SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 106

changes.mady.by.user Lisa Robertson

Saved on

compared with

New Version Current

changes.mady.by.user Jon O'Donnell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccFF
langc
#include <stdio.h>
void func(void) {
  int val = 0; 
  /* ... */ 
  ++val;
  size_t align = _Alignof(int[val]);
  printf("%zu, %d\n", align, val);
  /* ... */
}

...

If expressions that appear to produce side effects are supplied to an operator that does not evaluate its operands, the results may be different than expected. Depending on how this result is used, it can lead to unintended program behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP44-C

Low

Unlikely

Low

P3

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

alignof-side-effect
generic-selection-side-effect
sizeof

Fully checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-EXP44
Clang
Include Page
Clang_V
Clang_V
-Wunevaluated-expressionCan diagnose some instance of this rule, but not all (such as the _Alignof NCCE).
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
LANG.STRUCT.SE.SIZEOF
LANG.STRUCT.SE.CGEN
Side effects in sizeof
Side Effects in C Generic Selection
Compass/ROSE

 

 




Coverity
Include Page
Coverity_V
Coverity_V

MISRA C 2004 Rule 12.3

Partially implemented
 

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.EXP06

Fully implemented

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C3307
Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.SIZEOF.SIDE_EFFECT
 

LDRA tool suite
Include Page
LDRA_V
LDRA_V

54 S, 653 S

Fully implemented

Parasoft C/C++test
9.5JSF-166{b,c}Fully implementedPRQA QA-C Include Page
Include Page
Parasoft_V
Parasoft_V

CERT_C-EXP44-a
CERT_C-EXP44-b

Object designated by a volatile lvalue should not be accessed in the operand of the sizeof operator
The function call that causes the side effect shall not be the operand of the sizeof operator

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

9006

Partially supported: reports use of sizeof with an expression that would have side effects

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule EXP44-C


Checks for situations when side effects of specified expressions are ignored (rule fully covered)

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V568
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V

alignof-side-effect
generic-selection-side-effect
sizeof

Fully checked
PRQA QA-C_vPRQA QA-C_v3307Fully implementedClang Include PageClang_VClang_V-Wunevaluated-expression 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

CERT C
SEI CERT C++ Coding Standard
EXP52-CPP. Do not rely on side effects in unevaluated operands

...

Prior to 2018-01-12: CERT: Unspecified Relationship


...

Image Modified Image Modified Image Modified