Page History

These checkers enforce the CERT C Secure Coding rules.

This code has been developed and tested on an i386 workstation running Linux (2.6.16.60) and g++ (3.4.4)

This code depends on ROSE 0.9.3a, which is available for free download from:

http://rosecompiler.org/^{Image Removed}

ROSE 0.9.3a also depends on the BOOST C++ library, version 1.3.5, which is available for free download from:

http://www.boost.org/^{Image Removed}

First make sure that the ROSE environment variable points to the build directory of ROSE:

export ROSE=/usr/local/rose/compileTree

Building Diagnose
-----------------

To build the ROSE 'diagnose' program, which runs secure coding rules:

make pgms

To test diagnose on the code samples from the CERT C Secure Coding Rules:

make tests

To build API documentation pages, you must have doxygen installed:

make doc

To clean documentation pages and build files:

make clean

Running Diagnose
----------------

To run the diagnose program on a C file, simply pass the C file as an argument:

diagnose hello.c

, and are freely available from Rosecheckers Github project. For questions regarding the CERT ROSE checkers, contact info@sei.cmu.edu.

Getting Rosecheckers code from source or container

You can get the rosecheckers code from source or a container from Rosecheckers Github project.

Follow the instructions on the Readme of that project site.If the C file violates some secure coding rules, the diagnose program will print them out. If the diagnose program can not find any violations, it prints nothing.

Secure Coding Rules Enforced by

...

Rosecheckers

The SEI CERT C Secure Coding Standard is freely available.

The C Secure Coding Rules are available at:

https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard^{Image Removed}

Here is a breakdown of how thoroughly diagnose Rosecheckers enforces the C Secure Coding Rules and Recommendations:

...

...

...

...

...