Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Checker

Guideline

(customization)FIO44-C. Only use values for fsetpos() that are returned from fgetpos()
(customization)POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument
(customization)DCL03-C. Use a static assertion to test the value of a constant expression
(customization)FIO06-C. Create files with appropriate access permissions
(customization)FIO08-C. Take care when calling remove() on an open file
(customization)FIO10-C. Take care when using the rename() function
(customization)FIO13-C. Never push back anything other than one read character
(customization)FIO24-C. Do not open a file that is already open
(customization)INT06-C. Use strtol() or a related function to convert a string token to an integer
(customization)MEM03-C. Clear sensitive information stored in reusable resources
(customization)MEM04-C. Beware of zero-length allocations
(customization)MSC24-C. Do not use deprecated or obsolescent functions
(customization)STR06-C. Do not assume that strtok() leaves the parse string unchanged
(customization)WIN01-C. Do not forcibly terminate execution
(general)FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful
(general)ENV01-C. Do not make assumptions about the size of an environment variable
(general)INT04-C. Enforce limits on integer values originating from tainted sources
(general)MEM11-C. Do not assume infinite heap space
ALLOC.DFMEM00-C. Allocate and free memory in the same module, at the same level of abstraction
ALLOC.DFMEM01-C. Store a new value in pointers immediately after free()
ALLOC.FNHMEM34-C. Only free memory allocated dynamically
ALLOC.LEAKMEM31-C. Free dynamically allocated memory when no longer needed
ALLOC.LEAKFIO42-C. Close files when they are no longer needed
ALLOC.LEAKMEM00-C. Allocate and free memory in the same module, at the same level of abstraction
ALLOC.LEAKMEM11-C. Do not assume infinite heap space
ALLOC.SIZE.ADDOFLOWINT30-C. Ensure that unsigned integer operations do not wrap
ALLOC.SIZE.ADDOFLOWINT32-C. Ensure that operations on signed integers do not result in overflow
ALLOC.SIZE.ADDOFLOWMEM35-C. Allocate sufficient memory for an object
ALLOC.SIZE.ADDOFLOWINT08-C. Verify that all integer values are in range
ALLOC.SIZE.ADDOFLOWINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
ALLOC.SIZE.IOFLOWINT30-C. Ensure that unsigned integer operations do not wrap
ALLOC.SIZE.IOFLOWINT32-C. Ensure that operations on signed integers do not result in overflow
ALLOC.SIZE.IOFLOWMEM35-C. Allocate sufficient memory for an object
ALLOC.SIZE.IOFLOWINT08-C. Verify that all integer values are in range
ALLOC.SIZE.IOFLOWINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
ALLOC.SIZE.MULOFLOWINT30-C. Ensure that unsigned integer operations do not wrap
ALLOC.SIZE.MULOFLOWINT32-C. Ensure that operations on signed integers do not result in overflow
ALLOC.SIZE.MULOFLOWMEM35-C. Allocate sufficient memory for an object
ALLOC.SIZE.MULOFLOWINT08-C. Verify that all integer values are in range
ALLOC.SIZE.MULOFLOWINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
ALLOC.SIZE.SUBUFLOWINT30-C. Ensure that unsigned integer operations do not wrap
ALLOC.SIZE.SUBUFLOWINT32-C. Ensure that operations on signed integers do not result in overflow
ALLOC.SIZE.SUBUFLOWMEM35-C. Allocate sufficient memory for an object
ALLOC.SIZE.SUBUFLOWINT08-C. Verify that all integer values are in range
ALLOC.SIZE.SUBUFLOWINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
ALLOC.SIZE.SUBUFLOWMEM11-C. Do not assume infinite heap space
ALLOC.SIZE.TRUNCINT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
ALLOC.SIZE.TRUNCMEM35-C. Allocate sufficient memory for an object
ALLOC.SIZE.TRUNCINT02-C. Understand integer conversion rules
ALLOC.SIZE.TRUNCINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
