SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 212

changes.mady.by.user Aleksandr Karbyshev

Saved on

compared with

New Version 213

changes.mady.by.user Unknown User (lflynn)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: fixed mapping notes

...

Taxonomy

Taxonomy item

Relationship

CERT C Secure Coding StandardSTR03-C. Do not inadvertently truncate a stringPrior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding StandardSTR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code
MSC24-C. Do not use deprecated or obsolescent functions
MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
FIO34-C. Distinguish between characters read from a file and EOF or WEOF		Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013String Termination [CJM]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Buffer Boundary Violation (Buffer Overflow) [HCB]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Unchecked Array Copying [XYW]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013Using a tainted value to write to an object using a formatted input or output function [taintformatio]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013Tainted strings are passed to a string copying function [taintstrcpy]Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer2017-05-18: CERT: Rule subset of CWE
CWE 2.11CWE-120, Buffer Copy without Checking Size of Input ("Classic Buffer Overflow")2017-05-15: CERT: Exact
CWE 2.11CWE-123, Write-what-where Condition2017-06-12: CERT: Partial overlap
CWE 2.11CWE-125, Out-of-bounds Read2017-05-18: CERT: Partial overlap
CWE 2.11CWE-676, Off-by-one Error2017-05-18: CERT: Partial overlap

...

Independent( ARR30-C, ARR38-C, EXP39-C, INT30-C)

STR31-C = Subset( Union( ARR30-C, ARR38-C))

STR32-C = Subset( ARR38-C)

...

Independent(ARR30-C, ARR38-C)

STR31-C = Subset( Union( ARR30-C, ARR38-C))

STR32-C = Subset( ARR38-C)

...

Independent( ARR30-C, ARR38-C, ARR32-C, INT30-C, INT31-C, EXP39-C, EXP33-C, FIO37-C)

STR31-C = Subset( Union( ARR30-C, ARR38-C))

STR32-C = Subset( ARR38-C)

...