Checker | Guideline |
---|
(customization) | FIO44-C. Only use values for fsetpos() that are returned from fgetpos() |
(customization) | ERR34-C. Detect errors when converting a string to a number |
(customization) | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
(customization) | DCL03-C. Use a static assertion to test the value of a constant expression |
(customization) | FIO06-C. Create files with appropriate access permissions |
(customization) | FIO08-C. Take care when calling remove() on an open file |
(customization) | FIO10-C. Take care when using the rename() function |
(customization) | FIO13-C. Never push back anything other than one read character |
(customization) | FIO24-C. Do not open a file that is already open | (customization) | INT06-C. Use strtol() or a related function to convert a string token to an integer |
(customization) | MEM03-C. Clear sensitive information stored in reusable resources |
(customization) | MEM04-C. Beware of zero-length allocations |
(customization) | MSC24-C. Do not use deprecated or obsolescent functions |
(customization) | STR06-C. Do not assume that strtok() leaves the parse string unchanged |
(customization) | WIN01-C. Do not forcibly terminate execution |
(general) | FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful |
(general) | ENV01-C. Do not make assumptions about the size of an environment variable |
(general) | INT04-C. Enforce limits on integer values originating from tainted sources |
(general) | MEM11-C. Do not assume infinite heap space |
ALLOC.DF | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
ALLOC.DF | MEM01-C. Store a new value in pointers immediately after free() |
ALLOC.FNH | MEM34-C. Only free memory allocated dynamically |
ALLOC.LEAK | MEM31-C. Free dynamically allocated memory when no longer needed |
ALLOC.LEAK | FIO42-C. Close files when they are no longer needed |
ALLOC.LEAK | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
ALLOC.LEAK | MEM11-C. Do not assume infinite heap space |
ALLOC.SIZE.ADDOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
ALLOC.SIZE.ADDOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
ALLOC.SIZE.ADDOFLOW | MEM35-C. Allocate sufficient memory for an object |
ALLOC.SIZE.ADDOFLOW | INT08-C. Verify that all integer values are in range |
ALLOC.SIZE.ADDOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
ALLOC.SIZE.IOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
ALLOC.SIZE.IOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
ALLOC.SIZE.IOFLOW | MEM35-C. Allocate sufficient memory for an object |
ALLOC.SIZE.IOFLOW | INT08-C. Verify that all integer values are in range |
ALLOC.SIZE.IOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
ALLOC.SIZE.MULOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
ALLOC.SIZE.MULOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
ALLOC.SIZE.MULOFLOW | MEM35-C. Allocate sufficient memory for an object |
ALLOC.SIZE.MULOFLOW | INT08-C. Verify that all integer values are in range |
ALLOC.SIZE.MULOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
ALLOC.SIZE.SUBUFLOWMULOFLOW | INT30MEM07-C. Ensure that unsigned integer operations the arguments to calloc(), when multiplied, do not wrap |
ALLOC.SIZE.SUBUFLOW | INT32INT30-C. Ensure that unsigned integer operations on signed integers do not wrap |
ALLOC.SIZE.SUBUFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
ALLOC.SIZE.SUBUFLOW | MEM35-C. Allocate sufficient memory for an object |
ALLOC.SIZE.SUBUFLOW | INT08-C. Verify that all integer values are in range |
ALLOC.SIZE.SUBUFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
ALLOC.SIZE.SUBUFLOW | MEM11-C. Do not assume infinite heap space |
ALLOC.SIZE.TRUNC | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
ALLOC.SIZE.TRUNC | MEM35-C. Allocate sufficient memory for an object |
ALLOC.SIZE.TRUNC | INT02-C. Understand integer conversion rules |
ALLOC.SIZE.TRUNC | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
