Compile code using the highest warning level available for your compiler and eliminate warnings by modifying the code.
According to C99 Section 5.1.1.3:
A conforming implementation shall produce at least one diagnostic message (identified in an implementation-defined manner) if a preprocessing translation unit or translation unit contains a violation of any syntax rule or constraint, even if the behavior is also explicitly specified as undefined or implementation-defined. Diagnostic messages need not be produced in other circumstances.
Assuming a comforming implementation, eliminating diagnostic messages will elmiinate any violation of syntax rules or other constraints.
Priority: P12 Level: L1
Eliminating violations of syntax rules and other constraints can eliminate serious software vulnerabilities that can lead to the execution of arbitrary code with the permissions of the vulnerable process.
Component | Value |
|---|---|
Severity | 3 (high) |
Likelihood | 2 (probable) |
Remediation cost | 2 (medium) |
References
- Sutter 05 Item 1
- ISO/IEC 9899-1999 Section 5.1.1.3 Diagnostics
- Seacord 05 Chapter 8 Recommended Practices