Checker | Guideline |
|---|
| BD-API-VALPARAM | FLP32-C. Prevent or detect domain and range errors in math functions |
| BD-BP-NOTINIT | EXP33-C. Do not read uninitialized memory |
| BD-PB-ARRAY | FLP37-C. Do not use object representations to compare floating-point values |
| BD-PB-ARRAY | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| BD-PB-ARRAY | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| BD-PB-ARRAY | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-PB-ARRAY | FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful |
| BD-PB-ARRAY | EXP08-C. Ensure pointer arithmetic is used correctly |
| BD-PB-ARRAY | INT10-C. Do not assume a positive remainder when using the % operator |
| BD-PB-ARRAY | MSC19-C. For functions that return an array, prefer returning an empty array over a null value |
| BD-PB-BYTEORD | POS39-C. Use the correct byte ordering when transferring data between systems |
| BD-PB-CC | EXP45-C. Do not perform assignments in selection statements |
| BD-PB-CC | EXP16-C. Do not compare function pointers to constant values |
| BD-PB-CHECKRETGEN | ERR33-C. Detect and handle standard library errors |
| BD-PB-ERRNO | ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
| BD-PB-ERRNO | ERR32-C. Do not rely on indeterminate values of errno |
| BD-PB-INTOVERF | INT30-C. Ensure that unsigned integer operations do not wrap |
| BD-PB-INTOVERF | INT32-C. Ensure that operations on signed integers do not result in overflow |
| BD-PB-INVENV | ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it |
| BD-PB-INVRET | ENV34-C. Do not store pointers returned by certain functions |
| BD-PB-NP | EXP34-C. Do not dereference null pointers |
| BD-PB-NP | ERR33-C. Detect and handle standard library errors |
| BD-PB-NP | POS54-C. Detect and handle POSIX library errors |
| BD-PB-NP | MSC19-C. For functions that return an array, prefer returning an empty array over a null value |
| BD-PB-OVERFARRAY | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| BD-PB-OVERFFMT | ARR38-C. Guarantee that library functions do not form invalid pointers |
| BD-PB-OVERFNZT | ARR38-C. Guarantee that library functions do not form invalid pointers |
| BD-PB-OVERFNZT | STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string |
| BD-PB-OVERFNZT | POS30-C. Use the readlink() function properly |
| BD-PB-OVERFRD | ARR38-C. Guarantee that library functions do not form invalid pointers |
| BD-PB-OVERFWR | ARR38-C. Guarantee that library functions do not form invalid pointers |
| BD-PB-OVERFWR | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-PB-OVERFWR | API01-C. Avoid laying out strings in memory directly before sensitive data |
| BD-PB-OVERFWR | ENV01-C. Do not make assumptions about the size of an environment variable |
| BD-PB-OVERNZT | STR03-C. Do not inadvertently truncate a string |
| BD-PB-PUTENV | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
| BD-PB-SWITCH | MSC07-C. Detect and remove dead code |
| BD-PB-SWITCH | MSC12-C. Detect and remove code that has no effect or is never executed |
| BD-PB-VARARG | MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value |
| BD-PB-ZERO | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| BD-PB-ZERO | FLP03-C. Detect and handle floating-point errors |
| BD-RES-FREE | MEM30-C. Do not access freed memory |
| BD-RES-FREE | FIO46-C. Do not access a closed file |
| BD-RES-FREE | CON31-C. Do not destroy a mutex while it is locked |
| BD-RES-FREE | MEM01-C. Store a new value in pointers immediately after free() |
| BD-RES-INVFREE | MEM34-C. Only free memory allocated dynamically |
| BD-RES-INVFREE | CON31-C. Do not destroy a mutex while it is locked |
| BD-RES-LEAK | MEM31-C. Free dynamically allocated memory when no longer needed |
| BD-RES-LEAK | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| BD-RES-LEAKS | FIO42-C. Close files when they are no longer needed |
| BD-RES-LEAKS | CON30-C. Clean up thread-specific storage |
| BD-RES-LEAKS | WIN30-C. Properly pair allocation and deallocation functions |
| BD-SECURITY-BUFWRITE | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-SECURITY-INTOVERF | INT04-C. Enforce limits on integer values originating from tainted sources |
| BD-SECURITY-OVERFMT | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| BD-SECURITY-OVERFRD | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| BD-SECURITY-OVERFRD | INT04-C. Enforce limits on integer values originating from tainted sources |
| BD-SECURITY-OVERFWR | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| BD-SECURITY-OVERFWR | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-SECURITY-OVERFWR | INT04-C. Enforce limits on integer values originating from tainted sources |
| BD-SECURITY-RAND | MSC32-C. Properly seed pseudorandom number generators |
| BD-SECURITY-TDCMD | STR02-C. Sanitize data passed to complex subsystems |
| BD-SECURITY-TDFNAMES | STR02-C. Sanitize data passed to complex subsystems |
