Checker | Guideline | CODSTA-122_{a,b} | FIO04-CPP. Detect and handle input and output errors |
|---|
| JSF-166_{b,c} | EXP52-CPP. Do not rely on side effects in unevaluated operands |
| JSF-186_{a, b, c, d, e, f, g} | MSC07-CPP. Detect and remove dead code |
| JSF-186_{a,b,c,d,e,f,g} | MSC12-CPP. Detect and remove code that has no effect |
| MISRA2004-10_2_{b,c,d} | FLP03-CPP. Detect and handle floating point errors |
| BD-PB-ARRAYEXP08-CPP. Ensure pointer arithmetic is used correctlyBD-PB-NOTINIT | EXP53-CPP. Do not read uninitialized memory |
| BD-PB-NP | OOP55-CPP. Do not use pointer-to-member operators to access nonexistent members |
| BD-PB-NP | MSC08-CPP. Functions should validate their parameters | BD-PB-OVERFWR | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| BD-PB-OVERF{RD, WR, FMT, NZT} | CTR52-CPP. Guarantee that library functions do not overflow |
| BD-PB-OVERF{RD, WR, FMT, NZT} | STR53-CPP. Range check element access |
| BD-PB-OVERNZT | STR03-CPP. Do not inadvertently truncate a null-terminated character array |
| BD-PB-SWITCH | MSC07-CPP. Detect and remove dead code |
| BD-PB-SWITCH | MSC12-CPP. Detect and remove code that has no effect |
| BD-PB-ZERO | FLP03-CPP. Detect and handle floating point errors | BD-RES-FREE | EXP54-CPP. Do not access an object outside of its lifetime |
| BD-RES-FREE | MEM50-CPP. Do not access freed memory |
| BD-RES-LEAKS | FIO51-CPP. Close files when they are no longer needed |
| BD-RES-LEAKS | ERR56-CPP. Guarantee exception safety |
| BD-RES-LEAKS | ERR57-CPP. Do not leak resources when handling exceptions |
| BD-SECURITY-INTOVERF | INT04-CPP. Enforce limits on integer values originating from untrusted sources |
| BD-SECURITY-OVERFRD | INT04-CPP. Enforce limits on integer values originating from untrusted sources |
| BD-SECURITY-OVERFWR | INT04-CPP. Enforce limits on integer values originating from untrusted sources |
| BD-SECURITY-TDFNAMES | FIO02-CPP. Canonicalize path names originating from untrusted sources |
| BD-SECURITY-TDFNAMES | MSC09-CPP. Character encoding: Use subset of ASCII for safety |
| BD-SECURITY-TDFNAMES | MSC10-CPP. Character encoding: UTF8-related issues |
| BD-SECURITY-{TDCMD, TDFNAMES, TDSQL} | STR02-CPP. Sanitize data passed to complex subsystems |
| BD-TRS-DLOCK | CON53-CPP. Avoid deadlock by locking in a predefined order |
| CODSTA-11 | MSC11-CPP. Incorporate diagnostic tests using assertions |
| CODSTA-122_{a,b} | ERR10-CPP. Check for error conditions |
| CODSTA-122{a,b} | EXP12-CPP. Do not ignore values returned by functions or methods |
| CODSTA-198 | MSC01-CPP. Strive for logical completeness |
| CODSTA-26 | DCL06-CPP. Use meaningful symbolic constants to represent literal values in program logic |
| CODSTA-34 | DCL05-CPP. Use typedefs to improve code readability |
| CODSTA-63 | EXP15-CPP. Beware of integer promotion when performing bitwise operations on chars or shorts |
| CODSTA-69 | STR07-CPP. Don't assume numeric values for expressions with type plain character |
| 74 | DCL59 | CODSTA-74 | DCL58-CPP. Do not define an unnamed namespace in a header file | CODSTA-97 | EXP00-CPP. Use parentheses for precedence of operation |
| CODSTA-CPP-01 | FIO17-CPP. Prefer streams to C-style input and output |
| CODSTA-CPP-05 | OOP01-CPP. Be careful with the definition of conversion operators |
| CODSTA-CPP-09 | EXP13-CPP. Prefer dynamic_cast over static_cast over reinterpret_cast |
| CODSTA-CPP-09 | EXP14-CPP. Do not use reinterpret_cast on pointers to class objects with multiple inheritence |
| CODSTA-CPP-70 | MSC21-CPP. Use inequality to terminate a loop whose counter changes by more than one |
| CODSTA-CPP04 | OOP09-CPP. Ensure that single-argument constructors are marked "explicit" |
| CPP-83 | DCL01-CPP. Do not reuse variable names in subscopes |
| CPP-84 | DCL01-CPP. Do not reuse variable names in subscopes |
| EXCEPT-02 | ERR09-CPP. Throw anonymous temporaries | EXCEPT-13 | ERR51-CPP. Handle all exceptions |
