SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 23

changes.mady.by.user Osona Steave

Saved on

compared with

New Version 24

changes.mady.by.user Jeffrey Gennari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
j = i;
j++;
func(i, j);

Risk Assessment

Failure to properly null terminate null-terminated byte strings can result in buffer overflows and the execution of arbitrary code with the permissions of the vulnerable process by an attackerModifying an object multiple times between sequence points may cause that object to take on an unexpected value. This can lead to unexpected program behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP30-C

2 (mediium)

2 (probable)

2 (medium)

P8

L2

References

Wiki Markup
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 5.1.2.3, "Program execution"
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.5, "Expressions"
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Annex C, "Sequence points"
\[[Summit 05|AA. C References#Summit 05]\] Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, 3.11