SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 140

changes.mady.by.user Jill Britton

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

0179 (U), 0184 (U), 0185 (U), 0186 (U), 0190 (U),

0191 (U), 0192 (U), 0193 (U), 0194 (U), 0195 (U),

0196 (U), 0197 (U), 0198 (U), 0199 (U), 0200 (U),

0201 (U), 0206 (U), 0207, 0208

Partially implemented

Tool

Version

Checker

Description

Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-DCL11
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.ELLIPSIS


Ellipsis

Compass/ROSE



Does not currently detect violations of this recommendation. Although the recommendation in general cannot be automated, because of the difficulty in enforcing contracts between a variadic function and its invokers, it would be fairly easy to enforce type correctness on arguments to the printf() family of functions

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.DCL11

Partially implemented

GCC
Include Page
GCC_V
GCC_V


Warns about inconsistently typed arguments to formatted output functions when the -Wall is used

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C0179, C0184, C0185, C0186, C0190, C0191, C0192, C0193, C0194, C0195, C0196, C0197, C0198, C0199, C0200, C0201, C0206, C0207, C0208


Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.FUNC.VARARG
SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD
SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED
SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD
SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED
SV.FMT_STR.PRINT_IMPROP_LENGTH
SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW
SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY
SV.FMT_STR.UNKWN_FORMAT.SCAN
LDRA tool suite
Include Page
LDRA_V
LDRA_V

41 S, 589 S

Partially implemented

Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-DCL11-a
CERT_C-DCL11-b
CERT_C-DCL11-c
CERT_C-DCL11-d
CERT_C-DCL11-e
CERT_C-DCL11-f


There should be no mismatch between the '%s' and '%c' format specifiers in the format string and their corresponding arguments in the invocation of a string formatting function
There should be no mismatch between the '%f' format specifier in the format string and its corresponding argument in the invocation of a string formatting function
There should be no mismatch between the '%i' and '%d' format specifiers in the string and their corresponding arguments in the invocation of a string formatting function
There should be no mismatch between the '%u' format specifier in the format string and its corresponding argument in the invocation of a string formatting function
There should be no mismatch between the '%p' format specifier in the format string and its corresponding argument in the invocation of a string formatting function
The number of format specifiers in the format string and the number of corresponding arguments in the invocation of a string formatting function should be equal

Parasoft Insure++

Runtime analysis
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

175, 559, 2408

Assistance provided: reports issues involving format strings

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. DCL11-C


Checks for format string specifiers and arguments mismatch (rec. partially covered)

PRQA QA-C
Include Page
PRQA QA-C_vPRQA QA-C_v
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V576

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this recommendation on the CERT website.

...