SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 65

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 66

changes.mady.by.user Anirban Gangopadhyay

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Failure to adopt and implement a consistent and comprehensive error-handling policy is detrimental to system survivability and can result in a broad range of vulnerabilities depending on the operational characteristics of the system.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

ERR00-C

Medium

Probable

High

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

Tool

Version

Checker

Description

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

MISRA C:2012 Rule 17.1

The features of <stdarg.h> shall not be used


Related Guidelines

SEI CERT C++ Coding StandardVOID ERR00-CPP. Adopt and implement a consistent and comprehensive error-handling policy
ISO/IEC TR 24772:2013Termination Strategy [REU]
MISRA C:2012Rule 17.1 (required)
MITRE CWECWE-391, Unchecked error condition
CWE-544, Missing standardized error handling mechanism

Bibliography

[Fisher 1999]
 

[Horton 1990]Section 11, p. 168
Section 14, p. 254
[Koenig 1989]Section 5.4, p. 73
[Lipson 2000]
 

[Lipson 2006]
 

[Summit 2005]C-FAQ Question 20.4

...


...