| BD-SECURITY-TDSQL | STR02-C. Sanitize data passed to complex subsystems |
| BD-TRS-ARG | CON34-C. Declare objects shared between threads with appropriate storage durations |
| BD-TRS-ARG | POS50-C. Declare objects shared between POSIX threads with appropriate storage durations |
| BD-TRS-BITLOCK | CON32-C. Prevent data races when accessing bit-fields from multiple threads |
| BD-TRS-BITLOCK | POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed |
| BD-TRS-DLOCK | CON35-C. Avoid deadlock by locking in a predefined order |
| BD-TRS-DSTRLOCK | CON31-C. Do not destroy a mutex while it is locked |
| BD-TRS-DSTRLOCK | POS48-C. Do not unlock or destroy another POSIX thread's mutex |
| BD-TRS-FORKFILE | POS38-C. Beware of race conditions when using fork and file descriptors |
| BD-TRS-LOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
| BD-TRS-ORDER | POS51-C. Avoid deadlock with POSIX threads by locking in predefined order |
| BD-TRS-REVLOCK | POS48-C. Do not unlock or destroy another POSIX thread's mutex |
| BD-TRS-SYMLINK | POS35-C. Avoid race conditions while checking for the existence of a symbolic link |
| BD-TRS-TSHL | POS52-C. Do not perform operations that can block while holding a POSIX lock |
| BD-TRS-TSHL | CON05-C. Do not perform operations that can block while holding a lock |
| CERT-EXP-19 | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
| CODSTA-11 | MSC11-C. Incorporate diagnostic tests using assertions |
| CODSTA-16 | STR11-C. Do not specify the bound of a character array initialized with a string literal |
| CODSTA-26 | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CODSTA-60 | EXP20-C. Perform explicit tests to determine success, true and false, and equality |
| CODSTA-63 | INT13-C. Use bitwise operators only on unsigned operands |
| CODSTA-63 | INT16-C. Do not make assumptions about representation of signed integers |
| CODSTA-65 | INT36-C. Converting a pointer to integer or integer to pointer |
| CODSTA-69 | STR09-C. Don't assume numeric values for expressions with type plain character |
| CODSTA-75 | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| CODSTA-86 | API00-C. Functions should validate their parameters |
| CODSTA-97 | EXP00-C. Use parentheses for precedence of operation |
| CODSTA-117 | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| CODSTA-118 | DCL40-C. Do not create incompatible declarations of the same function or object |
| CODSTA-121 | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers |
| CODSTA-122_a | ERR33-C. Detect and handle standard library errors |
| CODSTA-122_a | POS54-C. Detect and handle POSIX library errors |
| CODSTA-122_a | EXP12-C. Do not ignore values returned by functions |
| CODSTA-122_b | ERR33-C. Detect and handle standard library errors |
| CODSTA-122_b | POS54-C. Detect and handle POSIX library errors |
| CODSTA-122_b | EXP12-C. Do not ignore values returned by functions |
| CODSTA-123 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-123 | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| CODSTA-127_b | INT36-C. Converting a pointer to integer or integer to pointer |
| CODSTA-144 | POS30-C. Use the readlink() function properly |
| CODSTA-145 | POS30-C. Use the readlink() function properly |
| CODSTA-150 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-150_b | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-150_c | PRE31-C. Avoid side effects in arguments to unsafe macros |
| CODSTA-156_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-156_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-157 | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-158 | EXP37-C. Call functions with the correct number and type of arguments |
| CODSTA-159 | EXP37-C. Call functions with the correct number and type of arguments |
| CODSTA-161_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_c | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_d | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_e | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_f | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-161_g | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-163_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-163_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-164_a | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-164_b | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| CODSTA-185_a | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| CODSTA-187_a | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| CODSTA-187_b | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| CODSTA-187_c | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| CODSTA-188 | STR38-C. Do not confuse narrow and wide character strings and functions |
| CODSTA-189 | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| CODSTA-190 | FLP37-C. Do not use object representations to compare floating-point values |
| CODSTA-CPP-53 | DCL00-C. Const-qualify immutable objects |
