Checker | Guideline |
|---|
| BD-API-VALPARAM | FLP32-C. Prevent or detect domain and range errors in math functions |
| BD-BP-NOTINIT | EXP33-C. Do not read uninitialized memory |
| BD-PB-ARRAY | FLP37-C. Do not use object representations to compare floating-point values |
| BD-PB-ARRAY | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| BD-PB-ARRAY | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-PB-ARRAY | FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful |
| BD-PB-ARRAY | EXP08-C. Ensure pointer arithmetic is used correctly |
| BD-PB-ARRAY | INT10-C. Do not assume a positive remainder when using the % operator |
| BD-PB-ARRAY | MSC19-C. For functions that return an array, prefer returning an empty array over a null value |
| BD-PB-CC BYTEORD | EXP45 POS39-C. Use the correct byte ordering when transferring data between systems |
| BD-PB-CC | EXP45-C. Do not perform assignments in selection statements |
| BD-PB-CC | EXP16-C. Do not compare function pointers to constant values |
| BD-PB-NP | EXP34-C. Do not dereference null pointers | BD-PB-NP CHECKRETGEN | ERR33-C. Detect and handle standard library errors |
| BD-PB-NP ERRNO | POS54 ERR30-C. Detect and handle POSIX library errors Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
| BD-PB-NP ERRNO | MSC19 ERR32-C. For functions that return an array, prefer returning an empty array over a null value Do not rely on indeterminate values of errno |
| BD-PB-OVERFNZT INTOVERF | STR32 INT30-C. Do not pass a non-null-terminated character sequence to a library function that expects a string Ensure that unsigned integer operations do not wrap |
| BD-PB-OVERFNZT INTOVERF | POS30 INT32-C. Use the readlink() function properly Ensure that operations on signed integers do not result in overflow |
| BD-PB-OVERFWR INVENV | STR31 ENV31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator Do not rely on an environment pointer following an operation that may invalidate it |
| BD-PB-OVERFWR INVRET | API01 ENV34-C. Avoid laying out strings in memory directly before sensitive data Do not store pointers returned by certain functions |
| BD-PB-OVERFWR NP | ENV01 EXP34-C. Do not make assumptions about the size of an environment variable dereference null pointers |
| BD-PB-OVERF{RD,WR,FMT,NZT} NP | ERR33 ARR38-C. Guarantee that library functions do not form invalid pointers Detect and handle standard library errors |
| BD-PB-OVERNZT NP | STR03 POS54-C. Do not inadvertently truncate a string Detect and handle POSIX library errors |
| BD-PB-SWITCH NP | MSC07 MSC19-C. Detect and remove dead code For functions that return an array, prefer returning an empty array over a null value |
| BD-PB-SWITCH OVERFARRAY | MSC12 EXP39-C. Detect and remove code that has no effect or is never executed Do not access a variable through a pointer of an incompatible type |
| BD-PB-ZERO OVERFFMT | INT33 ARR38-C. Ensure that division and remainder operations do not result in divide-by-zero errors Guarantee that library functions do not form invalid pointers |
| BD-PB-ZERO OVERFNZT | FLP03 ARR38-C. Detect and handle floating-point errors Guarantee that library functions do not form invalid pointers |
| BD-RESPB-FREE OVERFNZT | MEM30 STR32-C. Do not access freed memory pass a non-null-terminated character sequence to a library function that expects a string |
| BD-RESPB-FREE OVERFNZT | FIO46 POS30-C. Do not access a closed file Use the readlink() function properly |
| BD-RESPB-FREE OVERFRD | CON31 ARR38-C. Do not destroy a mutex while it is locked Guarantee that library functions do not form invalid pointers |
| BD-RESPB-FREE OVERFWR | MEM01 ARR38-C. Store a new value in pointers immediately after free() Guarantee that library functions do not form invalid pointers |
| BD-RESPB-INVFREE OVERFWR | MEM34 STR31-C. Only free memory allocated dynamically Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-RESPB-INVFREE OVERFWR | CON31 API01-C. Do not destroy a mutex while it is locked Avoid laying out strings in memory directly before sensitive data |
| BD-RESPB-LEAK OVERFWR | MEM31 ENV01-C. Free dynamically allocated memory when no longer needed Do not make assumptions about the size of an environment variable |
| BD-RESPB-LEAK OVERNZT | MEM12 STR03-C. Consider using a goto chain when leaving a function on error when using and releasing resources Do not inadvertently truncate a string |
| BD-RESPB-LEAKS PUTENV | FIO42 POS34-C. Close files when they are no longer needed Do not call putenv() with a pointer to an automatic variable as the argument |
| BD-RESPB-LEAKS SWITCH | CON30 MSC07-C. Clean up thread-specific storage Detect and remove dead code |
| BD-RESPB-LEAKS SWITCH | WIN30 MSC12-C. Properly pair allocation and deallocation functions Detect and remove code that has no effect or is never executed |
