Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

CERT Rule

Related Guidelines

DCL30-CEscaping of the address of an automatic object [addrescape]
DCL37-CUsing identifiers that are reserved for the implementation [resident]
DCL40-CDeclaring the same function or object in incompatible ways [funcdecl]
EXP33-CReferencing uninitialized memory [uninitref]
EXP34-CDereferencing an out-of-domain pointer [nullref]
EXP36-CConverting pointer values to more strictly aligned pointer types [alignconv]
EXP37-CCalling functions with incorrect arguments [argcomp]
EXP39-CAccessing an object through a pointer to an incompatible type [ptrcomp]
EXP42-CComparison of padding data [padcomp]
EXP43-CPassing pointers into the same object as arguments to different restrict-qualified parameters [restrict]
EXP45-CNo assignment in conditional expressions [boolasgn]
INT32-COverflowing signed integers [intoflow]
INT33-CInteger division errors [diverr]
INT36-CConverting a pointer to integer or integer to pointer [intptrconv]
ARR30-CForming or using out-of-bounds pointers or array subscripts [invptr]
ARR32-CTainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink [taintsink]
ARR36-CSubtracting or comparing two pointers that do not refer to the same array [ptrobj]
ARR38-CForming invalid pointers by library functions [libptr]
STR30-CModifying string literals [strmod]
STR31-CUsing a tainted value to write to an object using a formatted input or output function [taintformatio]
STR31-CTainted strings are passed to a string copying function [taintstrcpy]
STR32-CPassing a non-null-terminated character sequence to a library function that expects a string [strmod]
STR34-CConversion of signed characters to wider integer types before a check for EOF [signconv]
STR37-CPassing arguments to character-handling functions that are not representable as unsigned char [chrsgnext]
MEM30-CAccessing freed memory [accfree]
MEM30-CFreeing memory multiple times [dblfree]
MEM31-CFailing to close files or free dynamic memory when they are no longer needed [fileclose]
MEM34-CReallocating or freeing memory that was not dynamically allocated [xfree]
MEM35-CTaking the size of a pointer to determine the size of the pointed-to type [sizeofptr]
FIO30-CIncluding tainted or out-of-domain input in a format string [usrfmt]
FIO34-CUsing character values that are indistinguishable from EOF [chreof]
FIO38-CCopying a FILE object [filecpy]
FIO39-CInterleaving stream inputs and outputs without a flush or positioning call [ioileave]
FIO42-CFailing to close files or free dynamic memory when they are no longer needed [fileclose]
FIO44-CUsing a value for fsetpos other than a value returned from fgetpos [xfilepos]
FIO47-CUsing invalid format strings [invfmtstr]
ENV30-CModifying the string returned by getenv, localeconv, setlocale, and strerror [libmod]
ENV33-CCalling system [syscall]
ENV34-CUsing an object overwritten by getenv, localeconv, setlocale, and strerror [libuse]
SIG30-CCalling functions in the C Standard Library other than abort, _Exit, and signal from within a signal handler [asyncsig]
SIG31-CAccessing shared objects in signal handlers [accsig]
SIG34-CCalling signal from interruptible signal handlers [sigcall]
ERR30-CIncorrectly setting and using errno [inverrno]
ERR33-CFailing to detect and handle standard library errors [liberr]
POS54-CFailing to detect and handle standard library errors [liberr]
ARR01-CTaking the size of a pointer to determine the size of the pointed-to type [sizeofptr]
DCL07-CUsing a tainted value as an argument to an unprototyped function pointer [taintnoproto]
EXP08-CForming or using out-of-bounds pointers or array subscripts [invptr]
EXP16-CComparing function addresses to zero [funcaddr]
MSC01-CUse of an implied default in a switch statement [swtchdflt]