...
- Violation of the coding practice will result in a security flaw that may result in an exploitable vulnerability.
- There is a denumerable set of conditions for which violating the coding practice is necessary to ensure correct behavior.
- Conformance to the coding practice can be determined through automated analysis, formal methods, or manual inspection
techniques.
Conformance to secure coding rules must be demonstrated to claim compliance with this standard unless an exceptional condition exists. If an exceptional condition is claimed, the exception must correspond to a predefined exceptional condition and the application of this exception must be documented in the source code.
...
Implementation of the secure coding rules defined in this standard are necessary (but not sufficient) to ensure the security of software systems developing developed in the C programming languageslanguage.
The following graph shows the number and breakdown of rules and recommendations for in the CERT C Programming Language Secure Coding standardStandard:
| No Format |
|---|
Key: Blue -- recommendations Red -- rules |
...