| COMMENT-11 | MSC04-C. Use comments consistently and in a readable fashion |
| COMMENT-12 | MSC04-C. Use comments consistently and in a readable fashion |
| COMMENT-13 | MSC04-C. Use comments consistently and in a readable fashion |
| Detect at runtime | MEM34-C. Only free memory allocated dynamically |
| Detects accessing freed memory at runtime | MEM30-C. Do not access freed memory |
| Detects dangling pointers at runtime | MEM01-C. Store a new value in pointers immediately after free() |
| Detects leaks at runtime | MEM31-C. Free dynamically allocated memory when no longer needed |
| FORMAT-33 | DCL04-C. Do not declare more than one variable per declaration |
| fully implemented at runtime | ERR33-C. Detect and handle standard library errors |
| GLOBAL-CONDMUTEXVAR | POS53-C. Do not use more than one mutex for concurrent waiting operations on a condition variable |
| MISRA2004-2_3 | MSC04-C. Use comments consistently and in a readable fashion |
| MISRA2004-4_2-3 | PRE07-C. Avoid using repeated question marks |
| MISRA2004-5_2_a | DCL01-C. Do not reuse variable names in subscopes |
| MISRA2004-5_2_b | DCL01-C. Do not reuse variable names in subscopes |
| MISRA2004-6_1 | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| MISRA2004-6_1 | STR00-C. Represent characters using an appropriate type |
| MISRA2004-6_1 | STR04-C. Use plain char for characters in the basic character set |
| MISRA2004-6_2 | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| MISRA2004-7_1_a | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| MISRA2004-8_4 | DCL40-C. Do not create incompatible declarations of the same function or object |
| MISRA2004-9_3 | INT09-C. Ensure enumeration constants map to unique values |
| MISRA2004-10_1_b | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA2004-10_1_b | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| MISRA2004-10_1_d | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| MISRA2004-10_1_d | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
| MISRA2004-10_2_1 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA2004-10_2_a | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| MISRA2004-10_2_b | FLP03-C. Detect and handle floating-point errors |
| MISRA2004-10_2_c | FLP03-C. Detect and handle floating-point errors |
| MISRA2004-10_2_d | FLP03-C. Detect and handle floating-point errors |
| MISRA2004-11_4 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| MISRA2004-11_4 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA2004-11_4 | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| MISRA2004-11_5 | EXP32-C. Do not access a volatile object through a nonvolatile reference |
| MISRA2004-11_5 | EXP05-C. Do not cast away a const qualification |
| MISRA2004-12_2_a | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_a | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_a | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_2_b | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_b | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_b | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_2_c | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_c | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_c | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_2_d | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA2004-12_2_d | FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
| MISRA2004-12_2_d | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| MISRA2004-12_3_b | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| MISRA2004-12_3_c | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| MISRA2004-12_4a | EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
| MISRA2004-12_6_a | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| MISRA2004-12_6_b | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| MISRA2004-13_1 | EXP45-C. Do not perform assignments in selection statements |
| MISRA2004-13_3 | FLP00-C. Understand the limitations of floating-point numbers |
| MISRA2004-13_3 | FLP02-C. Avoid using floating-point numbers when precise computation is needed |
| MISRA2004-14_1_a | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_a | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_b | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_b | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_c | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_c | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_d | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_d | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_e | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_e | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_f | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_f | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_1_g | MSC07-C. Detect and remove dead code |
| MISRA2004-14_1_g | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA2004-14_8 | EXP19-C. Use braces for the body of an if, for, or while statement |