ALLOC.TMWIN30-C. Properly pair allocation and deallocation functions
ALLOC.UAFMEM30-C. Do not access freed memory
ALLOC.UAFMEM01-C. Store a new value in pointers immediately after free()
BADFUNC.*MSC24-C. Do not use deprecated or obsolescent functions
BADFUNC.BO.*STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminatorBADFUNC.BO.*ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
BADFUNC.BO.*ARR38-C. Guarantee that library functions do not form invalid pointers
BADFUNC.BO.*STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
BADFUNC.BO.*API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
BADFUNC.BO.OEMTOCHARSTR07-C. Use the bounds-checking interfaces for string manipulation
BADFUNC.BO.STRCATSTR07-C. Use the bounds-checking interfaces for string manipulation
BADFUNC.BO.STRCATCHAINWSTR07-C. Use the bounds-checking interfaces for string manipulation
BADFUNC.BO.STRCMPSTR07-C. Use the bounds-checking interfaces for string manipulation
BADFUNC.BO.STRCPYSTR07-C. Use the bounds-checking interfaces for string manipulation
BADFUNC.BO.STRLENSTR07-C. Use the bounds-checking interfaces for string manipulation
BADFUNC.BO.STRTRNSSTR07-C. Use the bounds-checking interfaces for string manipulation
BADFUNC.CHROOTPOS05-C. Limit access to files by creating a jail
BADFUNC.CREATEPROCESSWIN02-C. Restrict privileges when spawning child processes
BADFUNC.CREATETHREADWIN02-C. Restrict privileges when spawning child processes
BADFUNC.LONGJMPMSC22-C. Use the setjmp(), longjmp() facility securely
BADFUNC.MEMSETMSC06-C. Beware of compiler optimizations
BADFUNC.PATH.*FIO02-C. Canonicalize path names originating from tainted sources
BADFUNC.PATH.AFXLOADLIBRARYWIN00-C. Be specific when dynamically loading libraries
BADFUNC.PATH.COLOADLIBRARYWIN00-C. Be specific when dynamically loading libraries
BADFUNC.PATH.LOADLIBRARYWIN00-C. Be specific when dynamically loading libraries
BADFUNC.PATH.SYSTEMENV33-C. Do not call system()
BADFUNC.RANDOM.RANDCON33-C. Avoid race conditions when using library functions
BADFUNC.RANDOM.RANDMSC30-C. Do not use the rand() function for generating pseudorandom numbers
BADFUNC.SETJMPMSC22-C. Use the setjmp(), longjmp() facility securely
BADFUNC.SIGNALCON37-C. Do not call signal() in a multithreaded program
BADFUNC.SIGNALSIG00-C. Mask signals handled by noninterruptible signal handlers
BADFUNC.SIGNALSIG01-C. Understand implementation-specific details regarding signal handler persistence
BADFUNC.TEMP.*FIO01-C. Be careful using functions that use file names for identification
BADFUNC.TEMP.*FIO21-C. Do not create temporary files in shared directories
BADFUNC.TEMP.TMPNAMCON33-C. Avoid race conditions when using library functions
BADFUNC.TTYNAMECON33-C. Avoid race conditions when using library functions
BADFUNC.VFORKPOS33-C. Do not use vfork()
BUILD.WALLMSC00-C. Compile cleanly at high warning levels
BUILD.WERRORMSC00-C. Compile cleanly at high warning levels
CONCURRENCY.DATARACESIG31-C. Do not access shared objects in signal handlers
CONCURRENCY.DATARACECON00-C. Avoid race conditions with multiple threads
CONCURRENCY.LOCK.NOLOCKCON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction
CONCURRENCY.LOCK.NOUNLOCKCON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction
CONCURRENCY.LOCK.ORDERCON35-C. Avoid deadlock by locking in a predefined order
CONCURRENCY.LOCK.ORDERPOS51-C. Avoid deadlock with POSIX threads by locking in predefined order
CONCURRENCY.STARVE.BLOCKINGPOS52-C. Do not perform operations that can block while holding a POSIX lock
CONCURRENCY.STARVE.BLOCKINGCON05-C. Do not perform operations that can block while holding a lock
HARDCODED.AUTHMSC18-C. Be careful while handling sensitive data, such as passwords, in program code
HARDCODED.KEYMSC18-C. Be careful while handling sensitive data, such as passwords, in program code
