Page History

These checkers enforce the CERT C Secure Coding rules. You can c_rules.tgz the source code.

This code has been developed and tested on an i386 workstation running
Linux (2.6.16.60) and g++ (3.4.4)

This code depends on ROSE 0.9.3a, which is available for free download
from:

http://rosecompiler.org/^{Image Removed}

ROSE 0.9.3a also depends on the BOOST C++ library, version 1.3.5,
which is available for free download from:

http://www.boost.org/^{Image Removed}

First make sure that the ROSE environment variable points to the build
directory of ROSE:

	export ROSE=/usr/local/rose/compileTree

Building Diagnose

To build the ROSE 'diagnose' program, which runs secure coding rules:

	make pgms

To test diagnose on the code samples from the CERT C Secure Coding
Rules:

	make tests

To build API documentation pages, you must have doxygen installed:

	make doc

To clean documentation pages and build files:

	make clean

Running Diagnose

To run the diagnose program on a C file, simply pass the C file as an
argument:

	diagnose hello.c

If the C file violates some secure coding rules, the diagnose program
will print them out. If the diagnose program can not find any
violations, it prints nothing.

Secure Coding Rules Enforced by Diagnose

The C Secure Coding Rules are available at:

, and are freely available from Rosecheckers Github project. For questions regarding the CERT ROSE checkers, contact info@sei.cmu.edu.

Getting Rosecheckers code from source or container

You can get the rosecheckers code from source or a container from Rosecheckers Github project.

Follow the instructions on the Readme of that project site.

Secure Coding Rules Enforced by Rosecheckers

The SEI CERT C Secure Coding Standard is freely available. https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard^{Image Removed}

Here is a breakdown of how thoroughly diagnose Rosecheckers enforces the C Secure
Coding Rules and Recommendations:

...

...

...

...

...

...

...

...