SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 3

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
This standard recommends the inclusion of diagnostic tests into your program using the {{assert()}} macro or other mechanisms (see \[[MSC11-A. Incorporate diagnostic tests using assertions]]). Static assertion is a new facility in the C++ )X draft standard.  This facility gives the ability to make assertions at compile time rather than runtime, providing the following advantages:

  • all processing must be performed during compile time – no runtime cost in space or time is tolerable
  • assertion failure must result in a meaningful and informative diagnostic error message
  • it can be used at file or block scope
  • misuse does not result in silent malfunction, but rather is diagnosed at compile time

Static assertions take the form"

Code Block

static_assert(constant-expression, string-literal);

In a static assert declaration the constant-expression is a constant expression that can be contextually converted to bool. If the value of the expression when converted is true, the declaration has no effect. Otherwise the program is ill-formed, and a diagnostic message (which includes the text of the string-literal is issued at compile time.

While not yet available in C, this behavior can be mimicked as follows:

Code Block

#define static_assert(constant-expression, string-literal) \
  do { typedef int a[(constant-expression) ? 1 : -1]; } while(0)

int main(void) {
  static_assert(sizeof(int) <= sizeof(long)); /* Passes */
  static_assert(sizeof(double) <= sizeof(int)); /* Fails */
}

The macro argument string-literal is ignored in this case, this is meant for future compatibilityIntro.

Non-Compliant Code Example

This non-compliant code example ...

Code Block
bgColor#FFCCCC
Compliant Solution
This compliant solution ... 
 Code Block
bgColor#ccccff

static_assert(sizeof(long) >= 8, "64-bit code generation required for this library.");

Risk Assessment
 Recommendation 
 Severity 
 Likelihood 
 Remediation Cost 
 Priority 
 Level 
 DCL03-A 
 1 (low) 
 1 (unlikely) 
 1 (high) 
 P1 
 L3 
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
 Wiki Markup
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section ???, "Name"
[Klarer 04] R. Klarer, J. Maddock, B. Dawes, and H. Hinnant. "Proposal to Add Static Assertions to the Core Language (Revision 3)" (ISO C++ committee paper ISO/IEC JTC1/SC22/WG21/N1720, October 2004). This document is available online at http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2004/n1720.html.
...
DCL02-A. Use visually distinct identifiers       02. Declarations and Initialization (DCL)       DCL04-A. Take care when declaring more than one variable per declaration