SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 41

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 42

changes.mady.by.user Will Snavely

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info
titleGenerated Content

This page is automatically generated from the "Automated Detection" sections in the individual guidelines. Do not modify this page directly.

Version number:

...

was automatically generated and should not be edited.

The information on this page was provided by outside contributors and has not been verified by SEI CERT.

Include Page
c:Klocwork_V
c:Klocwork_V

Checker

Guideline

ABV.ITERATOR ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
ASSIGCOND.CALL EXP45-C. Do not perform assignments in selection statements
ASSIGCOND.GEN EXP45-C. Do not perform assignments in selection statements
Can detect violations of this rule with a number of checkers MSC13-C. Detect and remove unused values
EFFECT EXP16-C. Do not compare function pointers to constant values
EFFECT MSC12-C. Detect and remove code that has no effect or is never executed
FNH.MIGHT MEM34-C. Only free memory allocated dynamically
FNH.MUST MEM34-C. Only free memory allocated dynamically
FUM.GEN.MIGHT MEM34-C. Only free memory allocated dynamically
FUM.GEN.MUST MEM34-C. Only free memory allocated dynamically
IF_DEF_IN_HEADER_DECL DCL36-C. Do not declare an identifier with conflicting linkage classifications
IF_DUPL_HEADER PRE08-C. Guarantee that header file names are unique
IF_MISS_DECL DCL31-C. Declare identifiers before using them
IF_MULTI_DECL DCL36-C. Do not declare an identifier with conflicting linkage classifications
IF_MULTI_DECL DCL01-C. Do not reuse variable names in subscopes
IF_MULTI_DEF DCL01-C. Do not reuse variable names in subscopes
IF_MULTI_KIND DCL01-C. Do not reuse variable names in subscopes
INCORRECT.ALLOC_SIZE MEM35-C. Allocate sufficient memory for an object
LA_UNUSED MSC01-C. Strive for logical completeness
LOCRET.* DCL30-C. Declare objects with appropriate storage durations
LV_UNUSED.GEN MSC07-C. Detect and remove dead code
LV_UNUSED.GEN MSC12-C. Detect and remove code that has no effect or is never executed
MLK MEM31-C. Free dynamically allocated memory when no longer needed
NNTS STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
NNTS STR03-C. Do not inadvertently truncate a string
NNTS.TAINTED STR02-C. Sanitize data passed to complex subsystems
NPD.* *RNPD.* EXP34-C. Do not dereference null pointers
PRECISION.LOSS INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
RETVOID.IMPLICIT DCL31-C. Declare identifiers before using them
RH.LEAK FIO42-C. Close files when they are no longer needed
RH.LEAK FIO46-C. Do not access a closed file
RH.LEAK FIO22-C. Close files before spawning processes
SEMICOL EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement
SV.CODE_INJECTION.SHELL_EXEC ENV33-C. Do not call system()
SV.CUDS.MISSING_ABSOLUTE_PATH FIO02-C. Canonicalize path names originating from tainted sources
SV.FIU.PERMISSIONS POS36-C. Observe correct revocation order while relinquishing privileges
SV.FIU.PERMISSIONS POS37-C. Ensure that privilege relinquishment is successful
SV.FMTSTR.GENERIC FIO30-C. Exclude user input from format strings
SV.FMT_STR FIO47-C. Use valid format strings
SV.RVT.RETVAL_NOTTESTED EXP12-C. Do not ignore values returned by functions
SV.TAINTED.FMTSTR FIO30-C. Exclude user input from format strings
SV.TAINTED.INJECTION ENV33-C. Do not call system()
SV.TAINTED.INJECTION STR02-C. Sanitize data passed to complex subsystems
SV.TAINTED.LOOP_BOUND ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
SV.TOCTOU.FILE_ACCESS FIO01-C. Be careful using functions that use file names for identification
SV.USAGERULES.PERMISSIONS POS36-C. Observe correct revocation order while relinquishing privileges
SV.USAGERULES.PERMISSIONS POS37-C. Ensure that privilege relinquishment is successful
SV.USAGERULES.PROCESS_VARIANTS POS33-C. Do not use vfork()
SV.USAGERULES.UNINTENDED_COPY MEM03-C. Clear sensitive information stored in reusable resources
UFM.DEREF.MIGHT MEM30-C. Do not access freed memory
UFM.DEREF.MUST MEM30-C. Do not access freed memory
UFM.FFM MEM31-C. Free dynamically allocated memory when no longer needed
UFM.RETURN.MIGHT MEM30-C. Do not access freed memory
UFM.RETURN.MUST MEM30-C. Do not access freed memory
UFM.USE.MIGHT MEM30-C. Do not access freed memory
UFM.USE.MUST MEM30-C. Do not access freed memory
UNINIT.HEAP.MIGHT EXP33-C. Do not read uninitialized memory
UNINIT.HEAP.MUST EXP33-C. Do not read uninitialized memory
UNINIT.STACK.ARRAY.MIGHT EXP33-C. Do not read uninitialized memory
UNINIT.STACK.ARRAY.MUST EXP33-C. Do not read uninitialized memory
UNINIT.STACK.ARRAY.PARTIAL.MUST EXP33-C. Do not read uninitialized memory
UNINIT.STACK.MUST EXP33-C. Do not read uninitialized memory
UNREACH.* MSC07-C. Detect and remove dead code
UNREACH.* MSC12-C. Detect and remove code that has no effect or is never executed
VA_UNUSED.* MSC07-C. Detect and remove dead code
VA_UNUSED.* MSC12-C. Detect and remove code that has no effect or is never executed

...