SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 21

changes.mady.by.user Pamela Curtis

Saved on

compared with

New Version 22

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="828a762af6e38353-77d42bfa-4468486f-b28a9e5f-568f1aca6fd59f72a451402a"><ac:parameter ac:name=""> asynchronous-safe</ac:parameter></ac:structured-macro>
*asynchronous-safe* \[[GNU Pth|AA. C References#GNU Pth]\]
A function is asynchronous-safe, or asynchronous-signal safe, if it can be called safely and without side effects from within a signal handler context. That is, it must be able to be interrupted at any point and run linearly out of sequence without causing an inconsistent state. Some asynchronous-safe operations are listed below:

  • call the signal() function to reinstall a signal handler
  • unconditionally modify a volatile sig_atomic_t variable (as modification to this type is atomic)
  • call the _Exit() function to immediately terminate program execution
  • invoke an asynchronous-safe function, as specified by your implementation

Very few Few functions are asynchronous-safe. If a function performs any other operations, it is probably not asynchronous-safe.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e19b1d1f-abd5-4132-bbc2-2f6d92c134f2"><ac:parameter ac:name=""> exploit</ac:parameter></ac:structured-macro>
*exploit* \[[Seacord 05|AA. C References#Seacord 05]\]
An exploit is a piece of software or technique that takes advantage of a security vulnerability to violate an explicit or implicit security policy.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="78f0908b-996d-4dff-b3a8-c829c539258d="2dc35b04-7513-4676-af25-3bd2dca64a91"><ac:parameter ac:name=""> freestanding environment</ac:parameter></ac:structured-macro>
*freestanding environment* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
An environment in which C program execution may take place without any benefit of an operating system.&nbsp; Program startup might occur at some function other than {{main()}}, complex types might not be implemented, and only certain minimal library facilities are guaranteed to be available.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6acff96c937bc8ec-73737671-492243b7-8af1a052-a28fc64884c69d0b0b2b9d50"><ac:parameter ac:name=""> hosted environment</ac:parameter></ac:structured-macro>
*hosted environment* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
An environment that is not freestanding.&nbsp; Program startup occurs at {{main()}}, complex types are implemented, and all C standard library facilities are available.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6eadf2b00f056fad-827b6827-407848a3-a08195d9-0b3c54baea2741b03409df3e"><ac:parameter ac:name=""> implementation</ac:parameter></ac:structured-macro>
*implementation* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Particular set of software, running in a particular translation environment under particular control options, that performs translation of programs for, and supports execution of functions in, a particular execution environment.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c90b4ef379b38c4a-9adede5a-43dd4430-bd1f98cb-97d5b49da06ae98675fc87eb"><ac:parameter ac:name=""> implementation-defined behavior</ac:parameter></ac:structured-macro>
*implementation-defined behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Unspecified behavior where each implementation documents how the choice is made.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ad4266b1594c291a-a2d87776-45a34751-95a893af-4ca4f57078045aa20ebc0046"><ac:parameter ac:name=""> locale-specific behavior</ac:parameter></ac:structured-macro>
*locale-specific behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Behavior that depends on local conventions of nationality, culture, and language that each implementation documents.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66e36ba8e359abf2-4aad7037-465b4799-a5edb49a-0c5422b4da0ff90241938478"><ac:parameter ac:name=""> lvalue</ac:parameter></ac:structured-macro>
*lvalue* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
An lvalue is an expression with an object type or an incomplete type other than {{void}}. The name "lvalue" comes originally from the assignment expression {{E1 = E2}}, in which the left operand {{E1}} is required to be a (modifiable) lvalue. It is perhaps better considered as representing an object "locator value".

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="151b9a91-e719-4e5f-bae7-4cc20e1aa8fb"><ac:parameter ac:name=""> mitigation</ac:parameter></ac:structured-macro>
*mitigation* \[[Seacord 05|AA. C References#Seacord 05]\]
Mitigations are methods, techniques, processes, tools, or runtime libraries that can prevent or limit exploits against vulnerabilities.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="10003686-8ebd-4eab-bb61-2ac5930ce3c2="bd1b2096-4b97-464c-a60f-df60847bf587"><ac:parameter ac:name=""> reentrant</ac:parameter></ac:structured-macro>
*reentrant* \[[Dowd 06|AA. C References#Dowd 06]\]
A function is reentrant if multiple instances of the same function can run in the same address space concurrently without creating the potential for inconsistent states.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="56d41c23e92137c3-e54258a0-449b4681-9991acbd-a7963850993398c91887e89f"><ac:parameter ac:name=""> rvalue</ac:parameter></ac:structured-macro>
*rvalue* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Value of an expression.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="794595d4-afdc-4d46-a64a-38f5f278600f"><ac:parameter ac:name=""> security flaw</ac:parameter></ac:structured-macro>
*security flaw* \[[Seacord 05|AA. C References#Seacord 05]\]
A security flaw is a software defect that poses a potential security risk.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb33998c-3a1a-4b9e-b980-a427f1241faf"><ac:parameter ac:name=""> security policy</ac:parameter></ac:structured-macro>
*security policy* \[[Internet Society 00|AA. C References#Internet Society 00]\]
A set of rules and practices that specify or regulate how a system or organization
provides security services to protect sensitive and critical system resources.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4ea2beabbc2ea873-27ac269e-46744b2a-bf598a03-e25eee6dae7f0ab72b05a56e"><ac:parameter ac:name=""> undefined behavior</ac:parameter></ac:structured-macro>
*undefined behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Behavior, upon use of a nonportable or erroneous program construct or of erroneous data, for which the standard imposes no requirements.  An example of undefined behavior is the behavior on integer overflow.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ae6b875e86c13319-2d007a78-400f4671-ae648809-69e73d7ea83612722b01d764"><ac:parameter ac:name=""> unspecified behavior</ac:parameter></ac:structured-macro>
*unspecified behavior* \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\]
Behavior where the standard provides two or more possibilities and imposes no further requirements on which is chosen in any instance.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ea8d8bf96258dcb7-64958dd3-41894426-8d588e30-00944dc7adbca0e4eae22a3a"><ac:parameter ac:name=""> validation</ac:parameter></ac:structured-macro>
*validation* \[[IEC 61508-4|AA. C References#IEC 61508-4]\]
Confirmation by examination and provision of objective evidence that the particular requirements for a specific intended use are fulfilled.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="913426fb374a959a-c886b66e-4d59481d-a85da011-5ae33d5646b7507339c1a098"><ac:parameter ac:name=""> verification</ac:parameter></ac:structured-macro>
*verification* \[[IEC 61508-4|AA. C References#IEC 61508-4]\]
Confirmation by examination and provision of objective evidence that the requirements have been fulfilled.

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66b31380-f2f1-408e-962b-ae400fd3053f"><ac:parameter ac:name=""> verification</ac:parameter></ac:structured-macro>
*vulnerability* \[[Seacord 05|AA. C References#Seacord 05]\]
A vulnerability is a set of conditions that allows an attacker to violate an explicit or implicit security policy.