SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 18

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 19

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added Risk Assessment

...

Code Block
bgColor#ccccff
langc
#include <stddef.h>
  
#if defined (_MSC_VER)
  #define N(x)
#else
  #define N(x)  (x)
#endif
  
int f(size_t n, int a[N(n)]);

Risk Assessment

Failing to specify conformant array dimensions increases the likelihood that another developer will invoke the function with out-of-range integers, which could cause an out-of-bounds memory read or write.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

API05-C

High

Probable

Medium

P12

L1

Automated Detection

Bibliography

[ISO/IEC 9899:2011]Subclause 6.7.6.2, "Array Declarators"
Subclause 6.7.6.3, "Function Declarators (Including Prototypes)"

...


...