SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 23

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 24

changes.mady.by.user Robert Schiela

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: major updates

These checkers enforce the CERT C Secure Coding rules, and are freely available from Rosecheckers Github project. For questions regarding the CERT ROSE checkers, contact secure-coding at cert dot org info@sei.cmu.edu.

Running Rosecheckers (the ROSE CERT C Checkers)

...

There are three ways to run Rosecheckers. You can run Rosecheckers using a downloadable virtual machine. You can build Rosecheckers, as well as ROSE itself, from source. Finally, Rosecheckers is available on Carnegie Mellon University's Andrew system to students, faculty, and staff.

Getting Rosecheckers code from source or container

You can get the rosecheckers code from source (no VM) from https://github.com/coruus/ rosecheckers If you install rosecheckers code from source , you will should install ROSE first. After installing ROSE:

  • Clone the rosecheckers repository from github
  • Set the ROSE environment variable to point to the directory for ROSE that has the bin, include, etc. for ROSE
  • To build the Rosecheckers program from the CERT C Checkers, go into the rosecheckers/rosecheckers directory and type: make pgms

Rosecheckers on a Virtual Machine

To run these checkers, you must use a virtualization system such as VMWare. The Sourceforge project provides a free example VM, which we call "Rosebud" (the Rosecheckers VM).

Once extracted, the rosebud directory is a VM image that can be powered on by VMWare. After logging in, you'll need to enter your login password again when the system asks for a sudo password. This is so the VM image can generate a unique SSH key.

After that, you should be able to access the VM from your host machine remotely using SSH. You'll need the VM's IP address for this, which you can learn with this command from the VM:

Code Block
ip addr | grep /24

If it provides multiple IP addresses, select the one that begins
/192.168.../.

In the VM's home directory, there is a README file explaining what software is available there. It includes both ROSE and the CERT Secure Coding rule checkers.

Building Rosecheckers

To build the Rosecheckers program from the CERT C Checkers, type:

Code Block
make pgms

To test Rosecheckers on the code samples from the CERT C Secure Coding Rules:

Code Block
make tests

To build API documentation pages, you must have doxygen installed:

Code Block
make doc

To clean documentation pages and build files:

...

or a container from Rosecheckers Github project.

Follow the instructions on the Readme of that project site.

Secure Coding Rules Enforced by Rosecheckers

...