...
Assuming a conforming implementation, eliminating diagnostic messages will eliminate any violation of syntax rules or other constraintssyntactic or constraint violations.
If suitable source code-checking tools are available, use them regularly.
Exceptions
| Wiki Markup |
|---|
*MSC00-EX1:* Compilers can produce diagnostic messages for correct code. This is permitted by C99 \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\], which allows a compiler to produce a diagnostic for any reason. It is usually preferable to rewrite code to eliminate compiler warnings, but if the code is correct it is sufficient to provide a comment explaining why the warning message does not apply. Some compiler provide ways to suppress warnings, for example, suitably-formatted comments or pragmas, which can be used sparingly when the programmer understands the implications of the warning but has good reason to use the flagged construct anyway. |
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC00-A | 3 2 (highmedium) | 2 (probable) | 1 2 (highmedium) | P6 P8 | L2 |
Related Vulnerabilities
...