SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 102

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 103

changes.mady.by.user Will Snavely

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info
titleGenerated Content

This page is automatically generated from the "Automated Detection" sections in the individual guidelines. Do not modify this page directly.

Version number:

...

was automatically generated and should not be edited.

The information on this page was provided by outside contributors and has not been verified by SEI CERT.

Include Page
c:Coverity_V
c:Coverity_V

Checker

Guideline

ARRAY_VS_SINGLETON ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
ASSERT_SIDE_EFFECT MSC11-C. Incorporate diagnostic tests using assertions
ASSERT_SIDE_EFFECTS PRE31-C. Avoid side effects in arguments to unsafe macros
BAD_ALLOC_STRLEN MEM35-C. Allocate sufficient memory for an object
BAD_COMPARE EXP16-C. Do not compare function pointers to constant values
BAD_FREE MEM34-C. Only free memory allocated dynamically
CHAR_IO FIO34-C. Distinguish between characters read from a file and EOF or WEOF
CHECKED_RETURN EXP34-C. Do not dereference null pointers
CHECKED_RETURN ERR33-C. Detect and handle standard library errors
CHECKED_RETURN POS54-C. Detect and handle POSIX library errors
CHECKED_RETURN EXP12-C. Do not ignore values returned by functions
CONSTANT_EXPRESSION_RESULT EXP46-C. Do not use a bitwise operator with a Boolean-like operand
DEADCODE MSC07-C. Detect and remove dead code
DEADCODE MSC12-C. Detect and remove code that has no effect or is never executed
DEADLOCK CON35-C. Avoid deadlock by locking in a predefined order
DIVIDE_BY_ZERO INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
EVALUATION_ORDER EXP30-C. Do not depend on the order of evaluation for side effects
EVALUATION_ORDER EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place
FORWARD_NULL EXP34-C. Do not dereference null pointers
INTEGER_OVERFLOW INT30-C. Ensure that unsigned integer operations do not wrap
LINKAGE_CONFLICT DCL36-C. Do not declare an identifier with conflicting linkage classifications
LOCK CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction
MISRA_CAST INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
MISRA_CAST FLP34-C. Ensure that floating-point conversions are within range of the new type
MISSING_BREAK MSC17-C. Finish every set of statements associated with a case label with a break statement
MISSING_LOCK CON43-C. Do not allow data races in multithreaded code
NEGATIVE_RETURNS INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
NEGATIVE_RETURNS ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
NO_EFFECT EXP33-C. Do not read uninitialized memory
NO_EFFECT MSC12-C. Detect and remove code that has no effect or is never executed
NULL_RETURNS EXP34-C. Do not dereference null pointers
OPEN_ARGS FIO03-C. Do not make assumptions about fopen() and file creation
OVERFLOW_BEFORE_WIDEN INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
OVERRUN_DYNAMIC ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
OVERRUN_STATIC ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
POINTER_CONVERSION_LOSES_BITS INT36-C. Converting a pointer to integer or integer to pointer
PW.DEPRECATED_STRING_CONV STR30-C. Do not attempt to modify string literals
PW.PRINTF_ARG_MISMATCH FIO47-C. Use valid format strings
RACE_CONDITION CON32-C. Prevent data races when accessing bit-fields from multiple threads
READLINK POS30-C. Use the readlink() function properly
RESOURCE_LEAK MEM31-C. Free dynamically allocated memory when no longer needed
RESOURCE_LEAK MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
RETURN_LOCAL DCL30-C. Declare objects with appropriate storage durations
REVERSE_INULL EXP34-C. Do not dereference null pointers
REVERSE_NEGATIVE INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
REVERSE_NEGATIVE ARR32-C. Ensure size arguments for variable length arrays are in a valid range
SECURE_TEMP FIO21-C. Do not create temporary files in shared directories
SIZECHECK MEM35-C. Allocate sufficient memory for an object
STACK_USE MEM05-C. Avoid large stack allocations
STRING_NULL STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
TAINTED_STATIC INT32-C. Ensure that operations on signed integers do not result in overflow
TAINTED_STRING STR02-C. Sanitize data passed to complex subsystems
TAINTED_STRING_WARNING FIO30-C. Exclude user input from format strings
TOCTOU FIO01-C. Be careful using functions that use file names for identification
UNCAUGHT_EXCEPT ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure
UNINIT EXP33-C. Do not read uninitialized memory
UNREACHABLE MSC07-C. Detect and remove dead code
UNREACHABLE MSC12-C. Detect and remove code that has no effect or is never executed
UNUSED_VALUE MSC13-C. Detect and remove unused values
USE_AFTER_FREE MEM30-C. Do not access freed memory
USE_AFTER_FREE MEM01-C. Store a new value in pointers immediately after free()

...