SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 16

changes.mady.by.user Jill Britton

Saved on

compared with

New Version 17

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Helix QAC_V
ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
HARDCODED.AUTH
HARDCODED.DNS
HARDCODED.KEY
HARDCODED.SALT		Hardcoded Authentication
Hardcoded DNS Name
Hardcoded Crypto Key
Hardcoded Crypto Salt
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V



Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-MSC41-a

Do not hard code string literals

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

2460

Assistance provided: reports when a literal is provided as an argument to a function parameter with the ‘noliteral’ argument Semantic; several Windows API functions are marked as such and the ‘-sem’ option can apply it to other functions as appropriate

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule MSC41-CChecks for hard coded sensitive data (rule partially covered)Helix QAC
Include Page
Helix QAC_V

Related Guidelines

javaMSC03-J. Never hard code sensitive information

ISO/IEC TR 24772:2010

Hard-coded Password [XYP]

MITRE CWE

CWE-259, Use of Hard-Coded Password
CWE-798, Use of Hard-Coded Credentials

...