SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 62

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 63

changes.mady.by.user Michal Rozenau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft C/C++test 10.4.1 update

...

The risk in using in-band error indicators is difficult to quantify and is consequently given as low. However, if the use of in-band error indicators results in programmers' failing to check status codes or incorrectly checking them, the consequences can be more severe.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

ERR02-C

Low

Unlikely

High

P1

L3

Automated Detection

Tool

Version

Checker

Description

Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-ERR02-a

The Standard Library input/output functions shall not be used

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID ERR02-CPP. Avoid in-band error indicators

Bibliography

[Burch 2006]
 

[ISO/IEC 9899:2011]

Subclause 6.3.2, "Other Operands"
Annex K, "Bounds-checking Interfaces"

...


...