| BD-SECURITYPB-INTOVERF VARARG | INT04 MSC39-C. Enforce limits on integer values originating from tainted sources Do not call va_arg() on a va_list that has an indeterminate value |
| BD-SECURITYPB-OVERFRD ZERO | INT04 INT33-C. Enforce limits on integer values originating from tainted sources Ensure that division and remainder operations do not result in divide-by-zero errors |
| BD-SECURITYPB-OVERFWR ZERO | INT04 FLP03-C. Enforce limits on integer values originating from tainted sources Detect and handle floating-point errors |
| BD-SECURITY-{TDCMD,TDFNAMES,TDSQL} RES-FREE | MEM30-C. Do not access freed memory STR02-C. Sanitize data passed to complex subsystems |
| BD-TRSRES-DLOCK FREE | CON35 FIO46-C. Avoid deadlock by locking in a predefined order Do not access a closed file |
| BD-TRSRES-LOCK FREE | CON01 CON31-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction Do not destroy a mutex while it is locked |
| BD-TRSRES-TSHL FREE | POS52 MEM01-C. Do not perform operations that can block while holding a POSIX lock Store a new value in pointers immediately after free() |
| BD-TRSRES-TSHL INVFREE | CON05 MEM34-C. Do not perform operations that can block while holding a lock Only free memory allocated dynamically |
| BD-RES-INVFREE | CON31 | CERT-EXP-19 | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
| CODSTA-11 | MSC11-C. Incorporate diagnostic tests using assertions |
| CODSTA-16 | STR11-C. Do not specify the bound of a character array initialized with a string literal |
| CODSTA-26 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CODSTA-60 | EXP20-C. Perform explicit tests to determine success, true and false, and equality |
| CODSTA-69 | STR09-C. Don't assume numeric values for expressions with type plain character |
| CODSTA-86 | API00-C. Functions should validate their parameters |
| CODSTA-97 | EXP00-C. Use parentheses for precedence of operation |
| CODSTA-117 | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| CODSTA-121 | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers |
| CODSTA-122_{a,b} | ERR33-C. Detect and handle standard library errors |
| CODSTA-122_{a,b} | POS54-C. Detect and handle POSIX library errors |
| CODSTA-122_{a,b} | EXP12-C. Do not ignore values returned by functions |
| CODSTA-123 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-123 | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| CODSTA-CPP-53 | DCL00-C. Const-qualify immutable objects |
| COMMENT-13 | MSC04-C. Use comments consistently and in a readable fashion |
| Detect at runtime | MEM34-C. Only free memory allocated dynamically |
| Detects accessing freed memory at runtime | MEM30-C. Do not access freed memory |
| Detects dangling pointers at runtime | MEM01-C. Store a new value in pointers immediately after free() |
| Detects leaks at runtime | MEM31-C. Free dynamically allocated memory when no longer needed |
| FORMAT-33 | DCL04-C. Do not declare more than one variable per declaration |
| JSF-166{b,c} | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| JSF-193 | MSC17-C. Finish every set of statements associated with a case label with a break statement |
| JSF-203 | MSC14-C. Do not introduce unnecessary platform dependencies |
| JSF-203 | MSC15-C. Do not depend on undefined behavior |
| MEM-18 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| destroy a mutex while it is locked |
| BD-RES-LEAK | MEM31-C. Free dynamically allocated memory when no longer needed |
| BD-RES-LEAK | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| BD-RES-LEAKS | FIO42-C. Close files when they are no longer needed |
| BD-RES-LEAKS | CON30-C. Clean up thread-specific storage |
| BD-RES-LEAKS | WIN30-C. Properly pair allocation and deallocation functions |
| BD-SECURITY-BUFWRITE | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-SECURITY-INTOVERF | INT04-C. Enforce limits on integer values originating from tainted sources |
| BD-SECURITY-OVERFMT | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| BD-SECURITY-OVERFRD | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| BD-SECURITY-OVERFRD | INT04-C. Enforce limits on integer values originating from tainted sources |
| BD-SECURITY-OVERFWR | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| BD-SECURITY-OVERFWR | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-SECURITY-OVERFWR | INT04-C. Enforce limits on integer values originating from tainted sources |
| BD-SECURITY-RAND | MSC32-C. Properly seed pseudorandom number generators |
| BD-SECURITY-TDCMD | STR02-C. Sanitize data passed to complex subsystems |
| BD-SECURITY-TDFNAMES | STR02-C. Sanitize data passed to complex subsystems |
| BD-SECURITY-TDSQL | STR02-C. Sanitize data passed to complex subsystems |
| BD-TRS-ARG | CON34-C. Declare objects shared between threads with appropriate storage durations |
