SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 40

changes.mady.by.user David Keaton

Saved on

compared with

New Version 41

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: removed the exception, added UB 31, and tried to fix up the references to the UB. please review!

...

UB

Description

Code

15

Two declarations of the same object or function specify types that are not compatible (6.2.7).

All noncompliant code in this guideline

31—Two identifiers differ only in nonsignificant characters (6.4.2.1).Excessively Long Identifiers

37

An object has its stored value accessed other than by an lvalue of an allowable type (6.5).

Incompatible Object Declarations, Incompatible Array Declarations

41

A function is defined with a type that is not compatible with the type (of the expression) pointed to by the expression that denotes the called function (6.5.2.2).

Incompatible Function Declarations, Excessively Long Identifiers

...

Noncompliant Code Example (Excessively Long Identifiers)

In this noncompliant code example, the length of the identifier declaring the function pointer bash_groupname_completion_function() in file bashline.h exceeds by 3 the minimum implementation limit of 31 significant initial characters in an external identifier, introducing the possibility of colliding with the bash_groupname_completion_funct integer variable defined in file b.c, which is exactly 31 characters long.  On an implementation that exactly meets this limit,

...

this is a violation of undefined behavior 31.  This results in two incompatible declarations of the same function (see undefined behavior 15). In addition, invoking the function leads to undefined behavior 41 with typically catastrophic effects.

Code Block
bgColor#FFcccc
languagec
/* In bash/bashline.h */
extern char* bash_groupname_completion_function(const char*, int); /* UB 15, UB 31 */

/* In a.c */
#include <bashline.h>

void f(const char *s, int i) {
  bash_groupname_completion_function(s, i);   /* UB 41 */
}

/* In b.c */
int bash_groupname_completion_funct;   /* UB 15, UB 31 */

Note: The identifier bash_groupname_completion_function referenced here was taken from GNU Bash version 3.2.

...

Code Block
bgColor#ccccff
langc
/* In bash/bashline.h */
extern char* bash_groupname_completion(const char*, int);   

/* In a.c */
#include <bashline.h>

void f(const char *s, int i) {
  bash_groupname_completion(s, i);  
}

/* In b.c */
int bash_groupname_completion_funct;

Exceptions

DCL40-EX1: No diagnostic need be issued if a declaration that is incompatible with the definition occurs in a translation unit that does not contain any definition or uses of the function or object other than possibly additional declarations. Such code violates MSC12-C. Detect and remove code that has no effect or MSC13-C. Detect and remove unused values, but it does not cause undefined behavior.

...

bgColor#ccccff
languagec

...

 

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL40-C

Low

Unlikely

Medium

P2

L3

...