...
Static assertion is a valuable diagnostic tool for finding and eliminating software defects that may result in vulnerabilities at compile time. The absence of static assertions, however, does not mean that code is incorrect.
This assumes ROSE can recognize macro invocation.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL03-C | low | unlikely | high | P1 | L3 |
...
Compass/ROSE could detect violations of this rule merely by looking for calls to assert(), and if it can evaluate the assertion (due to all values being known at compile time), then the code should use static-assert instead.
This assumes ROSE can recognize macro invocation.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...