| BD-TRS-ARG | POS50-C. Declare objects shared between POSIX threads with appropriate storage durations |
| BD-TRS-BITLOCK | CON32-C. Prevent data races when accessing bit-fields from multiple threads |
| BD-TRS-BITLOCK | POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed |
| BD-TRS-DLOCK | CON35-C. Avoid deadlock by locking in a predefined order |
| BD-TRS-DSTRLOCK | CON31-C. Do not destroy a mutex while it is locked |
| BD-TRS-DSTRLOCK | POS48-C. Do not unlock or destroy another POSIX thread's mutex |
| BD-TRS-FORKFILE | POS38-C. Beware of race conditions when using fork and file descriptors |
| BD-TRS-LOCK | CON01-C. Acquire and release synchronization primitives | MEM-19 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MEM BD-TRS-20 ORDER | MEM00 POS51-C. Allocate and free memory in the same module, at the same level of abstraction |
| MISRA2004-4_2-3 | PRE07-C. Avoid using repeated question marks |
| MISRA2004-5_2_{a,b} | DCL01-C. Do not reuse variable names in subscopes |
| MISRA2004-6_1 | STR00-C. Represent characters using an appropriate type |
| MISRA2004-6_1 | STR04-C. Use plain char for characters in the basic character set |
| MISRA2004-6_{1,2} | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| MISRA2004-7_1_a | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| MISRA2004-9_3 | INT09-C. Ensure enumeration constants map to unique values |
| MISRA2004-10_1_d | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| MISRA2004-10_1_d | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
| MISRA2004-10_2_{b,c,d} | FLP03-C. Detect and handle floating-point errors |
| MISRA2004-11_4 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| MISRA2004-11_5 | EXP32-C. Do not access a volatile object through a nonvolatile reference |
| MISRA2004-11_5 | EXP05-C. Do not cast away a const qualification |
| MISRA2004-12_2_{a,b,c,d} | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_{a,b,c,d} | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_{a,b,c,d} | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_4a | EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
| MISRA2004-12_6_{a,b} | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| MISRA2004-13_3 | FLP00-C. Understand the limitations of floating-point numbers |
| MISRA2004-13_3 | FLP02-C. Avoid using floating-point numbers when precise computation is needed |
| MISRA2004-14_8 | EXP19-C. Use braces for the body of an if, for, or while statement |
| MISRA2004-15_0_b | DCL41-C. Do not declare variables inside a switch statement before the first case label |
| MISRA2004-15_3 | MSC01-C. Strive for logical completeness |
| MISRA2004-16_6 | DCL20-C. Explicitly specify void when a function accepts no arguments |
| MISRA2004-16_7_b | DCL05-C. Use typedefs of non-pointer types only |
| MISRA2004-17_6_{a,b} | DCL30-C. Declare objects with appropriate storage durations |
| MISRA2004-19_7 | PRE00-C. Prefer inline or static functions to function-like macros |
| MISRA2004-19_8 | MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro |
| MISRA2004-19_10 | PRE01-C. Use parentheses within macros around parameter names |
| MISRA2004-20_1_a | DCL37-C. Do not declare or define a reserved identifier |
| MISRA2004-20_7 | MSC22-C. Use the setjmp(), longjmp() facility securely |
| MISRA2004-20_10 | ERR34-C. Detect errors when converting a string to a number |
| MISRA2005-16_7 | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
| MISRA2008-0_1_3_b | MSC13-C. Detect and remove unused values |
| MISRA2008-0_1_{a,b,c,d,e,f,g} | MSC07-C. Detect and remove dead code |
| MISRA2008-0_1_{a,b,c,d,e,f,g} | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2008-2_13_5 | STR10-C. Do not concatenate different type of string literals |
| MISRA2008-5_0_17 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| MISRA2008-5_0_21 | INT13-C. Use bitwise operators only on unsigned operands |
| MISRA2008-5_0_21 | INT16-C. Do not make assumptions about representation of signed integers |
| MISRA2008-5_2_8 | INT36-C. Converting a pointer to integer or integer to pointer |
| MISRA2008-9_6_2 | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| MISRA2012-RULE-3_1{a,b,c} | MSC04-C. Use comments consistently and in a readable fashion |
| MISRA2012-RULE-15_7 | MSC01-C. Strive for logical completeness |
| MISRA2012-RULE-17_4 | MSC37-C. Ensure that control never reaches the end of a non-void function |
| MISRA2012-RULE-21_5_b | SIG34-C. Do not call signal() from within interruptible signal handlers |
| MISRA2012-RULE-21_5_b | CON37-C. Do not call signal() in a multithreaded program |
| MISRA2012-RULE-21_5_b | POS44-C. Do not use signals to terminate threads |
| MISRA2012-RULE-21_5_b | SIG00-C. Mask signals handled by noninterruptible signal handlers |
