C checkers CERT C Secure Coding Standard | Guideline |
---|
araydecl | ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
araydecl | STR36-C. Do not specify the bound of a character array initialized with a string literal |
bitftype | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
castexpr | EXP05-C. Do not cast away a const qualification |
castexpr | EXP36-C. Do not convert pointers into more strictly aligned pointer types |
charcast | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
charplan | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
charsgnd | STR04-C. Use plain char for characters in the basic character set |
cmprexpr | EXP21-C. Place constants on the left of equality comparisons |
cnstpnte | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
cplxcall | FLP31-C. Do not call functions expecting real values with complex values |
declgrup_srceline | DCL04-C. Do not declare more than one variable per declaration |
declhidn | DCL01-C. Do not reuse variable names in subscopes |
decltype | DCL07-C. Include the appropriate type information in function declarators |
decltype | DCL31-C. Declare identifiers before using them |
dtrigraf | PRE07-C. Avoid using repeated question marks |
enuminit | INT09-C. Ensure enumeration constants map to unique values |
exprctxt | EXP18-C. Do not perform assignments in selection statements |
exprprns | EXP00-C. Use parentheses for precedence of operation |
exprprns | EXP13-C. Treat relational and equality operators as if they were nonassociative |
forcntrl | FLP30-C. Do not use floating point variables as loop counters |
funcalls | EXP09-C. Use sizeof to determine the size of a type or variable |
funcalls | MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type |
funcalls | MEM08-C. Use realloc() only to resize dynamically allocated arrays |
hedrname | PRE04-C. Do not reuse a standard header file name |
hedrname | PRE08-C. Guarantee that header file names are unique |
idntsiml | DCL02-C. Use visually distinct identifiers |
ignrtrn | EXP12-C. Do not ignore values returned by functions |
inclgard | PRE06-C. Enclose header files in an inclusion guard |
ltrlsynt | DCL16-C. Use 'L', not 'l', to indicate a long value |
macrbody | PRE01-C. Use parentheses within macros around parameter names |
macrbody | PRE02-C. Macro replacement lists should be parenthesized |
macrcall | DCL03-C. Use a static assertion to test the value of a constant expression |
macrcall | PRE32-C. Do not use preprocessor directives inside macro arguments |
minscope | DCL19-C. Minimize the scope of variables and functions |
nomagicc | DCL06-C. Use meaningful symbolic constants to represent literal values |
shiftrhs | INT34-C. Do not shift a negative number of bits or more bits than exist in the operand |
stlibuse | ERR01-C. Use ferror() rather than errno to check for FILE stream errors |
stlibuse | FIO07-C. Prefer fseek() to rewind() |
stlibuse | FIO12-C. Prefer setvbuf() to setbuf() |
stlibuse | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
swchsynt | MSC17-C. Finish every set of statements associated with a case label with a break statement |