SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 193

changes.mady.by.user Arthur Hicken

Saved on

compared with

New Version Current

changes.mady.by.user Jon O'Donnell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.TEMP.*

BADFUNC.TMPFILE_S

BADFUNC.TMPNAM_S

A collection of checks that report uses of library functions associated with temporary file vulnerabilities

Use of tmpfile_s

Use of tmpnam_s

Compass/ROSE



Can detect violations of this recommendation. Specifically, Rose reports use of tmpnam(), tmpnam_s(), tmpfile(), and mktemp()

Coverity6.5SECURE_TEMPFully implemented
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5016
LDRA tool suite
Include Page
LDRA_V
LDRA_V

44 S

Enhanced enforcement

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
SECURITY-19CERT_C-FIO21-a
Usage of functions prone to race is not allowedImplemented
Polyspace Bug FinderR2016aUse of non-secure temporary file

Temporary generated file name not secure

PRQA QA-C
Include Page

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. FIO21-CChecks for non-secure temporary file (rec. partially covered)PRQA QA-C_vPRQA QA-C_v5016Partially implemented


Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...