| MISRA2012-RULE-21_5_b | SIG01-C. Understand implementation-specific details regarding signal handler persistence |
| MISRA2012-RULE-21_5_b | SIG02-C. Avoid using signals to implement normal functionality |
| MISRA2012-RULE-21_7 | ERR07-C. Prefer functions that support error checking over equivalent functions that don't |
| MISRA2012-RULE-21_8 | ENV33-C. Do not call system() |
| MISRA2012-RULE-21_8 | ERR04-C. Choose an appropriate termination strategy |
| MISRA2012-RULE-21_8 | ERR05-C. Application-independent code should provide error detection without dictating error handling |
| MISRA2012-RULE-21_10 | MSC33-C. Do not pass invalid data to the asctime() function |
| MISRA2012-RULE-21_{7,8} | MSC24-C. Do not use deprecated or obsolescent functions |
| MISRA-005 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| MISRA-11_5 | EXP40-C. Do not modify constant objects |
| MISRA-020 | DCL31-C. Declare identifiers before using them |
| MISRA-023 | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
| MISRA-024 | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
| MISRA-038 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| MISRA-043_{c,d} | FLP36-C. Preserve precision when converting integral values to floating-point type |
| MISRA-043_{c,d} | FLP06-C. Convert integers to floating point for floating-point operations |
| MISRA-043{b} | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int |
| MISRA-043{b} | INT02-C. Understand integer conversion rules |
| MISRA-043{b} | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISRA-046_a | CON02-C. Do not use volatile as a synchronization primitive |
| MISRA-065 | FLP30-C. Do not use floating-point variables as loop counters |
| MISRA-096 | PRE02-C. Macro replacement lists should be parenthesized |
| MISRA-101 | EXP08-C. Ensure pointer arithmetic is used correctly |
| MRM-07 | EXP42-C. Do not compare padding data |
| MRM-09 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-10 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-11 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-39 | ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
| MRM-45 | MEM35-C. Allocate sufficient memory for an object |
| NAMING-44 | DCL02-C. Use visually distinct identifiers |
| OPT-01 | DCL19-C. Minimize the scope of variables and functions |
| PB-27 | STR30-C. Do not attempt to modify string literals |
| PB-32 | ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array |
| PB-45 | FIO47-C. Use valid format strings |
| PB-46 | FIO47-C. Use valid format strings |
| PB-47 | FIO47-C. Use valid format strings |
| PB-48 | FIO47-C. Use valid format strings |
| PB-49 | FIO47-C. Use valid format strings |
| PB-50 | FIO47-C. Use valid format strings |
| PB-51 | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| PFO-02 | PRE06-C. Enclose header files in an inclusion guard |
| PORT-01 | DCL16-C. Use "L," not "l," to indicate a long value |
| runtime | DCL40-C. Do not create incompatible declarations of the same function or object |
| Runtime | DCL11-C. Understand the type issues associated with variadic functions |
| Runtime analysis | EXP33-C. Do not read uninitialized memory |
| Runtime analysis | EXP34-C. Do not dereference null pointers |
| Runtime analysis | ARR38-C. Guarantee that library functions do not form invalid pointers |
| Runtime analysis | FLP03-C. Detect and handle floating-point errors |
| Runtime analysis | STR07-C. Use the bounds-checking interfaces for string manipulation |
| Runtime analysis for over- or under- read or write | EXP08-C. Ensure pointer arithmetic is used correctly |
| Runtime analysis will detect all leaks | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| Runtime detection | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| SECURITY-02 | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
| Avoid deadlock with POSIX threads by locking in predefined order |
| BD-TRS-REVLOCK | POS48-C. Do not unlock or destroy another POSIX thread's mutex |
| BD-TRS-SYMLINK | POS35-C. Avoid race conditions while checking for the existence of a symbolic link |
| BD-TRS-TSHL | POS52-C. Do not perform operations that can block while holding a POSIX lock |
| BD-TRS-TSHL | CON05-C. Do not perform operations that can block while holding a lock |
| CERT-EXP-19 | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
| CODSTA-11 | MSC11-C. Incorporate diagnostic tests using assertions |
| CODSTA-16 | STR11-C. Do not specify the bound of a character array initialized with a string literal |
| CODSTA-26 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CODSTA-60 | EXP20-C. Perform explicit tests to determine success, true and false, and equality |
| CODSTA-63 | INT13-C. Use bitwise operators only on unsigned operands |
