Checker | Guideline |
|---|
| | EXP50-CPP. Do not depend on the order of evaluation for side effects |
| MEM50-CPP. Do not access freed memory |
| | MEM52-CPP. Detect and handle memory allocation errors |
| | MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers |
| CTR01-CPP. Do not apply the sizeof operator to a pointer when taking the size of an array |
| CTR02-CPP. Explicitly specify array bounds, even if implicitly defined by an initializer |
| | DCL01-CPP. Do not reuse variable names in subscopes |
| DCL02-CPP. Use visually distinct identifiers |
| DCL06-CPP. Use meaningful symbolic constants to represent literal values in program logic |
| DCL13-CPP. Declare function parameters that are pointers to values not changed by the function as const |
| ENV00-CPP. Beware of multiple environment variables with the same effective name |
| ENV02-CPP. Do not call system() if you do not need a command processor |
| ERR05-CPP. Application-independent code should provide error detection without dictating error handling |
| EXP01-CPP. Do not take the size of a pointer to determine the size of the pointed-to type |
| EXP02-CPP. Be aware of the short-circuit behavior of the logical AND and OR operators |
| EXP09-CPP. Use sizeof to determine the size of a type or variable |
| EXP12-CPP. Do not ignore values returned by functions or methods |
| EXP15-CPP. Beware of integer promotion when performing bitwise operations on chars or shorts |
| EXP19-CPP. Do not perform assignments in conditional expressions |
| FIO01-CPP. Be careful using functions that use file names for identification |
| FIO02-CPP. Canonicalize path names originating from untrusted sources |
| FIO04-CPP. Detect and handle input and output errors |
| FIO07-CPP. Prefer fseek() to rewind() |
| FIO12-CPP. Prefer setvbuf() to setbuf() |
| FIO19-CPP. Do not create temporary files in shared directories |
| FLP02-CPP. Avoid using floating point numbers when precise computation is needed |
| FLP03-CPP. Detect and handle floating point errors |
| FLP05-CPP. Convert integers to floating point for floating point operations |
| INT05-CPP. Do not use input functions to convert character data if they cannot handle all possible inputs |
| INT06-CPP. Use strtol() or a related function to convert a string token to an integer |
| INT07-CPP. Use only explicitly signed or unsigned char type for numeric values |
| | INT09-CPP. Ensure enumeration constants map to unique values |
| INT11-CPP. Take care when converting from pointer to integer or integer to pointer |
| INT12-CPP. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| INT13-CPP. Use bitwise operators only on unsigned operands |
| INT18-CPP. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| MEM01-CPP. Store a valid value in pointers immediately after deallocation |
| MEM02-CPP. Immediately cast the result of a memory allocation function call into a pointer to the allocated type |
| MEM11-CPP. Allocate and free memory in the same module, at the same level of abstraction |
| MSC02-CPP. Avoid errors of omission |
| MSC03-CPP. Avoid errors of addition |
| MSC05-CPP. Do not manipulate time_t typed values directly |
| | MSC18-CPP. Finish every set of statements associated with a case label with a break statement |
| MSC21-CPP. Use inequality to terminate a loop whose counter changes by more than one |
| SIG01-CPP. Understand implementation-specific details regarding signal handler persistence |
| STR03-CPP. Do not inadvertently truncate a null-terminated character array |
| STR04-CPP. Use plain char for characters in the basic character set |
| STR08-CPP. Do not specify the bound of a character array initialized with a string literal |
