C checkers | Guideline |
---|
ARRAY_VS_SINGLETON | ARR30-C. Do not form or use out of bounds pointers or array subscripts |
ASSERT_SIDE_EFFECT | MSC11-C. Incorporate diagnostic tests using assertions |
ASSERT_SIDE_EFFECTS | EXP31-C. Avoid side effects in assertions |
BAD_ALLOC_STRLEN | MEM35-C. Allocate sufficient memory for an object |
BAD_COMPARE | EXP16-C. Do not compare function pointers to constant values |
BAD_COMPARE | MSC02-C. Avoid errors of omission |
BAD_FREE | MEM34-C. Only free memory allocated dynamically |
BUFFER_SIZE | ARR33-C. Guarantee that copies are made into storage of sufficient size |
CHAR_IO | FIO34-C. Use int to capture the return value of character IO functions |
CHECKED_RETURN | ERR33-C. Detect and handle standard library errors |
CHECKED_RETURN | EXP12-C. Do not ignore values returned by functions |
CHECKED_RETURN | EXP34-C. Do not dereference null pointers |
CHECKED_RETURN | FIO04-C. Detect and handle input and output errors |
CHECKED_RETURN | FIO33-C. Detect and handle input output errors resulting in undefined behavior |
CHECKED_RETURN | MEM32-C. Detect and handle memory allocation errors |
CONSTANT_EXPRESSION_RESULT | EXP17-C. Do not perform bitwise operations in conditional expressions |
DEADCODE | MSC07-C. Detect and remove dead code |
DEADLOCK | CON35-C. Avoid deadlock by locking in a predefined order |
DIVIDE_BY_ZERO | INT33-C. Ensure that division and modulo operations do not result in divide-by-zero errors |
EVALUATION_ORDER | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
EVALUATION_ORDER | EXP30-C. Do not depend on order of evaluation between sequence pointsfor side-effects |
FORWARD_NULL | EXP34-C. Do not dereference null pointers |
INTEGER_OVERFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
LINKAGE_CONFLICT | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
LOCK | CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction |
MISRA_CAST | FLP34-C. Ensure that floating-point conversions are within range of the new type |
MISRA_CAST | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
MISSING_BREAK | MSC17-C. Finish every set of statements associated with a case label with a break statement |
MISSING_LOCK | CON00-C. Avoid race conditions with multiple threads |
MISSING_RETURN | MSC02-C. Avoid errors of omission |
NEGATIVE_RETURNS | ARR30-C. Do not form or use out of bounds pointers or array subscripts |
NEGATIVE_RETURNS | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
NO_EFFECT | EXP33-C. Do not reference read uninitialized memory |
NO_EFFECT | MSC12-C. Detect and remove code that has no effect |
NULL_RETURNS | EXP34-C. Do not dereference null pointers |
OPEN_ARGS | FIO03-C. Do not make assumptions about fopen() and file creation |
OVERFLOW_BEFORE_WIDEN | INT35INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
OVERRUN_DYNAMIC | ARR30-C. Do not form or use out of bounds pointers or array subscripts |
OVERRUN_STATIC | ARR30-C. Do not form or use out of bounds pointers or array subscripts |
POINTER_CONVERSION_LOSES_BITS | INT11-C. Converting a pointer to integer or integer to pointer |
RACE_CONDITION | CON32-C. Prevent data races when accessing adjacent data must be accessed by multiple threads |
READLINK | POS30-C. Use the readlink() function properly |
RESOURCE_LEAK | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
RESOURCE_LEAK | MEM31-C. Free dynamically allocated memory exactly once |
RETURN_LOCAL | DCL30-C. Declare objects with appropriate storage durations |
REVERSE_INULL | EXP34-C. Do not dereference null pointers |
REVERSE_NEGATIVE | ARR32-C. Ensure size arguments for variable length arrays are in a valid range |
REVERSE_NEGATIVE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
SECURE_CODING | STR35-C. Do not copy data from an unbounded source to a fixed-length array |
SECURE_TEMP | FIO43-C. Do not create temporary files in shared directories |
SIZECHECK | MEM35-C. Allocate sufficient memory for an object |
STACK_USE | MEM05-C. Avoid large stack allocations |
STRING_NULL | STR32-C. Null-terminate byte strings as required |
STRING_OVERFLOW | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
STRING_SIZE | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
TAINTED_STATIC | INT32-C. Ensure that operations on signed integers do not result in overflow |
TAINTED_STRING | STR02-C. Sanitize data passed to complex subsystems |
TAINTED_STRING_WARNING | FIO30-C. Exclude user input from format strings |
TOCTOU | FIO01-C. Be careful using functions that use file names for identification |
UNCAUGHT_EXCEPT | ERR30-C. Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
UNINIT | EXP33-C. Do not reference read uninitialized memory |
UNREACHABLE | MSC07-C. Detect and remove dead code |
UNUSED_VALUE | MSC13-C. Detect and remove unused values |
USE_AFTER_FREE | MEM01-C. Store a new value in pointers immediately after free() |
USE_AFTER_FREE | MEM30-C. Do not access freed memory |
USE_AFTER_FREE | MEM31-C. Free dynamically allocated memory exactly once |