SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 46

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 47

changes.mady.by.user Arthur Hicken

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: update parasoft

...

Failure to follow this recommendation can result in improper memory accesses and buffer overflows that are detrimental to the correct and continued execution of the program.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

API02-C

High

Likely

High

P9

L2

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
BADFUNC.BO.*

A collection of checks that report uses of library functions prone to internal buffer overflows.

Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
SECURITY-
07
12, SECURITY-
02 
07

Polyspace Bug FinderR2016a

Array access out of bounds

Array access with tainted index

Pointer access out of bounds

Use of dangerous standard function

Use of tainted pointer

Functions that read or write to or from an array should take an argument to specify the source or target size

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

Bibliography

[ISO/IEC 9899:2011]Annex K (normative) Bounds-checking Interfaces

...


...