SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 83

changes.mady.by.user Jeffrey Gennari

Saved on

compared with

New Version 84

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider (sch jbop) (X_X)@==(Q_Q)@

...

Code Block
bgColor#ccccff
#include <stdlib.h>
/* // ... */
char *p = malloc(10);

...

Code Block
bgColor#FFCCCC
func(1, 2);
/* // ... */
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

...

Code Block
bgColor#ccccff
int func(int, int, int);
/* // ... */

func(1, 2, 3);
/* // ... */
int func(int one, int two, int three){
  printf("%d %d %d", one, two, three);
  return 1;
}

...

Code Block
bgColor#FFCCCC
int add(int x, int y, int z) {
   return x + y + z;
}

int main(int argc, char *argv[]) {
   int (*fn_ptr) (int, int);
   int res;
   fn_ptr = add;
   res = fn_ptr(2, 3);  /* incorrect */
   /* // ... */
   return 0;
}

Compliant Solution: (function pointers)

...

Code Block
bgColor#ccccff
int add(int x, int y, int z) {
   return x + y + z;
}

int main(int argc, char *argv[]) {
   int (*fn_ptr) (int, int, int) ;
   int res;
   fn_ptr = add;
   res = fn_ptr(2, 3, 4);
   /* // ... */
   return 0;
}

Risk Assessment

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL31 DCL07-C A

1 (low)

1 (unlikely)

3 (low)

P3

L3

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[ISO/IEC 9899-1999:TC2|AA. C References#ISO/IEC 9899-1999TC2]\] Forward, Section 6.9.1, "Function definitions"
\[[Spinellis 06|AA. C References#Spinellis 06]\] Section 2.6.1, "Incorrect Routine or Arguments"