...
CERT Rule | Related Guidelines |
---|---|
DCL30-C | Escaping of the address of an automatic object [addrescape] |
DCL37-C | Using identifiers that are reserved for the implementation [resident] |
DCL40-C | Declaring the same function or object in incompatible ways [funcdecl] |
EXP33-C | Referencing uninitialized memory [uninitref] |
EXP34-C | Dereferencing an out-of-domain pointer [nullref] |
EXP36-C | Converting pointer values to more strictly aligned pointer types [alignconv] |
EXP37-C | Calling functions with incorrect arguments [argcomp] |
EXP39-C | Accessing an object through a pointer to an incompatible type [ptrcomp] |
EXP42-C | Comparison of padding data [padcomp] |
EXP43-C | Passing pointers into the same object as arguments to different restrict-qualified parameters [restrict] |
EXP45-C | No assignment in conditional expressions [boolasgn] |
INT32-C | Overflowing signed integers [intoflow] |
INT33-C | Integer division errors [diverr] |
INT36-C | Converting a pointer to integer or integer to pointer [intptrconv] |
ARR30-C | Forming or using out-of-bounds pointers or array subscripts [invptr] |
ARR32-C | Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink [taintsink] |
ARR36-C | Subtracting or comparing two pointers that do not refer to the same array [ptrobj] |
ARR38-C | Forming invalid pointers by library functions [libptr] |
STR30-C | Modifying string literals [strmod] |
STR31-C | Using a tainted value to write to an object using a formatted input or output function [taintformatio] |
STR31-C | Tainted strings are passed to a string copying function [taintstrcpy] |
STR32-C | Passing a non-null-terminated character sequence to a library function that expects a string [strmod] |
STR34-C | Conversion of signed characters to wider integer types before a check for EOF [signconv] |
STR37-C | Passing arguments to character-handling functions that are not representable as unsigned char [chrsgnext] |
MEM30-C | Accessing freed memory [accfree] |
MEM30-C | Freeing memory multiple times [dblfree] |
MEM31-C | Failing to close files or free dynamic memory when they are no longer needed [fileclose] |
MEM34-C | Reallocating or freeing memory that was not dynamically allocated [xfree] |
MEM35-C | Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr] |
FIO30-C | Including tainted or out-of-domain input in a format string [usrfmt] |
FIO34-C | Using character values that are indistinguishable from EOF [chreof] |
FIO38-C | Copying a FILE object [filecpy] |
FIO39-C | Interleaving stream inputs and outputs without a flush or positioning call [ioileave] |
FIO42-C | Failing to close files or free dynamic memory when they are no longer needed [fileclose] |
FIO44-C | Using a value for fsetpos other than a value returned from fgetpos [xfilepos] |
FIO47-C | Using invalid format strings [invfmtstr] |
ENV30-C | Modifying the string returned by getenv , localeconv , setlocale , and strerror [libmod] |
ENV33-C | Calling system [syscall] |
ENV34-C | Using an object overwritten by getenv , localeconv , setlocale , and strerror [libuse] |
SIG30-C | Calling functions in the C Standard Library other than abort , _Exit , and signal from within a signal handler [asyncsig] |
SIG31-C | Accessing shared objects in signal handlers [accsig] |
SIG34-C | Calling signal from interruptible signal handlers [sigcall] |
ERR30-C | Incorrectly setting and using errno [inverrno] |
ERR33-C | Failing to detect and handle standard library errors [liberr] |
POS54-C | Failing to detect and handle standard library errors [liberr] |
ARR01-C | Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr] |
DCL07-C | Using a tainted value as an argument to an unprototyped function pointer [taintnoproto] |
EXP08-C | Forming or using out-of-bounds pointers or array subscripts [invptr] |
EXP16-C | Comparing function addresses to zero [funcaddr] |
MSC01-C | Use of an implied default in a switch statement [swtchdflt] |