SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 7

changes.mady.by.user Martin Sebor

Saved on

compared with

New Version 8

changes.mady.by.user Martin Sebor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added links to code examples to table of undefined behavior.

...

Wiki Markup
The C99 standard \[[ISO/IEC 9899:1999|AA. References#ISO/IEC 9899-1999]\] identifies four distinct situations in which undefined behavior (UB) may arise as a result of invalid pointer operations:

UB

Description

Example Code

43

Addition or subtraction of a pointer into, or just beyond, an array object and an integer type produces a result that does not point into, or just beyond, the same array object.

#Forming Out Of Bounds Pointer

44

Addition or subtraction of a pointer into, or just beyond, an array object and an integer type produces a result that points just beyond the array object and is used as the operand of a unary * operator that is evaluated.

#Dereferncing Out Of Bounds Pointer

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="cece2b2c135992fe-f2572f49-4c724fc6-b09799f1-b994b9c3f67e24ea49436a49"><ac:plain-text-body><![CDATA[

[46

CC. Undefined Behavior#ub_46]

An array subscript is out of range, even if an object is apparently accessible with the given subscript (as in the lvalue expression a[1][7] given the declaration int a[4][5]).

[#Apparently Accessible Out Of Range Index]

]]></ac:plain-text-body></ac:structured-macro>

59

An attempt is made to access, or generate a pointer to just past, a flexible array member of a structure when the referenced object provides no elements for that array.

#Pointer Past Flexible Array Member

Anchor
Forming Out Of Bounds Pointer
Forming Out Of Bounds Pointer

Noncompliant Code Example (Forming Out Of Bounds Pointer)

...

Code Block
bgColor#ccccff
enum { TABLESIZE = 100 };

static int table[TABLESIZE];

int* f(size_t index) {
  if (index < TABLESIZE)
    return table + index;

  return NULL;
}

Anchor
Dereferencing Out Of Bounds Pointer
Dereferencing Out Of Bounds Pointer

Noncompliant Code Example (Dereferencing Out Of Bounds Pointer)

...

This compliant solution is for illustrative purposes and is not necessarily the solution implemented by Microsoft. This particular "solution" may not be correct, because there is no guarantee that a L'
' is found.

Anchor
Apparently Accessible Out Of Range Index
Apparently Accessible Out Of Range Index

Noncompliant Code Example (Apparently Accessible Out Of Range Index)

...

Code Block
bgColor#ccccff
static const size_t COLS = 5;
static const size_t ROWS = 7;

static int matrix[ROWS][COLS];

void init_matrix(int x) {
  for (size_t i = 0; i != ROWS; ++i)
    for (size_t j = 0; j != COLS; ++j)
      matrix[i][j] = x;
}

Anchor
Pointer Past Flexible Array Member
Pointer Past Flexible Array Member

Noncompliant Code Example (Pointer Past Flexible Array Member)

...