C checkers | CERT C Secure Coding Standard |
|---|
| STR35-C. Do not copy data from an unbounded source to a fixed-length array |
UFM.DEREF.MUST | MEM30-C. Do not access freed memory |
UNINIT.STACK.ARRAY.PARTIAL.MUST | EXP33-C. Do not reference uninitialized memory |
SV.TAINTED.LOOP_BOUND | ARR30-C. Do not form or use out of bounds pointers or array subscripts |
FUM.GEN.MIGHT | MEM34-C. Only free memory allocated dynamically |
SV.STRBO.GETS | STR35-C. Do not copy data from an unbounded source to a fixed-length array |
SV.RVT.RETVAL_NOTTESTED | EXP12-C. Do not ignore values returned by functions |
SV.FMTSTR.GENERIC | FIO30-C. Exclude user input from format strings |
UFM.RETURN.MUST | MEM30-C. Do not access freed memory |
UNINIT.STACK.ARRAY.MUST | EXP33-C. Do not reference uninitialized memory |
IF_DUPL_HEADER | PRE08-C. Guarantee that header file names are unique |
UFM.FFM | MEM31-C. Free dynamically allocated memory exactly once |
LOCRET.* | DCL30-C. Declare objects with appropriate storage durations |
ASSIGCOND.GEN | MSC02-C. Avoid errors of omission |
ASSIGCOND.CALL | MSC02-C. Avoid errors of omission |
UNINIT.STACK.ARRAY.MIGHT | EXP33-C. Do not reference uninitialized memory |
SV.CUDS.MISSING_ABSOLUTE_PATH | FIO02-C. Canonicalize path names originating from untrusted sources |
UFM.USE.MIGHT | MEM30-C. Do not access freed memory |
FNH.MIGHT | MEM34-C. Only free memory allocated dynamically |
PRECISION.LOSS | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
ABV.ITERATOR | ARR30-C. Do not form or use out of bounds pointers or array subscripts |
SV.FIU.PERMISSIONS | POS37-C. Ensure that privilege relinquishment is successful |
IF_MULTI_KIND | DCL01-C. Do not reuse variable names in subscopes |
UFM.RETURN.MIGHT | MEM30-C. Do not access freed memory |
NPD.* RNPD. | EXP34-C. Do not dereference null pointers |
LV_UNUSED.GEN | MSC07-C. Detect and remove dead code |
SV.FMT_STR.BAD_SCAN_FORMAT | STR33-C. Size wide character strings correctly |
ASSIGCOND.BOOL | MSC02-C. Avoid errors of omission |
SV.USAGERULES.PERMISSIONS | POS37-C. Ensure that privilege relinquishment is successful |
SV.TAINTED.INJECTION | STR02-C. Sanitize data passed to complex subsystems |
MLK | MEM31-C. Free dynamically allocated memory exactly once |
UNINIT.HEAP.MUST | EXP33-C. Do not reference uninitialized memory |
EFFECT | MSC12-C. Detect and remove code that has no effect |
SV.USAGERULES.PROCESS_VARIANTS | POS33-C. Do not use vfork() |
IF_MULTI_DECL | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
ABR | ARR33-C. Guarantee that copies are made into storage of sufficient size |
IF_MULTI_DEF | DCL01-C. Do not reuse variable names in subscopes |
NNTS.TAINTED | STR35-C. Do not copy data from an unbounded source to a fixed-length array |
UNINIT.HEAP.MIGHT | EXP33-C. Do not reference uninitialized memory |
IF_DEF_IN_HEADER_DECL | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
SV.USAGERULES.UNBOUNDED_STRING_COPY | STR35-C. Do not copy data from an unbounded source to a fixed-length array |
FUM.GEN.MUST | MEM34-C. Only free memory allocated dynamically |
UFM.USE.MUST | MEM30-C. Do not access freed memory |
SV.TAINTED.FMTSTR | FIO30-C. Exclude user input from format strings |
SV.TOCTOU.FILE_ACCESS | FIO01-C. Be careful using functions that use file names for identification |
UFM.DEREF.MIGHT | MEM30-C. Do not access freed memory |
FNH.MUST | MEM34-C. Only free memory allocated dynamically |
SEMICOL | MSC03-C. Avoid errors of addition |
SV.CODE_INJECTION.SHELL_EXEC | ENV04-C. Do not call system() if you do not need a command processor |
LA_UNUSED | MSC01-C. Strive for logical completeness |
VA_UNUSED.* | MSC07-C. Detect and remove dead code |
RETVOID.IMPLICIT | DCL31-C. Declare identifiers before using them |
UNINIT.STACK.MUST | EXP33-C. Do not reference uninitialized memory |
INCORRECT.ALLOC_SIZE | EXP01-C. Do not take the size of a pointer to determine the size of the pointed-to type |
RH.LEAK | FIO42-C. Ensure files are properly closed when they are no longer needed |
UNREACH.* | MSC07-C. Detect and remove dead code |
IF_MISS_DECL | DCL31-C. Declare identifiers before using them |
SV.USAGERULES.UNINTENDED_COPY | MEM03-C. Clear sensitive information stored in reusable resources |
NNTS | STR32-C. Null-terminate byte strings as required |