HARDCODED.SALTMSC18-C. Be careful while handling sensitive data, such as passwords, in program code
IO.INJ.COMMANDENV33-C. Do not call system()
IO.INJ.COMMANDSTR02-C. Sanitize data passed to complex subsystems
IO.INJ.FMTFIO30-C. Exclude user input from format strings
IO.INJ.FMTFIO47-C. Use valid format strings
IO.INJ.FMTSTR02-C. Sanitize data passed to complex subsystems
IO.INJ.LDAPSTR02-C. Sanitize data passed to complex subsystems
IO.INJ.LIBSTR02-C. Sanitize data passed to complex subsystems
IO.INJ.SQLSTR02-C. Sanitize data passed to complex subsystems
IO.RACEFIO45-C. Avoid TOCTOU race conditions while accessing files
IO.RACEFIO01-C. Be careful using functions that use file names for identification
IO.RACEFIO24-C. Do not open a file that is already open
IO.TAINT.FNAMEFIO01-C. Be careful using functions that use file names for identification
IO.TAINT.FNAMEFIO02-C. Canonicalize path names originating from tainted sources
IO.TAINT.SIZEMEM35-C. Allocate sufficient memory for an object
IO.TAINT.SIZEMEM05-C. Avoid large stack allocations
IO.TAINT.SIZEMEM11-C. Do not assume infinite heap space
IO.UACFIO46-C. Do not access a closed file
LANG.ARITH.BIGSHIFTINT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
LANG.ARITH.DIVZEROINT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
LANG.ARITH.NEGSHIFTINT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
LANG.CAST.COERCEINT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
LANG.CAST.COERCEFIO34-C. Distinguish between characters read from a file and EOF or WEOF
LANG.CAST.COERCEINT02-C. Understand integer conversion rules
LANG.CAST.VALUEINT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
LANG.CAST.VALUEINT02-C. Understand integer conversion rules
LANG.FUNCS.ASSERTSMSC11-C. Incorporate diagnostic tests using assertions
LANG.FUNCS.IRVERR33-C. Detect and handle standard library errors
LANG.FUNCS.IRVPOS54-C. Detect and handle POSIX library errors
LANG.FUNCS.IRVEXP12-C. Do not ignore values returned by functions
LANG.MEM.BOSTR31ARR30-C. Guarantee that storage for strings has sufficient space for character data and the null terminatorLANG.MEM.BOARR30-C. Do not form or use Do not form or use out-of-bounds pointers or array subscripts
LANG.MEM.BOARR38-C. Guarantee that library functions do not form invalid pointers
LANG.MEM.BOSTR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
LANG.MEM.BOENV01-C. Do not make assumptions about the size of an environment variable
LANG.MEM.BUARR30-C. Do not form or use out-of-bounds pointers or array subscripts
LANG.MEM.BUARR38-C. Guarantee that library functions do not form invalid pointers
LANG.MEM.HRLOOPMSC21-C. Use robust loop termination conditions
LANG.MEM.NPDEXP34-C. Do not dereference null pointers
LANG.MEM.TOARR30-C. Do not form or use out-of-bounds pointers or array subscripts
LANG.MEM.TOSTR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminatorLANG.MEM.TOARR30-C. Do not form or use out-of-bounds pointers or array subscripts
LANG.MEM.TOENV01-C. Do not make assumptions about the size of an environment variable
LANG.MEM.TUARR30-C. Do not form or use out-of-bounds pointers or array subscripts
LANG.MEM.UVAREXP33-C. Do not read uninitialized memory
LANG.PREPROC.MACROENDPRE02-C. Macro replacement lists should be parenthesized
LANG.PREPROC.MACROENDPRE11-C. Do not conclude macro definitions with a semicolon
LANG.PREPROC.MACROSTARTPRE02-C. Macro replacement lists should be parenthesized
LANG.PREPROC.PASTEPRE30-C. Do not create a universal character name through concatenation
LANG.PREPROC.PASTEPRE05-C. Understand macro replacement when concatenating tokens or performing stringification
LANG.STRUCT.CONDASSIGEXP45-C. Do not perform assignments in selection statements