ALLOC.TM | WIN30-C. Properly pair allocation and deallocation functions |
ALLOC.TM | API07-C. Enforce type safety |
ALLOC.UAF | MEM30-C. Do not access freed memory |
ALLOC.UAF | MEM01-C. Store a new value in pointers immediately after free() |
BADFUNC.* | MSC24-C. Do not use deprecated or obsolescent functions |
BADFUNC.BO.*ATOF | ARR30ERR34-C. Do not form or use out-of-bounds pointers or array subscriptsDetect errors when converting a string to a number |
BADFUNC.BO.*ATOI | ARR38ERR34-C. Guarantee that library functions do not form invalid pointersDetect errors when converting a string to a number |
BADFUNC.ATOL | ERR34-C. Detect errors when converting a string to a number |
BADFUNC.ATOLL | ERR34-C. Detect errors when converting a string to a number | BADFUNC.BO.* | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
BADFUNC.BO.* | API02ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
BADFUNC.BO.* | API02-C. Functions that Functions that read or write to or from an array should take an argument to specify the source or target size |
BADFUNC.BO.OEMTOCHAR | STR07-C. Use the bounds-checking interfaces for string manipulation |
BADFUNC.BO.STRCAT | STR07-C. Use the bounds-checking interfaces for string manipulation |
BADFUNC.BO.STRCATCHAINW | STR07-C. Use the bounds-checking interfaces for string manipulation |
BADFUNC.BO.STRCMP | STR07-C. Use the bounds-checking interfaces for string manipulation |
BADFUNC.BO.STRCPY | STR07-C. Use the bounds-checking interfaces for string manipulation |
BADFUNC.BO.STRLEN | STR07-C. Use the bounds-checking interfaces for string manipulation |
BADFUNC.BO.STRTRNS | STR07-C. Use the bounds-checking interfaces for string manipulation |
BADFUNC.CHROOT | POS05-C. Limit access to files by creating a jail |
BADFUNC.CREATEPROCESS | WIN02-C. Restrict privileges when spawning child processes |
BADFUNC.CREATETHREAD | WIN02-C. Restrict privileges when spawning child processes |
BADFUNC.LONGJMP | MSC22-C. Use the setjmp(), longjmp() facility securely |
BADFUNC.MEMSET | MSC06-C. Beware of compiler optimizations |
BADFUNC.PATH.* | FIO02-C. Canonicalize path names originating from tainted sources |
BADFUNC.PATH.AFXLOADLIBRARY | WIN00-C. Be specific when dynamically loading libraries |
BADFUNC.PATH.COLOADLIBRARY | WIN00-C. Be specific when dynamically loading libraries |
BADFUNC.PATH.LOADLIBRARY | WIN00-C. Be specific when dynamically loading libraries |
BADFUNC.PATH.SYSTEM | ENV33-C. Do not call system() |
BADFUNC.RANDOM.RAND | CON33-C. Avoid race conditions when using library functions |
BADFUNC.RANDOM.RAND | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
BADFUNC.SETJMP | MSC22-C. Use the setjmp(), longjmp() facility securely |
BADFUNC.SIGNAL | SIG34-C. Do not call signal() from within interruptible signal handlers |
BADFUNC.SIGNAL | CON37-C. Do not call signal() in a multithreaded program |
BADFUNC.SIGNAL | SIG00-C. Mask signals handled by noninterruptible signal handlers |
BADFUNC.SIGNAL | SIG01-C. Understand implementation-specific details regarding signal handler persistence |
BADFUNC.SIGNAL | SIG02-C. Avoid using signals to implement normal functionality |
BADFUNC.TEMP.* | FIO01-C. Be careful using functions that use file names for identification |
BADFUNC.TEMP.* | FIO21-C. Do not create temporary files in shared directories |
BADFUNC.TEMP.TMPNAM | CON33-C. Avoid race conditions when using library functions |
BADFUNC.TTYNAME | CON33-C. Avoid race conditions when using library functions |
BADFUNC.VFORK | POS33-C. Do not use vfork() |
BUILD.WALL | MSC00-C. Compile cleanly at high warning levels |
BUILD.WERROR | MSC00-C. Compile cleanly at high warning levels |
CONCURRENCY.DATARACE | SIG31-C. Do not access shared objects in signal handlers |
CONCURRENCY.DATARACE | CON00CON32-C. Prevent data races when accessing bit-fields from multiple threads |
CONCURRENCY.DATARACE | POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed |
CONCURRENCY.DATARACE | CON00-C. Avoid race Avoid race conditions with multiple threads |