| EXCEPT-14 | ERR55-CPP. Honor exception specifications |
| EXCEPT-16 | ERR53-CPP. Do not reference base classes or class data members in a constructor or destructor function-try-block handler |
| EXCEPT-17 | ERR54-CPP. Catch handlers should order their parameter types from most derived to least derived |
| EXCEPT-18 | ERR58-CPP. Constructors of objects with static or thread storage duration must not throw exceptions |
| FORMAT-29 | DCL04-CPP. Do not declare more than one variable per declaration |
| FORMAT-31 | EXP17-CPP. Treat relational and equality operators as if they were nonassociative |
| INIT-03 | DCL19-CPP. Initialize automatic local variables on declaration |
| INIT-04 | DCL19-CPP. Initialize automatic local variables on declaration |
| Handle all exceptions thrown before main() begins executing |
| INIT-INIT-10 | OOP53-CPP. Write constructor member initializers in the canonical order | INIT-12 | DCL14-CPP. Avoid assumptions about the initialization order between translation units |
| JSF-009 | MSC09-CPP. Character encoding: Use subset of ASCII for safety |
| JSF-014 | DCL16-CPP. Use "L," not "l," to indicate a long value |
| JSF-020 | ERR52-CPP. Do not use setjmp() or longjmp() |
| JSF-094OOP07-CPP. Do not inherit from multiple classes that have distinct objects with the same name |
| JSF-094_b | OOP02-CPP. Do not hide inherited non-virtual member functions |
| 114 | MSC52 | JSF-114 | MSC54-CPP. Value-returning functions must return a value from all exit paths |
| JSF-117_a | OOP51-CPP. Do not slice derived objects | JSF-118 | DCL13-CPP. Declare function parameters that are pointers to values not changed by the function as const |
| JSF-126 | MSC04-CPP. Use comments consistently and in a readable fashion |
| JSF-136_{a,b} | DCL07-CPP. Minimize the scope of variables and methods |
| JSF-137 | DCL15-CPP. Declare file-scope objects or functions that do not need external linkage in an unnamed namespace |
| JSF-147 | MSC14-CPP. Do not introduce unnecessary platform dependencies |
| JSF-157 | EXP02-CPP. Be aware of the short-circuit behavior of the logical AND and OR operators |
| JSF-159 | DCL10-CPP. Do not overload the ampersand, comma, logical AND or logical OR operators |
| JSF-159b | DCL10-CPP. Do not overload the ampersand, comma, logical AND or logical OR operators |
| JSF-166 | EXP52-CPP. Do not rely on side effects in unevaluated operands | JSF-187 | MSC03-CPP. Avoid errors of addition |
| JSF-193MSC18-CPP. Finish every set of statements associated with a case label with a break statement |
| JSF-194 | MSC01-CPP. Strive for logical completeness |
| JSF-203 | MSC15-CPP. Do not depend on undefined behavior |
| JSF-204.1{a,b,c,d,g} | EXP50-CPP. Do not depend on the order of evaluation for side effects |
| MEM-06 | MEM51-CPP. Properly deallocate dynamically allocated resources |
| MEM-12 | MEM51-CPP. Properly deallocate dynamically allocated resources |
| MEM-28 | MEM51-CPP. Properly deallocate dynamically allocated resources |
| MEM-29 | MEM51-CPP. Properly deallocate dynamically allocated resources |
| MISRA-043_{c,d} | FLP05-CPP. Convert integers to floating point for floating point operations |
| MISRA-043{b} | INT02-CPP. Understand integer conversion rules |
| MISRA-043{b} | INT18-CPP. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MISRA-096 | PRE02-CPP. Macro replacement lists should be parenthesized |
| MISRA-101 | EXP08-CPP. Ensure pointer arithmetic is used correctly |
| MISRA2004-11_4 | EXP56-CPP. Do not cast pointers into more strictly aligned pointer types |
| MISRA2004-13_3 | FLP00-CPP. Understand the limitations of floating-point numbers |
| MISRA2004-13_3 | FLP02-CPP. Avoid using floating point numbers when precise computation is needed |
| MISRA2004-14_2 | MSC13-CPP. Detect and remove unused values |
| MISRA2004-16_1 | DCL50-CPP. Do not define a C-style variadic function |
| MISRA2004-19_10 | PRE01-CPP. Use parentheses within macros around parameter names |
