Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Version number:
1.1

C checkers CERT C Secure Coding Standard

Guideline

araydecl

ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer

araydecl

STR36-C. Do not specify the bound of a character array initialized with a string literal

bitftype

INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression

castexpr

EXP05-C. Do not cast away a const qualification

castexpr

EXP36-C. Do not convert pointers into more strictly aligned pointer types

charcast

STR34-C. Cast characters to unsigned char before converting to larger integer sizes

charplan

INT07-C. Use only explicitly signed or unsigned char type for numeric values

charsgnd

STR04-C. Use plain char for characters in the basic character set

cmprexpr

EXP21-C. Place constants on the left of equality comparisons

cnstpnte

DCL13-C. Declare function parameters that are pointers to values not changed by the function as const

cplxcall

FLP31-C. Do not call functions expecting real values with complex values

declgrup_srceline

DCL04-C. Do not declare more than one variable per declaration

declhidn

DCL01-C. Do not reuse variable names in subscopes

decltype

DCL07-C. Include the appropriate type information in function declarators

decltype

DCL31-C. Declare identifiers before using them

dtrigraf

PRE07-C. Avoid using repeated question marks

enuminit

INT09-C. Ensure enumeration constants map to unique values

exprctxt

EXP18-C. Do not perform assignments in selection statements

exprprns

EXP00-C. Use parentheses for precedence of operation

exprprns

EXP13-C. Treat relational and equality operators as if they were nonassociative

forcntrl

FLP30-C. Do not use floating point variables as loop counters

funcalls

EXP09-C. Use sizeof to determine the size of a type or variable

funcalls

MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type

funcalls

MEM08-C. Use realloc() only to resize dynamically allocated arrays

hedrname

PRE04-C. Do not reuse a standard header file name

hedrname

PRE08-C. Guarantee that header file names are unique

idntsiml

DCL02-C. Use visually distinct identifiers

ignrtrn

EXP12-C. Do not ignore values returned by functions

inclgard

PRE06-C. Enclose header files in an inclusion guard

ltrlsynt

DCL16-C. Use 'L', not 'l', to indicate a long value

macrbody

PRE01-C. Use parentheses within macros around parameter names

macrbody

PRE02-C. Macro replacement lists should be parenthesized

macrcall

DCL03-C. Use a static assertion to test the value of a constant expression

macrcall

PRE32-C. Do not use preprocessor directives inside macro arguments

minscope

DCL19-C. Minimize the scope of variables and functions

nomagicc

DCL06-C. Use meaningful symbolic constants to represent literal values

shiftrhs

INT34-C. Do not shift a negative number of bits or more bits than exist in the operand

stlibuse

ERR01-C. Use ferror() rather than errno to check for FILE stream errors

stlibuse

FIO07-C. Prefer fseek() to rewind()

stlibuse

FIO12-C. Prefer setvbuf() to setbuf()

stlibuse

MSC30-C. Do not use the rand() function for generating pseudorandom numbers

swchsynt

MSC17-C. Finish every set of statements associated with a case label with a break statement