| CODSTA-63 | INT16-C. Do not make assumptions about representation of signed integers |
| CODSTA-65 | INT36-C. Converting a pointer to integer or integer to pointer |
| CODSTA-69 | STR09-C. Don't assume numeric values for expressions with type plain character |
| CODSTA-75 | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| CODSTA-86 | API00-C. Functions should validate their parameters |
| CODSTA-97 | EXP00-C. Use parentheses for precedence of operation |
| CODSTA-117 | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| CODSTA-118 | DCL40-C. Do not create incompatible declarations of the same function or object |
| CODSTA-121 | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers |
| CODSTA-122_a | ERR33-C. Detect and handle standard library errors |
| CODSTA-122_a | POS54-C. Detect and handle POSIX library errors |
| CODSTA-122_a | EXP12-C. Do not ignore values returned by functions |
| CODSTA-122_b | ERR33-C. Detect and handle standard library errors |
| CODSTA-122_b | POS54-C. Detect and handle POSIX library errors |
| CODSTA-122_b | EXP12-C. Do not ignore values returned by functions |
| CODSTA-123 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-123 | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| CODSTA-127_b | INT36-C. Converting a pointer to integer or integer to pointer |
| CODSTA-144 | POS30-C. Use the readlink() function properly |
| CODSTA-145 | POS30-C. Use the readlink() function properly |
| CODSTA-150 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-150_b | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-150_c | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-156_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-156_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-157 | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-158 | EXP37-C. Call functions with the correct number and type of arguments |
| CODSTA-159 | EXP37-C. Call functions with the correct number and type of arguments |
| CODSTA-161_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_c | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_d | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_e | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_f | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_g | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-163_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-163_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-164_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-164_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-185_a | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| CODSTA-187_a | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| CODSTA-187_b | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| CODSTA-187_c | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| CODSTA-188 | STR38-C. Do not confuse narrow and wide character strings and functions |
| CODSTA-190 | FLP37-C. Do not use object representations to compare floating-point values |
| CODSTA-CPP-53 | DCL00-C. Const-qualify immutable objects |
| COMMENT-11 | MSC04-C. Use comments consistently and in a readable fashion |
| COMMENT-12 | MSC04-C. Use comments consistently and in a readable fashion |
| COMMENT-13 | MSC04-C. Use comments consistently and in a readable fashion |
| Detect at runtime | MEM34-C. Only free memory allocated dynamically |
| Detects accessing freed memory at runtime | MEM30-C. Do not access freed memory |
| Detects dangling pointers at runtime | MEM01-C. Store a new value in pointers immediately after free() |
| Detects leaks at runtime | MEM31-C. Free dynamically allocated memory when no longer needed |
| FORMAT-33 | DCL04-C. Do not declare more than one variable per declaration |
| fully implemented at runtime | ERR33-C. Detect and handle standard library errors |
| GLOBAL-CONDMUTEXVAR | POS53-C. Do not use more than one mutex for concurrent waiting operations on a condition variable |
| MISRA2004-2_3 | MSC04-C. Use comments consistently and in a readable fashion |
| MISRA2004-4_2-3 | PRE07-C. Avoid using repeated question marks |
| MISRA2004-5_2_a | DCL01-C. Do not reuse variable names in subscopes |
| MISRA2004-5_2_b | DCL01-C. Do not reuse variable names in subscopes |
| MISRA2004-6_1 | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| MISRA2004-6_1 | STR00-C. Represent characters using an appropriate type |
| MISRA2004-6_1 | STR04-C. Use plain char for characters in the basic character set |
| MISRA2004-6_2 | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| MISRA2004-7_1_a | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| MISRA2004-8_4 | DCL40-C. Do not create incompatible declarations of the same function or object |
| MISRA2004-9_3 | INT09-C. Ensure enumeration constants map to unique values |
