified once, then read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator

Coverity

Include Page
Coverity_V
Coverity_V

EVALUATION_ORDER

Can detect the specific instance where a statement contains multiple side effects on the same value with an undefined evaluation order because, with different compiler flags or different compilers or platforms, the statement may behave differently

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.EXP30

Fully implemented

GCC
Include Page
GCC_V
GCC_V

 


Can detect violations of this rule when the -Wsequence-point flag is used

Klocwork
Include Page
Klocwork_V
Klocwork_V
PORTING.VAR.EFFECTS
 

LDRA tool suite
Include Page
LDRA_V
LDRA_V

35 D, 1 Q, 9 S, 30 S, 134 S

Partially implemented

Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
MISRA2004-12_2_{a,b,c,d}Fully implemented
Polyspace Bug FinderR2016aMISRA2012-RULE-13_2Fully implemented
PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v

0400 [U]
0401 [U]
0402 [U]
0403 [U]

Fully implemented
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V

evaluation-order

Fully checked
Splint
Include Page
Splint_V
Splint_V

 

 



SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
IncAndDecMixedWithOtherOperators

PVS-Studio6.22V567General analysis rule
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

CERT CEXP50-CPP. Do not depend on the order of evaluation for side effectsPrior to 2018-01-12: CERT: Unspecified Relationship
CERT Oracle Secure Coding Standard for JavaEXP05-J. Do not follow a write by a subsequent write or read of the same object within an expressionPrior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Operator Precedence/Order of Evaluation [JCW]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Side-effects and Order of Evaluation [SAM]Prior to 2018-01-12: CERT: Unspecified Relationship
MISRA C:2012Rule 12.1 (advisory)Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11CWE-7582017-07-07: CERT: Rule subset of CWE

CERT-CWE Mapping Notes

Key here for mapping notes

...

  • Undefined behavior that results from anything other than reading and writing to a variable twice without an intervening sequence point.


Bibliography

[ISO/IEC 9899:2011]6.5, "Expressions"
6.5.2.2, "Function Calls"
Annex C, "Sequence Points"
[Saks 2007]
 

[Summit 2005]Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11

...


...