Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Generated Content
Info
title
Note

This page is was automatically generated from the "Automated Detection" sections in the individual guidelines. Do not modify this page directly.

Version number:
v5.0 

and should not be edited.

Note

The information on this page was provided by outside contributors and has not been verified by SEI CERT.

Tip

The table below can be re-ordered, by clicking column headers.

...

Include Page
Rose_V
Rose_V

Checker

Guideline

MEM50-CPP. Do not access freed memory
MEM52-CPP. Detect and handle memory allocation errors
MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers
Can detect simple violations of this rule. It needs to examine each expression and make sure that no variable is modified twice in the expression. It also must check that no variable is modified once, then read elsewhere, with the single exception that a variable may appear on both the left and right of an assignment operator EXP50-CPP. Do not depend on the order of evaluation for side effects

C++ checkers

Rule

 

ARR01-CPP. Do not apply the sizeof operator to a pointer when taking the size of an array

 

ARR02-CPP. Explicitly specify array bounds, even if implicitly defined by an initializer

 

ARR30-CPP. Guarantee that array and vector indices are within the valid range

 

DCL01-CPP. Do not reuse variable names in subscopes

 

DCL02-CPP. Use visually distinct identifiers

 

DCL06-CPP. Use meaningful symbolic constants to represent literal values in program logic

 

DCL13-CPP. Declare function parameters that are pointers to values not changed by the function as const

 

DCL30-CPP. Declare objects with appropriate storage durations

 

EXP06-CPP. Operands to the sizeof operator should not contain side effects

 

EXP09-CPP. Use sizeof to determine the size of a type or variable

 

EXP12-CPP. Do not ignore values returned by functions or methods

 

EXP15-CPP. Beware of integer promotion when performing bitwise operations on chars or shorts

 

EXP19-CPP. Do not perform assignments in conditional expressions

 

EXP30-CPP. Do not depend on order of evaluation between sequence points

 

EXP32-CPP. Do not access a volatile object through a non-volatile reference

 

EXP35-CPP. Do not cast away a const qualification

 

EXP36-CPP. Do not convert pointers into more strictly aligned pointer types

 

EXP37-CPP. Call variadic functions with the arguments intended by the API

 

FIO07-CPP. Prefer fseek() to rewind()

 

FIO12-CPP. Prefer setvbuf() to setbuf()

 

FIO30-CPP. Exclude user input from format strings

 

FIO32-CPP. Do not perform operations on devices that are only appropriate for files

 

FIO37-CPP. Do not assume character data has been read

 

FIO38-CPP. Do not use a copy of a FILE object for input and output

 

FIO39-CPP. Do not alternately input and output from a stream without an intervening flush or positioning call

 

FIO44-CPP. Only use values for fsetpos() that are returned from fgetpos()

 

FLP30-CPP. Do not use floating point variables as loop counters

 

FLP34-CPP. Ensure that floating point conversions are within range of the new type

 

INT07-CPP. Use only explicitly signed or unsigned char type for numeric values

 

INT09-CPP. Ensure enumeration constants map to unique values

 

INT12-CPP. Do not make assumptions about the type of a plain int bit-field when used in an expression

 

INT13-CPP. Use bitwise operators only on unsigned operands

 

INT30-CPP. Ensure that unsigned integer operations do not wrap

 

INT31-CPP. Ensure that integer conversions do not result in lost or misinterpreted data

 

INT33-CPP. Ensure that division and modulo operations do not result in divide-by-zero errors

 

INT34-CPP. Do not shift a negative number of bits or more bits than exist in the operand

 

MEM02-CPP. Immediately cast the result of a memory allocation function call into a pointer to the allocated type

 

MSC05-CPP. Do not manipulate time_t typed values directly

 

MSC18-CPP. Finish every set of statements associated with a case label with a break statement

 

MSC30-CPP. Do not use the rand() function for generating pseudorandom numbers

 

STR04-CPP. Use plain char for characters in the basic character set

 

STR34-CPP. Cast characters to unsigned types before converting to larger integer sizes

 

STR36-CPP. Do not specify the bound of a character array initialized with a string literal

 

STR37-CPP. Arguments to character handling functions must be representable as an unsigned char