LANG.STRUCT.DECLTYPEDCL23-C. Guarantee that mutually visible identifiers are unique
LANG.STRUCT.EBSMSC12-C. Detect and remove code that has no effect or is never executed
LANG.STRUCT.ENUMINITINT09-C. Ensure enumeration constants map to unique values
LANG.STRUCT.MRSMSC37-C. Ensure that control never reaches the end of a non-void function
LANG.STRUCT.MULTIDECLDCL04-C. Do not declare more than one variable per declaration
LANG.STRUCT.NTADEXP34-C. Do not dereference null pointers
LANG.STRUCT.PBBARR30-C. Do not form or use out-of-bounds pointers or array subscripts
LANG.STRUCT.PITDCL05-C. Use typedefs of non-pointer types only
LANG.STRUCT.PPEARR30-C. Do not form or use out-of-bounds pointers or array subscripts
LANG.STRUCT.RCMSC12-C. Detect and remove code that has no effect or is never executed
LANG.STRUCT.RPLDCL30-C. Declare objects with appropriate storage durations
LANG.STRUCT.SCOPE.FILEDCL19-C. Minimize the scope of variables and functions
LANG.STRUCT.SCOPE.LOCALDCL19-C. Minimize the scope of variables and functions
LANG.STRUCT.UCMSC07-C. Detect and remove dead code
LANG.STRUCT.UCMSC12-C. Detect and remove code that has no effect or is never executed
LANG.STRUCT.ULOOPMSC21-C. Use robust loop termination conditions
LANG.STRUCT.UPDEXP34-C. Do not dereference null pointers
LANG.STRUCT.UVALMSC13-C. Detect and remove unused values
MISC.CRYPTO.NOPADMSC18-C. Be careful while handling sensitive data, such as passwords, in program code
MISC.FMTFIO30-C. Exclude user input from format strings
MISC.FMTFIO47-C. Use valid format strings
MISC.MEM.NTERMSTR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
MISC.MEM.NTERMSTR03-C. Do not inadvertently truncate a string
MISC.MEM.SIZE.ADDOFLOWINT30-C. Ensure that unsigned integer operations do not wrap
MISC.MEM.SIZE.ADDOFLOWINT32-C. Ensure that operations on signed integers do not result in overflow
MISC.MEM.SIZE.ADDOFLOWINT08-C. Verify that all integer values are in range
MISC.MEM.SIZE.ADDOFLOWINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
MISC.MEM.SIZE.BADINT30-C. Ensure that unsigned integer operations do not wrap
MISC.MEM.SIZE.BADINT32-C. Ensure that operations on signed integers do not result in overflow
MISC.MEM.SIZE.BADMEM35-C. Allocate sufficient memory for an object
MISC.MEM.SIZE.BADINT08-C. Verify that all integer values are in range
MISC.MEM.SIZE.BADINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
MISC.MEM.SIZE.BADMEM05-C. Avoid large stack allocations
MISC.MEM.SIZE.BADMEM11-C. Do not assume infinite heap space
MISC.MEM.SIZE.MULOFLOWINT30-C. Ensure that unsigned integer operations do not wrap
MISC.MEM.SIZE.MULOFLOWINT32-C. Ensure that operations on signed integers do not result in overflow
MISC.MEM.SIZE.MULOFLOWINT08-C. Verify that all integer values are in range
MISC.MEM.SIZE.MULOFLOWINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
MISC.MEM.SIZE.SUBUFLOWINT30-C. Ensure that unsigned integer operations do not wrap
MISC.MEM.SIZE.SUBUFLOWINT32-C. Ensure that operations on signed integers do not result in overflow
MISC.MEM.SIZE.SUBUFLOWINT08-C. Verify that all integer values are in range
MISC.MEM.SIZE.SUBUFLOWINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
MISC.MEM.SIZE.TRUNCINT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
MISC.MEM.SIZE.TRUNCINT02-C. Understand integer conversion rules
MISC.MEM.SIZE.TRUNCINT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
MISC.NEGCHARSTR37-C. Arguments to character-handling functions must be representable as an unsigned char
MISC.NEGCHARINT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs
MISC.NEGCHARSTR00-C. Represent characters using an appropriate type
MISC.NOEFFECTMSC12-C. Detect and remove code that has no effect or is never executed
MISC.PWD.PLAINMSC18-C. Be careful while handling sensitive data, such as passwords, in program code