SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 22

changes.mady.by.user Joseph C. Sible

Saved on

compared with

New Version Current

changes.mady.by.user Joerg Herter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ToolVersionCheckerDescription
Astrée
Include Page
Astrée_V
Astrée_V


Supported
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
HARDCODED.AUTH
HARDCODED.DNS
HARDCODED.KEY
HARDCODED.SALT
HARDCODED.SEED
Hardcoded Authentication
Hardcoded DNS Name
Hardcoded Crypto Key
Hardcoded Crypto Salt
Hardcoded Seed in PRNG
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C3122

C++3842


Klocwork
Include Page
Klocwork_V
Klocwork_V

HCC
HCC.PWD
HCC.USER
CXX.SV.PWD.PLAIN
CXX.SV.PWD.PLAIN.LENGTH
CXX.SV.PWD.PLAIN.ZERO


Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-MSC41-a

Do not hard code string literals

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

2460

Assistance provided: reports when a literal is provided as an argument to a function parameter with the ‘noliteral’ argument Semantic; several Windows API functions are marked as such and the ‘-sem’ option can apply it to other functions as appropriate

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule MSC41-CChecks for hard coded sensitive data (rule partially covered)
RuleChecker

Include Page
RuleChecker_V
RuleChecker_V


Supported

Related Guidelines

javaMSC03-J. Never hard code sensitive information

ISO/IEC TR 24772:2010

Hard-coded Password [XYP]

MITRE CWE

CWE-259, Use of Hard-Coded Password
CWE-798, Use of Hard-Coded Credentials

...

MSC40-C. Do not violate constraints Rule 48. Miscellaneous (MSC) Rule 50. POSIX (POS)