CONCURRENCY.LOCK.NOLOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
CONCURRENCY.LOCK.NOUNLOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
CONCURRENCY.LOCK.ORDER | CON35-C. Avoid deadlock by locking in a predefined order |
CONCURRENCY.LOCK.ORDER | POS51-C. Avoid deadlock with POSIX threads by locking in predefined order |
CONCURRENCY.STARVE.BLOCKING | POS52-C. Do not perform operations that can block while holding a POSIX lock |
CONCURRENCY.STARVE.BLOCKING | CON05-C. Do not perform operations that can block while holding a lock |
HARDCODED.AUTH | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
HARDCODED.KEY | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
HARDCODED.SALT | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
IO.INJ.COMMAND | ENV33-C. Do not call system() |
IO.INJ.COMMAND | STR02-C. Sanitize data passed to complex subsystems |
IO.INJ.FMT | FIO30-C. Exclude user input from format strings |
IO.INJ.FMT | FIO47-C. Use valid format strings |
IO.INJ.FMT | STR02-C. Sanitize data passed to complex subsystems |
IO.INJ.LDAP | STR02-C. Sanitize data passed to complex subsystems |
IO.INJ.LIB | STR02-C. Sanitize data passed to complex subsystems |
IO.INJ.SQL | STR02-C. Sanitize data passed to complex subsystems |
IO.RACE | FIO45-C. Avoid TOCTOU race conditions while accessing files |
IO.RACE | FIO01-C. Be careful using functions that use file names for identification |
IO.RACE | FIO24-C. Do not open a file that is already open |
IO.TAINT.ADDR | INT04-C. Enforce limits on integer values originating from tainted sources |
IO.TAINT.FNAME | FIO01-C. Be careful using functions that use file names for identification |
IO.TAINT.FNAME | FIO02-C. Canonicalize path names originating from tainted sources |
IO.TAINT.SIZE | MEM35-C. Allocate sufficient memory for an object |
IO.TAINT.SIZE | INT04-C. Enforce limits on integer values originating from tainted sources |
IO.TAINT.SIZE | MEM05-C. Avoid large stack allocations |
IO.TAINT.SIZE | MEM11-C. Do not assume infinite heap space |
IO.UAC | FIO46-C. Do not access a closed file |
LANG.ARITH.BIGSHIFT | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
LANG.ARITH.DIVZERO | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
LANG.ARITH.NEGSHIFT | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
LANG.CAST.COERCE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
LANG.CAST.COERCE | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
LANG.CAST.COERCE | INT02-C. Understand integer conversion rules |
LANG.CAST.VALUE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
LANG.CAST.VALUE | INT02-C. Understand integer conversion rules |
LANG.FUNCS.ASSERTS | MSC11-C. Incorporate diagnostic tests using assertions |
LANG.FUNCS.IRV | ERR33-C. Detect and handle standard library errors |
LANG.FUNCS.IRV | POS54-C. Detect and handle POSIX library errors |
LANG.FUNCS.IRV | EXP12-C. Do not ignore values returned by functions |
than or equal to the number of bits that exist in the operand |
LANG.CAST.COERCE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
LANG.CAST.COERCE | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
LANG.CAST.COERCE | API07-C. Enforce type safety |
LANG.CAST.COERCE | INT02-C. Understand integer conversion rules |
LANG.CAST.COERCE | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
LANG.CAST.PC.AV | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
LANG.CAST.PC.CRCQ | DCL00-C. Const-qualify immutable objects |
LANG.CAST.PC.CRCQ | EXP05-C. Do not cast away a const qualification |
LANG.CAST.PC.INT | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
LANG.CAST.PC.INT | INT36-C. Converting a pointer to integer or integer to pointer |
LANG.CAST.RIP | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int |
LANG.CAST.VALUE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
LANG.CAST.VALUE | API07-C. Enforce type safety |
LANG.CAST.VALUE | INT02-C. Understand integer conversion rules |