| MISRA2004-14_10 | MSC01-C. Strive for logical completeness |
| MISRA2004-15_0_b | DCL41-C. Do not declare variables inside a switch statement before the first case label |
| MISRA2004-15_2 | MSC17-C. Finish every set of statements associated with a case label with a break statement |
| MISRA2004-15_3 | MSC01-C. Strive for logical completeness |
| MISRA2004-16_3 | EXP37-C. Call functions with the correct number and type of arguments |
| MISRA2004-16_6 | DCL20-C. Explicitly specify void when a function accepts no arguments |
| MISRA2004-16_7 | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
| MISRA2004-16_7_b | DCL05-C. Use typedefs of non-pointer types only |
| MISRA2004-16_8 | MSC37-C. Ensure that control never reaches the end of a non-void function |
| MISRA2004-16_9 | EXP45-C. Do not perform assignments in selection statements |
| MISRA2004-17_2 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| MISRA2004-17_6_a | DCL30-C. Declare objects with appropriate storage durations |
| MISRA2004-17_6_b | DCL30-C. Declare objects with appropriate storage durations |
| MISRA2004-19_7 | PRE00-C. Prefer inline or static functions to function-like macros |
| MISRA2004-19_8 | MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro |
| MISRA2004-19_9 | PRE32-C. Do not use preprocessor directives in invocations of function-like macros |
| MISRA2004-19_10 | PRE01-C. Use parentheses within macros around parameter names |
| MISRA2004-20_1_a | DCL37-C. Do not declare or define a reserved identifier |
| MISRA2004-20_7 | MSC22-C. Use the setjmp(), longjmp() facility securely |
| MISRA2004-20_8_b | SIG34-C. Do not call signal() from within interruptible signal handlers |
| MISRA2004-20_8_b | CON37-C. Do not call signal() in a multithreaded program |
| MISRA2004-20_8_b | POS44-C. Do not use signals to terminate threads |
| MISRA2004-20_8_b | SIG00-C. Mask signals handled by noninterruptible signal handlers |
| MISRA2004-20_8_b | SIG01-C. Understand implementation-specific details regarding signal handler persistence |
| MISRA2004-20_8_b | SIG02-C. Avoid using signals to implement normal functionality |
| MISRA2004-20_10 | ERR34-C. Detect errors when converting a string to a number |
| MISRA2004-20_10 | ERR07-C. Prefer functions that support error checking over equivalent functions that don't |
| MISRA2004-20_10 | MSC24-C. Do not use deprecated or obsolescent functions |
| MISRA2004-20_11 | ENV33-C. Do not call system() |
| MISRA2004-20_11 | ERR04-C. Choose an appropriate termination strategy |
| MISRA2004-20_11 | ERR05-C. Application-independent code should provide error detection without dictating error handling |
| MISRA2004-20_11 | MSC24-C. Do not use deprecated or obsolescent functions |
| MISRA-005 | MSC09-C. Character encoding: Use subset of ASCII for safety |
| MISRA-11_5 | EXP40-C. Do not modify constant objects |
| MISRA-020 | DCL31-C. Declare identifiers before using them |
| MISRA-023 | DCL15-C. Declare file-scope objects or functions that do not need external linkage as static |
| MISRA-024 | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
| MISRA-038 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| MISRA-043 | INT02-C. Understand integer conversion rules |
| MISRA-043 | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISRA-043_b | INT02-C. Understand integer conversion rules |
| MISRA-043_c | FLP36-C. Preserve precision when converting integral values to floating-point type |
| MISRA-043_c | FLP06-C. Convert integers to floating point for floating-point operations |
| MISRA-043_d | FLP36-C. Preserve precision when converting integral values to floating-point type |
| MISRA-043_d | FLP06-C. Convert integers to floating point for floating-point operations |
| MISRA-043b | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int |
| MISRA-043b | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISRA-046_a | CON02-C. Do not use volatile as a synchronization primitive |
| MISRA-051 | MSC14-C. Do not introduce unnecessary platform dependencies |
| MISRA-051 | MSC15-C. Do not depend on undefined behavior |
| MISRA-065 | FLP30-C. Do not use floating-point variables as loop counters |
| MISRA-071_b | EXP37-C. Call functions with the correct number and type of arguments |
| MISRA-096 | PRE02-C. Macro replacement lists should be parenthesized |
| MISRA-101 | FLP37-C. Do not use object representations to compare floating-point values |
| MISRA-101 | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| MISRA-101 | EXP08-C. Ensure pointer arithmetic is used correctly |
| MRM-07 | EXP42-C. Do not compare padding data |
| MRM-09 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-10 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-11 | MEM01-C. Store a new value in pointers immediately after free() |
