SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 95

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 96

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: updated automated detection and related guidelines

...

Fully implemented

Tool

Version

Checker

Description

PRQA QA-C
Include Page
PRQA_VPRQA_V 2931

Compass/ROSE

 

 

 

Coverity6.5BUFFER_SIZEFully Implemented

Fortify SCA

5.0

 

Can detect violations of this rule with CERT C Rule Pack

Klocwork

Include Page
Klocwork_V
Klocwork_V

ABR

 

PRQA QA-C
Include Page
PRQA_V
PRQA_V
 2931Fully implemented

Splint

Include Page
Splint_V
Splint_V

 

 

 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

C Secure Coding StandardAPI00-C. Functions should validate their parameters
ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array
INT30-C. Ensure that unsigned integer operations do not wrap
ISO/IEC TS 17961Forming invalid pointers by library functions [libptr]
ISO/IEC TR 24772:2013

Buffer Boundary Violation (Buffer Overflow) [HCB]
Unchecked Array Copying [XYW]

MITRE CWE

 

CWE-119, Failure to constrain operations within the bounds of an allocated memory buffer
CWE-121, Stack-based buffer overflow
CWE-805, Buffer access with incorrect length value 

...