LANG.CAST.VALUE | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
LANG.FUNCS.ASSERTS | MSC11-C. Incorporate diagnostic tests using assertions |
LANG.FUNCS.IRV | ERR33-C. Detect and handle standard library errors |
LANG.FUNCS.IRV | POS54-C. Detect and handle POSIX library errors |
LANG.FUNCS.IRV | EXP12-C. Do not ignore values returned by functions |
LANG.FUNCS.PROT | DCL07-C. Include the appropriate type information in function declarators |
LANG.FUNCS.PROT | DCL20-C. Explicitly specify void when a function accepts no arguments |
LANG.ID.AMBIG | DCL02-C. Use visually distinct identifiers |
LANG.ID.ND.EXT | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.ND.MM | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.ND.MO | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.ND.NEST | DCL01-C. Do not reuse variable names in subscopes |
LANG.ID.ND.NEST | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.ND.SS | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.NU.EXT | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.NU.INT | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.NU.TAG | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.ID.NU.TYPE | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.MEM.BO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEM.BO | ENV01-C. Do not make assumptions about the size of an environment variable |
LANG.MEM.BO | EXP08-C. Ensure pointer arithmetic is used correctly |
LANG.MEM.BU | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEM.BU | EXP08-C. Ensure pointer arithmetic is used correctly |
LANG.MEM.HRLOOP | MSC21-C. Use robust loop termination conditions |
LANG.MEM.NPD | EXP34-C. Do not dereference null pointers |
LANG.MEM.TBA | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
LANG.MEM.TBA | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEM.TBA | EXP08-C. Ensure pointer arithmetic is used correctly |
LANG.MEM.TBA | INT04-C. Enforce limits on integer values originating from tainted sources |
LANG.MEM.TO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEM.TO | ENV01-C. Do not make assumptions about the size of an environment variable |
LANG.MEM.TO | EXP08-C. Ensure pointer arithmetic is used correctly |
LANG.MEM.TU | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEM.TU | EXP08-C. Ensure pointer arithmetic is used correctly |
LANG.MEM.UVAR | EXP33-C. Do not read uninitialized memory |
LANG.PREPROC.MACROARG | PRE32-C. Do not use preprocessor directives in invocations of function-like macros |
LANG.PREPROC.MACROEND | PRE02-C. Macro replacement lists should be parenthesized |
LANG.PREPROC.MACROEND | PRE11-C. Do not conclude macro definitions with a semicolon |
LANG.PREPROC.MACROSTART | PRE02-C. Macro replacement lists should be parenthesized |
LANG.PREPROC.PASTE | PRE30-C. Do not create a universal character name through concatenation |
LANG.PREPROC.PASTE | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
LANG.STRUCT.CONDASSIG | EXP45-C. Do not perform assignments in selection statements |
LANG.STRUCT.DECL.FAM | ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer |
LANG.STRUCT.DECL.IF | DCL40-C. Do not create incompatible declarations of the same function or object |
LANG.STRUCT.DECL.IO | DCL40-C. Do not create incompatible declarations of the same function or object |
LANG.STRUCT.DECLTYPE | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.STRUCT.EBS | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
LANG.STRUCT.EBS | MSC12-C. Detect and remove code that has no effect or is never executed |
LANG.STRUCT.ENUMINIT | INT09-C. Ensure enumeration constants map to unique values |
LANG.STRUCT.LOOP.FPC | FLP30-C. Do not use floating-point variables as loop counters |
LANG.STRUCT.MRS | MSC37-C. Ensure that control never reaches the end of a non-void function |
LANG.STRUCT.MULTIDECL | DCL04-C. Do not declare more than one variable per declaration |
LANG.STRUCT.NTAD | EXP34-C. Do not dereference null pointers |
