SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 27

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 28

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider $version (sch jbop) (X_X)@==(Q_Q)@

...

Addition is between two operands of arithmetic type or between a pointer to an object type and an integer type (see ARR37-C. Do not add or subtract an integer to a pointer to a non-array object and ARR38-C. Do not add or subtract an integer to a pointer if the resulting value does not refer to a valid array element for rules about adding a pointer to an integer). Incrementing is equivalent to adding one.

...

Noncompliant Code Example

This non-compliant noncompliant code example may result in an unsigned integer wrap during the addition of the unsigned operands ui1 and ui2. If this behavior is unexpected, the resulting value may be used to allocate insufficient memory for a subsequent operation or in some other manner that can lead to an exploitable vulnerability.

...

Subtraction is between two operands of arithmetic type, two pointers to qualified or unqualified versions of compatible object types, or between a pointer to an object type and an integer type. See ARR36-C. Do not subtract or compare two pointers that do not refer to the same array, ARR37-C. Do not add or subtract an integer to a pointer to a non-array object, and ARR38-C. Do not add or subtract an integer to a pointer if the resulting value does not refer to a valid array element for rules about pointer subtraction. Decrementing is equivalent to subtracting one.

...

Noncompliant Code Example

This non-compliant noncompliant code example may result in an unsigned integer wrap during the subtraction of the unsigned operands ui1 and ui2. If this behavior is unanticipated, it may lead to an exploitable vulnerability.

...

Multiplication is between two operands of arithmetic type.

...

Noncompliant Code Example

Wiki Markup
The Mozilla Scalable Vector Graphics (SVG) viewer contains a heap buffer wrap vulnerability resulting from an unsigned integer wrap during the multiplication of the {{signed int}} value {{pen->num_vertices}} and the {{size_t}} value {{sizeof(cairo_pen_vertex_t)}} \[[VU#551436|AA. C References#VU551436]\].  The {{signed int}} operand is converted to {{unsigned int}} prior to the multiplication operation (see [INT02-C. Understand integer conversion rules]).

...

The left shift operator is between two operands of integer type.

...

Noncompliant Code Example

This non-compliant noncompliant code example can result in unsigned wrap left shifting the unsigned operand ui1 by ui2 bits.

...

Fortify SCA Version 5.0 with the CERT C Rule Pack is able to can detect violations of this rule.

...