| MISRA2004-10_1_b | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA2004-10_1_b | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| MISRA2004-10_1_d | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| MISRA2004-10_1_d | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
| MISRA2004-10_2_1 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA2004-10_2_a | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| MISRA2004-10_2_b | FLP03-C. Detect and handle floating-point errors |
| MISRA2004-10_2_c | FLP03-C. Detect and handle floating-point errors |
| MISRA2004-10_2_d | FLP03-C. Detect and handle floating-point errors |
| MISRA2004-11_4 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| MISRA2004-11_4 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA2004-11_4 | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| MISRA2004-11_5 | EXP32-C. Do not access a volatile object through a nonvolatile reference |
| MISRA2004-11_5 | EXP05-C. Do not cast away a const qualification |
| MISRA2004-12_2_a | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_a | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_a | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_2_b | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_b | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_b | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_2_c | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_c | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_c | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_2_d | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_d | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_d | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_3_b | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| MISRA2004-12_3_c | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| MISRA2004-12_4a | EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
| MISRA2004-12_6_a | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| MISRA2004-12_6_b | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| MISRA2004-13_1 | EXP45-C. Do not perform assignments in selection statements |
| MISRA2004-13_3 | FLP00-C. Understand the limitations of floating-point numbers |
| MISRA2004-13_3 | FLP02-C. Avoid using floating-point numbers when precise computation is needed |
| MISRA2004-14_1_a | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_a | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_b | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_b | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_c | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_c | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_d | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_d | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_e | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_e | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_f | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_f | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_g | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_g | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_8 | EXP19-C. Use braces for the body of an if, for, or while statement |
| MISRA2004-14_10 | MSC01-C. Strive for logical completeness |
| MISRA2004-15_0_b | DCL41-C. Do not declare variables inside a switch statement before the first case label |
| MISRA2004-15_2 | MSC17-C. Finish every set of statements associated with a case label with a break statement |
| MISRA2004-15_3 | MSC01-C. Strive for logical completeness |
| MISRA2004-16_3 | EXP37-C. Call functions with the correct number and type of arguments |
| MISRA2004-16_6 | DCL20-C. Explicitly specify void when a function accepts no arguments |
| MISRA2004-16_7 | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
| MISRA2004-16_7_b | DCL05-C. Use typedefs of non-pointer types only |
| MISRA2004-16_8 | MSC37-C. Ensure that control never reaches the end of a non-void function |
| MISRA2004-16_9 | EXP45-C. Do not perform assignments in selection statements |
| MISRA2004-17_2 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| MISRA2004-17_6_a | DCL30-C. Declare objects with appropriate storage durations |
| MISRA2004-17_6_b | DCL30-C. Declare objects with appropriate storage durations |
| MISRA2004-19_7 | PRE00-C. Prefer inline or static functions to function-like macros |
| MISRA2004-19_8 | MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro |
| MISRA2004-19_9 | PRE32-C. Do not use preprocessor directives in invocations of function-like macros |
| MISRA2004-19_10 | PRE01-C. Use parentheses within macros around parameter names |
| MISRA2004-20_1_a | DCL37-C. Do not declare or define a reserved identifier |
| MISRA2004-20_7 | MSC22-C. Use the setjmp(), longjmp() facility securely |
