SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 53

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 54

changes.mady.by.user Alex Volkovitsky

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
/* ... */
fd = open(ms, O_CREAT|O_EXCL|O_WRONLY|O_TRUNC, file_access_permissions);
if (fd == -1){
  /* Handle Error */
}
/* ... */

Risk Assessment

Calling a function with incorrect arguments can result in unexpected or unintended program behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP37-C

medium

probable

high

P4

L3

Automated Detection

Compass/ROSE could detect the violations in these examples when it can determine which function a function pointer points to at compile time. Then it can match the function's arguments with the expected arguments. If a pointer points to a function not determinable at compile time, ROSE probably won't be able to validate its parameters either.

Risk Assessment

Calling a function with incorrect arguments can result in unexpected or unintended program behavior.

...

Rule

...

Severity

...

Likelihood

...

Remediation Cost

...

Priority

...

Level

...

EXP37-C

...

medium

...

probable

...

high

...

P4

...

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...