SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 104

changes.mady.by.user John Benito

Saved on

compared with

New Version 105

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Functions that are appropriately declared (as in DCL07-C. Include the appropriate type information in function declarators) will typically fail compilation if they are supplied with the wrong number or types of arguments. However, there are cases where in which supplying the incorrect arguments to a function will, at best, generate compiler warnings. These warnings should be resolved but do not prevent program compilation.(See MSC00-C. Compile cleanly at high warning levels.)

...

In this compliant solution, the function pointer fp points to a function returning char *, with the correct number and type of arguments:

...

Code Block
bgColor#FFCCCC
langc
/* inIn another source file */
void copy(char *dst, const char *src) {
  if (!strcpy(dst, src)) {
    /* reportReport error */
  }
}
 
/* inIn this source file -- no copy prototype in scope */
void copy();
 
void g(const char *s) {
  char buf[20];
  copy(buf, s, sizeof buf);  /* violationViolation */
  /* ... */
}

Compliant Solution

...

Code Block
bgColor#ccccff
langc
/* inIn another source file */
void copy(char *dst, const char *src) {
  if (!strcpy(dst, src)) {
    /* reportReport error */
  }
}
 
/* copyCopy prototype in scope in this source file  */
void copy(char *dst, const char *src);
 
void g(const char *s) {
  char buf[20];
  copy(buf, s); 
  /* ... */
}

...

Code Block
bgColor#FFCCCC
langc
/* inIn another source file */
void buginf(const char *fmt, ...) {
   /* ... */
}

/* inIn this source file -- no buginf prototype in scope */
void buginf();
 
void h(void) {
  buginf("bug in function %s, line %d\n", __func__, __LINE__);  /* violationViolation */
  /* ... */
}

Compliant Solution

...

Code Block
bgColor#ccccff
langc
/* inIn another source file */
void buginf(const char *fmt, ...) {
   /* ... */
}

/* buginf prototype in scope in this source file */

void buginf(const char *fmt, ...);
 
void h(void) {
  buginf("bug in function %s, line %d\n", __func__, __LINE__); 
  /* ... */
}

...

Code Block
bgColor#FFCCCC
langc
/* inIn another source file */
 
long f(long x) {
  return x < 0 ? -x : x;
}

/* inIn this source file -- no f prototype in scope */
 
int g(int x) {
  return f(x);  /* violationViolation */
}

Compliant Solution

In this compliant solution, the prototype for the function f() is included in the scope in the source file where it is used, and the function f() is correctly called with an argument of type int:

Code Block
bgColor#ccccff
langc
/* inIn another source file */
 
long f(long x) {
  return x < 0 ? -x : x;
}

/* f prototype in scope in this source file */

long f(long x); 

int g(long x) {
  return f(x);  
}

...

Code Block
bgColor#ffcccc
langc
fd = open(ms, O_CREAT|O_EXCL|O_WRONLY|O_TRUNC);

Note that, technically, it is also incorrect to pass a third argument to open() when not creating a new file (that is, with the O_CREAT flag not set). A POSIX implementation could, if it wished, return an EINVAL error in this case. However, in practice, it is unlikely to cause a problem.

...

ToolVersionCheckerDescription
Compass/ROSE  

can Can detect some violations of this rule. In particular, it ensures that all calls to open() supply exactly two arguments if the second argument does not involve O_CREAT, and exactly three arguments if the second argument does involve O_CREAT

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.EXP37

Partially implemented

EDG   
Fortify SCA5.0  
GCC
Include Page
GCC_V
GCC_V
 

Can detect violation of this rule when the -Wstrict-prototypes flag is used. However, it cannot detect violations involving variadic functions, such as the open() example described earlier

LDRA tool suite

Include Page
LDRA_V
LDRA_V

41 D
98 S
170 S
496 S
576 S

Partially implemented
PRQA QA-C
Include Page
PRQA_V
PRQA_V
3001
0674(C)
Partially implemented

...