| MISRA2004-20_8_b | SIG34-C. Do not call signal() from within interruptible signal handlers |
| MISRA2004-20_8_b | CON37-C. Do not call signal() in a multithreaded program |
| MISRA2004-20_8_b | POS44-C. Do not use signals to terminate threads |
| MISRA2004-20_8_b | SIG00-C. Mask signals handled by noninterruptible signal handlers |
| MISRA2004-20_8_b | SIG01-C. Understand implementation-specific details regarding signal handler persistence |
| MISRA2004-20_8_b | SIG02-C. Avoid using signals to implement normal functionality |
| MISRA2004-20_10 | ERR34-C. Detect errors when converting a string to a number |
| MISRA2004-20_10 | ERR07-C. Prefer functions that support error checking over equivalent functions that don't |
| MISRA2004-20_10 | MSC24-C. Do not use deprecated or obsolescent functions |
| MISRA2004-20_11 | ENV33-C. Do not call system() |
| MISRA2004-20_11 | ERR04-C. Choose an appropriate termination strategy |
| MISRA2004-20_11 | ERR05-C. Application-independent code should provide error detection without dictating error handling |
| MISRA2004-20_11 | MSC24-C. Do not use deprecated or obsolescent functions |
| MISRA-005 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| MISRA-11_5 | EXP40-C. Do not modify constant objects |
| MISRA-020 | DCL31-C. Declare identifiers before using them |
| MISRA-023 | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
| MISRA-024 | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
| MISRA-038 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| MISRA-043 | INT02-C. Understand integer conversion rules |
| MISRA-043 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISRA-043_b | INT02-C. Understand integer conversion rules |
| MISRA-043_c | FLP36-C. Preserve precision when converting integral values to floating-point type |
| MISRA-043_c | FLP06-C. Convert integers to floating point for floating-point operations |
| MISRA-043_d | FLP36-C. Preserve precision when converting integral values to floating-point type |
| MISRA-043_d | FLP06-C. Convert integers to floating point for floating-point operations |
| MISRA-043b | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int |
| MISRA-043b | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISRA-046_a | CON02-C. Do not use volatile as a synchronization primitive |
| MISRA-051 | MSC14-C. Do not introduce unnecessary platform dependencies |
| MISRA-051 | MSC15-C. Do not depend on undefined behavior |
| MISRA-065 | FLP30-C. Do not use floating-point variables as loop counters |
| MISRA-071_b | EXP37-C. Call functions with the correct number and type of arguments |
| MISRA-096 | PRE02-C. Macro replacement lists should be parenthesized |
| MISRA-101 | FLP37-C. Do not use object representations to compare floating-point values |
| MISRA-101 | EXP08-C. Ensure pointer arithmetic is used correctly |
| MRM-07 | EXP42-C. Do not compare padding data |
| MRM-09 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-10 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-11 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-18 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-19 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-20 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-39 | ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
| MRM-45 | MEM35-C. Allocate sufficient memory for an object |
| NAMING-44 | DCL02-C. Use visually distinct identifiers |
| OPT-01 | DCL19-C. Minimize the scope of variables and functions |
| OPT-06 | MSC13-C. Detect and remove unused values |
| PB-27 | STR30-C. Do not attempt to modify string literals |
| PB-32 | ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array |
| PB-35 | EXP45-C. Do not perform assignments in selection statements |
| PB-38 | STR10-C. Do not concatenate different type of string literals |
| PB-45 | FIO47-C. Use valid format strings |
| PB-46 | FIO47-C. Use valid format strings |
| PB-47 | FIO47-C. Use valid format strings |
| PB-48 | FIO47-C. Use valid format strings |
| PB-49 | FIO47-C. Use valid format strings |
| PB-50 | FIO47-C. Use valid format strings |
| PB-51 | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| PB-66_a | INT30-C. Ensure that unsigned integer operations do not wrap |
| PB-66_a | INT32-C. Ensure that operations on signed integers do not result in overflow |
| PB-66_b | INT30-C. Ensure that unsigned integer operations do not wrap |
| PB-66_b | INT32-C. Ensure that operations on signed integers do not result in overflow |
| PFO-02 | PRE06-C. Enclose header files in an include guard |
| PORT-01 | DCL16-C. Use "L," not "l," to indicate a long value |
| Runtime | INT32-C. Ensure that operations on signed integers do not result in overflow |
| Runtime | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Runtime | DCL11-C. Understand the type issues associated with variadic functions |
