SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 83

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 84

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Fortify SCA

V. 5.0

 

Can detect violations of this recommendation with the CERT C Rule Pack.

Compass/ROSE

 

 

Can detect violations of this recommendation. In particular, it notes uses of the scanf() family of functions where on the type specifier is a floating-point or integer type.

Fortify SCA

5.0

 

Can detect violations of this recommendation with the CERT C Rule Pack.

PRQA QA-C
Include Page
PRQA_V
PRQA_V
Warncall for scanf etcFully implemented.

...

CERT C++ Secure Coding StandardINT05-CPP. Do not use input functions to convert character data if they cannot handle all possible inputs
MITRE CWECWE-192, Integer coercion error
CWE-197, Numeric truncation error

Bibliography

...

[Klein 2002] 
[Linux 2008]scanf(3)

...