LANG.STRUCT.PBBLANG.MEM.BO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEMSTRUCT.BOPBB | ARR38EXP08-C. Guarantee that library functions do not form invalid pointers | LANG.MEM.BO | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminatorEnsure pointer arithmetic is used correctly |
LANG.MEMSTRUCT.BOPIT | ENV01DCL05-C. Do not make assumptions about the size of an environment variableUse typedefs of non-pointer types only |
LANG.MEMSTRUCT.BUPPE | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.STRUCT.PPE | EXP08-C. Ensure pointer arithmetic is used correctly |
LANG.STRUCT.RC | MSC07-C. Detect and remove dead code |
LANG.MEMSTRUCT.BURC | ARR38MSC12-C. Guarantee that library functions do not form invalid pointersDetect and remove code that has no effect or is never executed |
LANG.MEMSTRUCT.HRLOOPRPL | MSC21DCL30-C. Use robust loop termination conditionsDeclare objects with appropriate storage durations |
LANG.MEMSTRUCT.SCOPE.NPDFILE | EXP34DCL15-C. Do not dereference null pointers |
LANG.MEM.TO | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEM.TO | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
LANG.MEM.TO | ENV01-C. Do not make assumptions about the size of an environment variable |
LANG.MEM.TU | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.MEM.UVAR | EXP33-C. Do not read uninitialized memory |
LANG.PREPROC.MACROEND | PRE02-C. Macro replacement lists should be parenthesized |
LANG.PREPROC.MACROEND | PRE11-C. Do not conclude macro definitions with a semicolon |
LANG.PREPROC.MACROSTART | PRE02-C. Macro replacement lists should be parenthesized |
LANG.PREPROC.PASTE | PRE30-C. Do not create a universal character name through concatenation |
LANG.PREPROC.PASTE | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
LANG.STRUCT.CONDASSIG | EXP45-C. Do not perform assignments in selection statements |
LANG.STRUCT.DECLTYPE | DCL23-C. Guarantee that mutually visible identifiers are unique |
LANG.STRUCT.EBS | MSC12-C. Detect and remove code that has no effect or is never executed |
LANG.STRUCT.ENUMINIT | INT09-C. Ensure enumeration constants map to unique values |
LANG.STRUCT.MRS | MSC37-C. Ensure that control never reaches the end of a non-void function |
LANG.STRUCT.MULTIDECL | DCL04-C. Do not declare more than one variable per declaration |
LANG.STRUCT.NTAD | EXP34-C. Do not dereference null pointers |
LANG.STRUCT.PBB | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.STRUCT.PIT | DCL05-C. Use typedefs of non-pointer types only |
LANG.STRUCT.PPE | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
LANG.STRUCT.RC | MSC12-C. Detect and remove code that has no effect or is never executed |
LANG.STRUCT.RPL | DCL30-C. Declare objects with appropriate storage durations |
LANG.STRUCT.SCOPE.FILE | DCL19-C. Minimize the scope of variables and functions |
LANG.STRUCT.SCOPE.LOCAL | DCL19-C. Minimize the scope of variables and functions |
LANG.STRUCT.UC | MSC07-C. Detect and remove dead code |
LANG.STRUCT.UC | MSC12-C. Detect and remove code that has no effect or is never executed |
LANG.STRUCT.ULOOP | MSC21-C. Use robust loop termination conditions |
LANG.STRUCT.UPD | EXP34-C. Do not dereference null pointers |
Declare file-scope objects or functions that do not need external linkage as static |
LANG.STRUCT.SCOPE.FILE | DCL19-C. Minimize the scope of variables and functions |
LANG.STRUCT.SCOPE.LOCAL | DCL19-C. Minimize the scope of variables and functions |
LANG.STRUCT.SE.COND | EXP45-C. Do not perform assignments in selection statements |
LANG.STRUCT.SE.SIZEOF | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
LANG.STRUCT.SW.MB | MSC17-C. Finish every set of statements associated with a case label with a break statement |
LANG.STRUCT.UA | MSC12-C. Detect and remove code that has no effect or is never executed |
LANG.STRUCT.UC | MSC07-C. Detect and remove dead code |
LANG.STRUCT.UC | MSC12-C. Detect and remove code that has no effect or is never executed |