| runtime | DCL40-C. Do not create incompatible declarations of the same function or object |
| Runtime analysis | EXP33-C. Do not read uninitialized memory |
| Runtime analysis | EXP34-C. Do not dereference null pointers |
| Runtime analysis | ARR38-C. Guarantee that library functions do not form invalid pointers |
| Runtime analysis | FLP03-C. Detect and handle floating-point errors |
| Runtime analysis | STR07-C. Use the bounds-checking interfaces for string manipulation |
| Runtime analysis for over- or under- read or write | EXP08-C. Ensure pointer arithmetic is used correctly |
| Runtime analysis will detect all leaks | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| Runtime detection | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| SECURITY-01 | MSC33-C. Do not pass invalid data to the asctime() function |
| SECURITY-02 | MSC32-C. Properly seed pseudorandom number generators |
| SECURITY-02_b | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
| SECURITY-02_b | MSC32-C. Properly seed pseudorandom number generators |
| SECURITY-03 | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
| SECURITY-03 | ENV02-C. Beware of multiple environment variables with the same effective name |
| SECURITY-04 | WIN00-C. Be specific when dynamically loading libraries |
| SECURITY-05 SECURITY-08 SECURITY-36 | FIO30-C. Exclude user input from format strings |
| SECURITY-07 SECURITY-02 | API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size should take an argument to specify the source or target size |
| SECURITY-07 | ENV01-C. Do not make assumptions about the size of an environment variable |
| SECURITY-07 | MSC24-C. Do not use deprecated or obsolescent functions |
| SECURITY-10 | POS33 | SECURITY-03 | POS34-C. Do not call putenvuse vfork() with a pointer to an automatic variable as the argument |
| SECURITY-03 12 | ENV02 STR31-C. Beware of multiple environment variables with the same effective name Guarantee that storage for strings has sufficient space for character data and the null terminator |
| SECURITY-04 12 | WIN00 API01-C. Be specific when dynamically loading libraries Avoid laying out strings in memory directly before sensitive data |
| SECURITY-07 12 | API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size |
| SECURITY-07 | ENV01-C. Do not make assumptions about the size of an environment variable |
| SECURITY-07 | MSC24-C. Do not use deprecated or obsolescent functions |
| SECURITY-10 | POS33-C. Do not use vfork() |
| SECURITY-12 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| SECURITY-12 | API01-C. Avoid laying out strings in memory directly before sensitive data |
| SECURITY-12 | ENV01-C. Do not make assumptions about the size of an environment variable |
| SECURITY-12 | MSC24-C. Do not use deprecated or obsolescent functions |
| SECURITY-13 | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
| SECURITY-13 | STR07-C. Use the bounds-checking interfaces for string manipulation |
| SECURITY-19 | POS35-C. Avoid race conditions while checking for the existence of a symbolic link |
| SECURITY-19 | FIO01-C. Be careful using functions that use file names for identification |
| SECURITY-19 | FIO21-C. Do not create temporary files in shared directories |
| SECURITY-25 | CON33-C. Avoid race conditions when using library functions |
| source or target size |
| SECURITY-12 | ENV01-C. Do not make assumptions about the size of an environment variable |
| SECURITY-12 | MSC24-C. Do not use deprecated or obsolescent functions |
| SECURITY-13 | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
| SECURITY-13 | STR07-C. Use the bounds-checking interfaces for string manipulation |
| SECURITY-19 | CON43-C. Do not allow data races in multithreaded code |
| SECURITY-19 | POS35-C. Avoid race conditions while checking for the existence of a symbolic link |
| SECURITY-19 | FIO01-C. Be careful using functions that use file names for identification |
| SECURITY-19 | FIO21-C. Do not create temporary files in shared directories |
| SECURITY-25 | CON33-C. Avoid race conditions when using library functions |
| SECURITY-27 | FIO01-C. Be careful using functions that use file names for identification |
| SECURITY-28 | MSC32-C. Properly seed pseudorandom number generators |
| SECURITY-43 | POS47-C. Do not use threads that can be canceled asynchronously |
| SECURITY-44 | POS36-C. Observe correct revocation order while relinquishing privileges |
| SECURITY-45 | POS37-C. Ensure that privilege relinquishment is successful |
| SECURITY-46 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| SECURITY-47 | INT35-C. Use correct integer precisions |
| SECURITY-48 | ENV33-C. Do not call system() | SECURITY-27 | FIO01-C. Be careful using functions that use file names for identification |