| MISRA2004-19_7 | PRE00-CPP. Avoid defining macros |
| MISRA2004-20_10 | INT06-CPP. Use strtol() or a related function to convert a string token to an integer |
| MISRA2004-4_2-3 | PRE07-CPP. Avoid using repeated question marks |
| MISRA2004-6_1 | STR00-CPP. Represent characters using an appropriate type |
| MISRA2004-6_1 | STR04-CPP. Use plain char for characters in the basic character set |
| MISRA2004-6_4 | INT12-CPP. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| MISRA2004-6_{1,2} | INT07-CPP. Use only explicitly signed or unsigned char type for numeric values |
| MISRA2008-15_3_1 | ERR58-CPP. Constructors of objects with static or thread storage duration must not throw exceptionsHandle all exceptions thrown before main() begins executing |
| MISRA2008-15_5_2 | ERR55-CPP. Honor exception specifications |
| MISRA2008-17_0_1_{a, b} | DCL51-CPP. Do not declare or define a reserved identifier |
| MISRA2008-5_0_21 | INT13-CPP. Use bitwise operators only on unsigned operands |
| MISRA2008-5_0_21 | INT16-CPP. Do not make assumptions about representation of signed integers |
| MISRA2008-5_2_8 | EXP16-CPP. Avoid conversions using void pointers |
| MISRA2008-5_2_8 | INT11-CPP. Take care when converting from pointer to integer or integer to pointer |
| MISRA2012-RULE-21_4_{a,b} | ERR52-CPP. Do not use setjmp() or longjmp() |
| MISRA2012-RULE-21_5_b | MSC56 MSC54-CPP. A signal handler must be a plain old function |
| MISRA2012-RULE-21_5_b | SIG00-CPP. Mask signals handled by noninterruptible signal handlers |
| MISRA2012-RULE-21_5_b | SIG01-CPP. Understand implementation-specific details regarding signal handler persistence |
| MISRA2012-RULE-21_5_b | SIG02-CPP. Avoid using signals to implement normal functionality |
| MISRA2012-RULE-21_8 | ENV02-CPP. Do not call system() if you do not need a command processor |
| MISRA2012-RULE-21_8 | ERR04-CPP. Choose an appropriate termination strategy |
| MISRA2012-RULE-21_8 | ERR05-CPP. Application-independent code should provide error detection without dictating error handling |
| MISRA2012-RULE-8_12 | INT09-CPP. Ensure enumeration constants map to unique values |
| MRM-09 | MEM01-CPP. Store a valid value in pointers immediately after deallocation |
| MRM-10 | MEM01-CPP. Store a valid value in pointers immediately after deallocation |
| MRM-11 | MEM01-CPP. Store a valid value in pointers immediately after deallocation |
| MRM-14 | MEM55-CPP. Honor replacement dynamic storage management requirements |
| MRM-15 | MEM55-CPP. Honor replacement dynamic storage management requirements |
| MRM-18MEM11-CPP. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-19 | MEM11-CPP. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-20 | MEM11-CPP. Allocate and free memory in the same module, at the same level of abstraction |
| MRM-26 | DCL54-CPP. Overload allocation and deallocation functions as a pair in the same scope |
| MRM-27 | DCL54-CPP. Overload allocation and deallocation functions as a pair in the same scope |
| MRM-34 | MEM52-CPP. Detect and handle memory allocation errors | MRM-39 | FIO04-CPP. Detect and handle input and output errors |
| MRM-45 | EXP01-CPP. Do not take the size of a pointer to determine the size of the pointed-to type |
| MRM-50 | OOP06-CPP. Create a private copy constructor and assignment operator for non copyable objects |
| NAMING-45 | DCL02-CPP. Use visually distinct identifiers |
| OOP-02 | OOP51-CPP. Do not slice derived objects |
| OOP-03 | OOP07-CPP. Do not inherit from multiple classes that have distinct objects with the same name |
| OOP-04 | OOP07-CPP. Do not inherit from multiple classes that have distinct objects with the same name |
| OOP-07OOP07-CPP. Do not inherit from multiple classes that have distinct objects with the same name |
| OOP-12 | OOP08-CPP. Do not return references to private data |
| OOP-13 | OOP04-CPP. Prefer not to give virtual functions default argument initializers |
| OOP-16 | OOP50-CPP. Do not invoke virtual functions from constructors or destructors | OOP-17 | OOP03-CPP. Prefer not to overload virtual functions |
| OOP-22 | OOP52-CPP. Do not delete a polymorphic object without a virtual destructor |
| OOP-34 | OOP54-CPP. Gracefully handle self-assignment |
| OOP-48 | OOP00-CPP. Declare data members private |
| OPT-04 | EXP18-CPP. Prefer the prefix forms of ++ and -- |
| OPT-14 | DCL17-CPP. Declare function parameters that are large data structures and are not changed by the function as const references |
| copy assignment |
| PB-10 | EXP51-CPP. Do not delete an array through a pointer of the incorrect type |
| PB-10 | CTR56-CPP. Do not use pointer arithmetic on polymorphic objects | PB-32 | CTR01-CPP. Do not apply the sizeof operator to a pointer when taking the size of an array |
| PB-32 | EXP01-CPP. Do not take the size of a pointer to determine the size of the pointed-to type |
| PB-35 | MSC02-CPP. Avoid errors of omission |
| PB-45 | FIO00-CPP. Take care when creating format strings |
| PB-46 | FIO00-CPP. Take care when creating format strings |
| PB-47 | FIO00-CPP. Take care when creating format strings |
| PB-48 | FIO00-CPP. Take care when creating format strings |
| PB-49 | FIO00-CPP. Take care when creating format strings |
| PB-50 | FIO00-CPP. Take care when creating format strings |
| PB-54 | EXP57-CPP. Do not cast or delete pointers to incomplete classes |
| PB-55 | EXP57-CPP. Do not cast or delete pointers to incomplete classes |
| PB-BD-CC | MSC02-CPP. Avoid errors of omission |
| PFO-02 | PRE06-CPP. Enclose header files in an inclusion guard |
| Runtime detection | EXP51-CPP. Do not delete an array through a pointer of the incorrect type |
| Runtime detection | EXP53-CPP. Do not read uninitialized memory |
| Runtime detection | EXP54-CPP. Do not access an object outside of its lifetime |
| Runtime detection | EXP57-CPP. Do not cast or delete pointers to incomplete classes |
| Runtime detection | MEM50-CPP. Do not access freed memory |
| Runtime detection | MEM51-CPP. Properly deallocate dynamically allocated resources |
| Runtime detection | MEM52-CPP. Detect and handle memory allocation errors |
| Runtime detection | FIO51-CPP. Close files when they are no longer needed |
| Runtime detection | OOP55-CPP. Do not use pointer-to-member operators to access nonexistent members |
| Runtime detection | DCL19-CPP. Initialize automatic local variables on declaration |
| Runtime detection | FIO04-CPP. Detect and handle input and output errors |
| Runtime detection | MEM01-CPP. Store a valid value in pointers immediately after deallocation |
| Runtime detection | MEM11-CPP. Allocate and free memory in the same module, at the same level of abstraction |
| SECURITY-02 | MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers |
| SECURITY-03ENV00-CPP. Beware of multiple environment variables with the same effective nameSECURITY-12 | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator SECURITY-13 | INT05-CPP. Do not use input functions to convert character data if they cannot handle all possible inputs |
| SECURITY-15 | ERR12-CPP. Do not allow exceptions to transmit sensitive information |
| SECURITY-19 | FIO19-CPP. Do not create temporary files in shared directories |
| SECURITY-25 | CON00-CPP. Avoid assuming functions are thread safe unless otherwise specified |
| SECURITY-27 | FIO01-CPP. Be careful using functions that use file names for identification |
| SECURITY-40 | FIO06-CPP. Create files with appropriate access permissions |
| STL-02 | CTR56-CPP. Do not use pointer arithmetic on polymorphic objects |
| STL-07 | CTR04-CPP. Assume responsibility for cleaning up data referenced by a container of pointers |
| STL-10 | CTR00-CPP. Understand when to prefer vectors over arrays |
| STL-36 | CTR50-CPP. Guarantee that container indices and iterators are within the valid range |
| STL-36 | CTR53-CPP. Use valid iterator ranges |