LANG.STRUCT.ULOOP | MSC21-C. Use robust loop termination conditions |
LANG.STRUCT.UPD | EXP34-C. Do not dereference null pointers |
LANG.STRUCT.UPD | API00-C. Functions should validate their parameters |
LANG.STRUCT.UVAL | MSC13-C. Detect and remove unused values |
LANG.TYPE.AWID | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
LANG.TYPE.BASIC | INT01-C. Use rsize_t or size_t for all integer values representing the size of an object |
LANG.TYPE.BFSIGN | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
LANG.TYPE.CSUF | DCL16-C. Use "L," not "l," to indicate a long value |
LANG.TYPE.IAT | STR04-C. Use plain char for characters in the basic character set |
LANG.TYPE.ICA | STR04-C. Use plain char for characters in the basic character set |
LANG.TYPE.IOT | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
LANG.TYPE.IOT | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
LANG.TYPE.IOT | INT13-C. Use bitwise operators only on unsigned operands |
LANG.TYPE.IOT | STR04-C. Use plain char for characters in the basic character set |
LANG.TYPE.MOT | FLP06-C. Convert integers to floating point for floating-point operations |
LANG.TYPE.MOT | STR04-C. Use plain char for characters in the basic character set |
LANG.TYPE.NCS | STR05-C. Use pointers to const when referring to string literals |
LANG.TYPE.OC | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
LANG.TYPE.OWID | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
LANG.TYPE.RESTRICT | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers | LANG.STRUCT.UVAL | MSC13-C. Detect and remove unused values |
MISC.CRYPTO.NOPAD | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
MISC.FMT | FIO30-C. Exclude user input from format strings |
MISC.FMT | FIO47-C. Use valid format strings | MISC.MEM.NTERM | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
MISC.MEM.NTERM | STR03-C. Do not inadvertently truncate a string |
MISC.MEM.SIZE.ADDOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
MISC.MEM.SIZE.ADDOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
MISC.MEM.SIZE.ADDOFLOW | INT08-C. Verify that all integer values are in range |
MISC.MEM.SIZE.ADDOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
MISC.MEM.SIZE.BAD | INT30-C. Ensure that unsigned integer operations do not wrap |
MISC.MEM.SIZE.BAD | INT32-C. Ensure that operations on signed integers do not result in overflow |
MISC.MEM.SIZE.BAD | MEM35-C. Allocate sufficient memory for an object |
MISC.MEM.SIZE.BAD | INT08-C. Verify that all integer values are in range |
MISC.MEM.SIZE.BAD | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
MISC.MEM.SIZE.BAD | MEM05-C. Avoid large stack allocations |
MISC.MEM.SIZE.BAD | MEM11-C. Do not assume infinite heap space |
MISC.MEM.SIZE.MULOFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
MISC.MEM.SIZE.MULOFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
MISC.MEM.SIZE.MULOFLOW | INT08-C. Verify that all integer values are in range |
MISC.MEM.SIZE.MULOFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
MISC.MEM.SIZE.SUBUFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
MISC.MEM.SIZE.SUBUFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
MISC.MEM.SIZE.SUBUFLOW | INT08-C. Verify that all integer values are in range |
MISC.MEM.SIZE.SUBUFLOW | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
MISC.MEM.SIZE.TRUNC | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
MISC.MEM.SIZE.TRUNC | INT02-C. Understand integer conversion rules |
MISC.MEM.SIZE.TRUNC | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
MISC.NEGCHAR | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
MISC.NEGCHAR | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
MISC.NEGCHAR | INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs |
MISC.NEGCHAR | STR00-C. Represent characters using an appropriate type |
MISC.NOEFFECT | MSC12-C. Detect and remove code that has no effect or is never executed |
MISC.PWD.PLAIN | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |