SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 66

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 67

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Eliminating violations of syntax rules and other constraints can eliminate serious software vulnerabilities that can lead to the execution of arbitrary code with the permissions of the vulnerable process.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC00-C

Medium

Probable

Medium

P8

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BUILD.WALL

BUILD.WERROR

Not All Warnings Are Enabled

Warnings Not Treated As Errors

SonarQube C/C++ Plugin
 
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V

S1762

S973

Warns when the default warning specifier is used with  #pragma warning.

Requires documentation of #pragma uses

PVS-Studio6.22V665General analysis rule

Related Guidelines

SEI CERT C++ Coding StandardVOID MSC00-CPP. Compile cleanly at high warning levels
MITRE CWECWE-563, Unused variable
CWE-570, Expression is always false
CWE-571, Expression is always true

Bibliography

[ISO/IEC 9899:2011]Section 5.1.1.3, "Diagnostics"
[Seacord 2013]Chapter 9, "Recommended Practices"
[Sutter 2005]Item 1

 


...