| MRM-18 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-19 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-20 | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-39 | ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
| MRM-45 | MEM35-C. Allocate sufficient memory for an object |
| NAMING-44 | DCL02-C. Use visually distinct identifiers |
| OPT-01 | DCL19-C. Minimize the scope of variables and functions |
| OPT-06 | MSC13-C. Detect and remove unused values |
| PB-27 | STR30-C. Do not attempt to modify string literals |
| PB-32 | ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array |
| PB-35 | EXP45-C. Do not perform assignments in selection statements |
| PB-38 | STR10-C. Do not concatenate different type of string literals |
| PB-45 | FIO47-C. Use valid format strings |
| PB-46 | FIO47-C. Use valid format strings |
| PB-47 | FIO47-C. Use valid format strings |
| PB-48 | FIO47-C. Use valid format strings |
| PB-49 | FIO47-C. Use valid format strings |
| PB-50 | FIO47-C. Use valid format strings |
| PB-51 | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| PB-66_a | INT30-C. Ensure that unsigned integer operations do not wrap |
| PB-66_a | INT32-C. Ensure that operations on signed integers do not result in overflow |
| PB-66_b | INT30-C. Ensure that unsigned integer operations do not wrap |
| PB-66_b | INT32-C. Ensure that operations on signed integers do not result in overflow |
| PFO-02 | PRE06-C. Enclose header files in an include guard |
| PORT-01 | DCL16-C. Use "L," not "l," to indicate a long value |
| Runtime | INT32-C. Ensure that operations on signed integers do not result in overflow |
| Runtime | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Runtime | DCL11-C. Understand the type issues associated with variadic functions |
| runtime | DCL40-C. Do not create incompatible declarations of the same function or object |
| Runtime analysis | EXP33-C. Do not read uninitialized memory |
| Runtime analysis | EXP34-C. Do not dereference null pointers |
| Runtime analysis | ARR38-C. Guarantee that library functions do not form invalid pointers |
| Runtime analysis | FLP03-C. Detect and handle floating-point errors |
| Runtime analysis | STR07-C. Use the bounds-checking interfaces for string manipulation |
| Runtime analysis for over- or under- read or write | EXP08-C. Ensure pointer arithmetic is used correctly |
| Runtime analysis will detect all leaks | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| Runtime detection | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| SECURITY-01 | MSC33-C. Do not pass invalid data to the asctime() function |
| SECURITY-02 | MSC32-C. Properly seed pseudorandom number generators |
| SECURITY-02_b | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
| SECURITY-02_b | MSC32-C. Properly seed pseudorandom number generators |
| SECURITY-03 | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
| SECURITY-03 | ENV02-C. Beware of multiple environment variables with the same effective name |
| SECURITY-04 | WIN00-C. Be specific when dynamically loading libraries |
| SECURITY-05 SECURITY-08 SECURITY-36 | FIO30-C. Exclude user input from format strings |
| SECURITY-07 | API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size |
| SECURITY-07 | ENV01-C. Do not make assumptions about the size of an environment variable |
| SECURITY-07 | MSC24-C. Do not use deprecated or obsolescent functions |
| SECURITY-10 | POS33-C. Do not use vfork() |
| SECURITY-12 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| SECURITY-12 | API01-C. Avoid laying out strings in memory directly before sensitive data |
| SECURITY-12 | API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size |
| SECURITY-12 | ENV01-C. Do not make assumptions about the size of an environment variable |
| SECURITY-12 | MSC24-C. Do not use deprecated or obsolescent functions |
| SECURITY-13 | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
| SECURITY-13 | STR07-C. Use the bounds-checking interfaces for string manipulation |
| SECURITY-19 | CON43-C. Do not allow data races in multithreaded code |
| SECURITY-19 | POS35-C. Avoid race conditions while checking for the existence of a symbolic link |
| SECURITY-19 | FIO01-C. Be careful using functions that use file names for identification |
| SECURITY-19 | FIO21-C. Do not create temporary files in shared directories |
| SECURITY-25 | CON33-C. Avoid race conditions when using library functions |
| SECURITY-27 | FIO01-C. Be careful using functions that use file names for identification |
| SECURITY-28 | MSC32-C. Properly seed pseudorandom number generators |
| SECURITY-43 | POS47-C. Do not use threads that can be canceled asynchronously |
| SECURITY-44 | POS36-C. Observe correct revocation order while relinquishing privileges |
| SECURITY-45 | POS37-C. Ensure that privilege relinquishment is successful |
| SECURITY-46 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| SECURITY-47 | INT35-C. Use correct integer precisions |
| SECURITY-48 | ENV33-C. Do not call system() |
