SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 110

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version 111

changes.mady.by.user Sandy Shrum

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

UB

Description

Example Code

46

Addition or subtraction of a pointer into, or just beyond, an array object and an integer type produces a result that does not point into, or just beyond, the same array object.

Forming Out-of-Bounds Pointer, Null Pointer Arithmetic

47

Addition or subtraction of a pointer into, or just beyond, an array object and an integer type produces a result that points just beyond the array object and is used as the operand of a unary * operator that is evaluated.

Dereferencing Past the End Pointer, Using Past the End Index

49

An array subscript is out of range, even if an object is apparently accessible with the given subscript, for example, in the lvalue expression a[1][7] given the declaration int a[4][5]).

Apparently Accessible Out-of-Range Index

62

An attempt is made to access, or generate a pointer to just past, a flexible array member of a structure when the referenced object provides no elements for that array.

Pointer Past Flexible Array Member

...

ISO/IEC TR 24772:2013Arithmetic Wrap-around Around Error [FIF]
Unchecked Array Indexing [XYZ]
ISO/IEC TS 17961Forming or using out-of-bounds pointers or array subscripts [invptr]
MITRE CWE

CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-122, Heap-based Buffer Overflow
CWE-123, Write-what-where Condition
CWE-125, Out-of-bounds Read
CWE-129, Improper Validation of Array Index
CWE-788, Access of Memory Location after End of Buffer

MISRA C:2012Rule 18.1 (required)

...