...
Compass/ROSE could detect violations of this recommendation...typedefs are well represented in ROSE's AST. To detect violations, we first have to rigorously define what constitutes a 'too complicated type'. Most could concede that a pointer to a simple type is not too complicated, but a function type is. I think a reasonable definition of 'too complicated' would be any type that has two pointers, two arrays, one array + one pointer, or one functionThe algorithm we will employ to flag declarations that warrant a typedef is as follows:
- Any pointer is worth 1 point
- Any function type is worth 2 points
- Any variable declaration with 5 or more points warrants a
typedef.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...