SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 141

changes.mady.by.user Amy Gale

Saved on

compared with

New Version 142

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
(customization)

CodeSonar's custom checking infrastructure allows users to implement checks such as the following.

  • A check for all uses of fopen().
  • A check for calls to open() with only two arguments.
  • A check for calls to open() where the third argument does not satisfy some specified requirement.
PRQA QA-C
Include Page
PRQA QA-C_Vv
PRQA QA-C_Vv
warncall fopenPartially implemented

...

Related Guidelines

CERT C++ Secure Coding StandardFIO06-CPP. Create files with appropriate access permissions
CERT Oracle Secure Coding Standard for JavaFIO01-J. Create files with appropriate access permissions
ISO/IEC TR 24772:2013Missing or Inconsistent Access Control [XZN]
MITRE CWECWE-276, Insecure default permissions
CWE-279, Insecure execution-assigned permissions
CWE-732, Incorrect permission assignment for critical resource

...