SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 23

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 24

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="401c19b64cbfa838-ac63f9cb-49674bac-8535a936-cbfe8a27be1c8770cbde9a4c"><ac:parameter ac:name=""> asynchronous-safe</ac:parameter></ac:structured-macro>
*asynchronous-safe* \[[GNU Pth|AA. C References#GNU Pth]\]
A function is asynchronous-safe, or asynchronous-signal safe, if it can be called safely and without side effects from within a signal handler context. That is, it must be able to be interrupted at any point and run linearly out of sequence without causing an inconsistent state. Some asynchronous-safe operations are listed below:

...

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6a0a328f26a57c05-7b94de47-408344bb-8b1a91d5-afa74e1f31c6cb8d9187a039"><ac:parameter ac:name=""> exploit</ac:parameter></ac:structured-macro>
*exploit* \[[Seacord 05|AA. C References#Seacord 05]\]
An exploit is a piece of software or technique that takes advantage of a security vulnerability to violate an explicit or implicit [security policy|BB. Definitions#security policy].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4dce438430b7a01e-2201e65f-403343dc-866a8d59-59fc95402d72429b367fdbc0"><ac:parameter ac:name=""> freestanding environment</ac:parameter></ac:structured-macro>
*freestanding environment* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
An environment in which C program execution may take place without any benefit of an operating system.&nbsp; Program startup might occur at some function other than {{main()}}, complex types might not be implemented, and only certain minimal library facilities are guaranteed to be available.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="02526d073acdda80-5a709c22-48eb4be0-9be6b877-9e75c2bed61437ca1dc12a23"><ac:parameter ac:name=""> hosted environment</ac:parameter></ac:structured-macro>
*hosted environment* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
An environment that is not freestanding.&nbsp; Program startup occurs at {{main()}}, complex types are implemented, and all C standard library facilities are available.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="59a06f4b8d3576cb-e8059f34-4b0d4c2c-803caa2b-33249b5f5ab06b5a72fc3bba"><ac:parameter ac:name=""> implementation</ac:parameter></ac:structured-macro>
*implementation* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Particular set of software, running in a particular translation environment under particular control options, that performs translation of programs for, and supports execution of functions in, a particular execution environment.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="325d5c0bd2599e26-253a3f6c-49324b83-8873a122-defb9eac6e76b0bcc7b72b71"><ac:parameter ac:name=""> implementation-defined behavior</ac:parameter></ac:structured-macro>
*implementation-defined behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Unspecified behavior where each implementation documents how the choice is made.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0d67d057caf32568-1c77c037-4eae4ef9-89079bf1-15873bc5f6f0f799244d2570"><ac:parameter ac:name=""> locale-specific behavior</ac:parameter></ac:structured-macro>
*locale-specific behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Behavior that depends on local conventions of nationality, culture, and language that each implementation documents.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc3b6044a8471cb5-761a2482-4a2741d0-8d53b829-98ba526f2cbc0962cc9f14bc"><ac:parameter ac:name=""> lvalue</ac:parameter></ac:structured-macro>
*lvalue* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
An lvalue is an expression with an object type or an incomplete type other than {{void}}. The name "lvalue" comes originally from the assignment expression {{E1 = E2}}, in which the left operand {{E1}} is required to be a (modifiable) lvalue. It is perhaps better considered as representing an object "locator value".

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a2be23ea119bfb9e-52b7ea80-4af04407-9aabab80-c6d945b7fca014cb5ce3a652"><ac:parameter ac:name=""> mitigation</ac:parameter></ac:structured-macro>
*mitigation* \[[Seacord 05|AA. C References#Seacord 05]\]
Mitigations are methods, techniques, processes, tools, or runtime libraries that can prevent or limit exploits against vulnerabilities.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0bbe1a11d85eb643-f74ff879-42e3421a-934ba859-b077c9f16b1f1805ae75dcc3"><ac:parameter ac:name=""> reentrant</ac:parameter></ac:structured-macro>
*reentrant* \[[Dowd 06|AA. C References#Dowd 06]\]
A function is reentrant if multiple instances of the same function can run in the same address space concurrently without creating the potential for inconsistent states.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="97c3efd8d7b8a387-6405ce9b-49dc4fac-b9a889ad-8705ae7de0e0d9242475c130"><ac:parameter ac:name=""> rvalue</ac:parameter></ac:structured-macro>
*rvalue* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Value of an expression.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bb63568951922584-a6dbed62-442c4824-98b681c4-7e034b0413a73c62f19efb6f"><ac:parameter ac:name=""> security flaw</ac:parameter></ac:structured-macro>
*security flaw* \[[Seacord 05|AA. C References#Seacord 05]\]
A security flaw is a software defect that poses a potential security risk.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8b4e5faf099acd47-6b1c2984-40a04285-89d683c6-96b490fe8b135b45a83990c7"><ac:parameter ac:name=""> security policy</ac:parameter></ac:structured-macro>
*security policy* \[[Internet Society 00|AA. C References#Internet Society 00]\]
A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a214c79bb4877c61-46cd25c3-40dc4a72-be889aa9-268f891720d11ca74ffb0616"><ac:parameter ac:name=""> undefined behavior</ac:parameter></ac:structured-macro>
*undefined behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Behavior, upon use of a nonportable or erroneous program construct or of erroneous data, for which the standard imposes no requirements.  An example of undefined behavior is the behavior on integer overflow.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="818a462757a771e3-6e1c5d11-4e014541-a0b19187-e938ae1fb3ec135503483e51"><ac:parameter ac:name=""> unspecified behavior</ac:parameter></ac:structured-macro>
*unspecified behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Behavior where the standard provides two or more possibilities and imposes no further requirements on which is chosen in any instance.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c57b167625f15b96-285fd40f-4f17431d-8fec8df7-b68c3bf9541731f4e05788f2"><ac:parameter ac:name=""> validation</ac:parameter></ac:structured-macro>
*validation* \[[IEC 61508-4|AA. C References#IEC 61508-4]\]
Confirmation by examination and provision of objective evidence that the particular requirements for a specific intended use are fulfilled.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="044af89e0ff103b4-a371bf34-46d34234-8db08d3a-a4cfdfa15e2252f367b30b01"><ac:parameter ac:name=""> verification</ac:parameter></ac:structured-macro>
*verification* \[[IEC 61508-4|AA. C References#IEC 61508-4]\]
Confirmation by examination and provision of objective evidence that the requirements have been fulfilled.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1c71d54bc130941a-2ec5fc7d-47824f22-947bbf8c-e201a2c6b1c19af22ebb8d52"><ac:parameter ac:name=""> verification</ac:parameter></ac:structured-macro>
*vulnerability* \[[Seacord 05|AA. C References#Seacord 05]\]
A vulnerability is a set of conditions that allows an attacker to violate an explicit or implicit security policy.