SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 189

changes.mady.by.user Michal Rozenau

Saved on

compared with

New Version Current

changes.mady.by.user Swasti Shrivastava

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this noncompliant example, the C standard library function strchr() is called through the function pointer fp declared with a prototype with incorrectly typed arguments. According to the C Standard, 6.3.2.3, paragraph 8 [ISO/IEC 9899:20112024]

A pointer to a function of one type may be converted to a pointer to a function of another type and back again; the result shall compare equal to the original pointer. If a converted pointer is used to call a function whose type is not compatible with the referenced the referenced type, the behavior is undefined.

See undefined behavior 26.

...

V540, V541, V549, V575, V549, V575, V632, V639, V666, V671, V742, V743, V764, V1004
ToolVersionCheckerDescription
Astrée
Include Page
Astrée_V
Astrée_V

incompatible-argument-type

parameter-match

parameter-match-computed

parameter-match-type

Fully checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-EXP37
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.FUNCS.APM

Array parameter mismatch
Compass/ROSE

Can detect some violations of this rule. In particular, it ensures that all calls to open() supply exactly two arguments if the second argument does not involve O_CREAT, and exactly three arguments if the second argument does involve O_CREAT

Coverity
Include Page
Coverity_V
Coverity_V

MISRA C 2012 Rule 8.2

MISRA C 2012 Rule 17.3

Implemented

Relies on functions declared with prototypes, allow compiler to check

Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-exp37-cFully implemented

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.EXP37

Partially implemented

EDG


GCC
Include Page
GCC_V
GCC_V

Can detect violation of this rule when the -Wstrict-prototypes flag is used. However, it cannot detect violations involving variadic functions, such as the open() example described earlier

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C1331, C1332, C1333, C3002, C3320, C3335

C++0403


Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.FUNC.UNMATCHED.PARAMS
LDRA tool suite
Include Page
LDRA_V
LDRA_V

41 D, 21 S, 98 S, 170 S, 496 S, 576 S

Partially implemented
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-EXP37-a
CERT_C-EXP37-b
CERT_C-EXP37-d

Conversions shall not be performed between non compatible pointer to a function types
Specify the access permission bits if a file is created using the 'open' or 'openat' system call
Functions shall always have visible prototype at the function call

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule EXP37-C

Checks for:

  • Implicit function declaration
  • Bad file access mode or status
  • Unreliable cast of function pointer
  • Standard function call with incorrect arguments

Rule partially covered.

PRQA QAPVS-CStudio

Include Page

PRQA QA

PVS-

C

Studio_

v

V

PRQA QA

PVS-

C

Studio_

v

V

1331V540, 1332 V541, 1333, 3002, 3320, 3335Partially implementedPRQA QA-C++
Include Page
cplusplus:PRQA QA-C++_Vcplusplus:PRQA QA-C++_V0403PVS-Studio
Include Page
PVS-Studio_VPVS-Studio_V
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S930Detects incorrect argument count
RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

parameter-match

parameter-match-type

Partially checked
TrustInSoft Analyzer

Include Page
TrustInSoft Analyzer_V
TrustInSoft Analyzer_V

unclassified ("function type matches")Partially verified (see one compliant and one non-compliant example).

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

  • Wrong argument values or references


Bibliography

[CVE]CVE-2006-1174
[ISO/IEC 9899:2011]6.35.2.32, "Pointers"Function Calls"
[ISO/IEC 9899:2024]6.53.2.23, "Function CallsPointers"
[IEEE Std 1003.1:2013]open()
[Spinellis 2006]Section 2.6.1, "Incorrect Routine or Arguments"

...