Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Infonote

This page was automatically generated and should not be edited.

Note

The information on this page was provided by outside contributors and has not been verified by SEI CERT.

Tip

The table below can be re-ordered, by clicking column headers.

...

Include Page
c:Polyspace Bug Finder_Vc:
Polyspace Bug Finder_V

Checker

Guideline

Arithmetic operation with NULL pointer EXP34-C. Do not dereference null pointers
Array access out of bounds ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
Array access out of bounds API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
Array access with tainted index ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
Array access with tainted index API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
Bad file access mode or status FIO11-C. Take care when specifying the mode parameter of fopen()
Buffer overflow from incorrect string format specifier STR03-C. Do not inadvertently truncate a string
Closing a previously closed resource FIO46-C. Do not access a closed file
Command executed from externally controlled path ENV33-C. Do not call system()
Command executed from externally controlled path STR02-C. Sanitize data passed to complex subsystems
Copy of overlapping memory EXP43-C. Avoid undefined behavior when using restrict-qualified pointers
Data race CON32-C. Prevent data races when accessing bit-fields from multiple threads
Data race CON43-C. Do not allow data races in multithreaded code
Data race POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed
Data race CON09-C. Avoid the ABA problem when using lock-free algorithms
Dead code MSC01-C. Strive for logical completeness
Dead code MSC07-C. Detect and remove dead code
Dead code MSC12-C. Detect and remove code that has no effect or is never executed
Deadlock CON35-C. Avoid deadlock by locking in a predefined order
Deadlock POS51-C. Avoid deadlock with POSIX threads by locking in predefined order
Deallocation of previously deallocated pointer MEM30-C. Do not access freed memory
Deallocation of previously deallocated pointer MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
Declaration mismatch DCL40-C. Do not create incompatible declarations of the same function or object
Declaration mismatch EXP37-C. Call functions with the correct number and type of arguments
Destination buffer overflow in string manipulation STR38-C. Do not confuse narrow and wide character strings and functions
CERT C: DCL00-C DCL00-C. Const-qualify immutable objects
CERT C: Rec. API04-C API04-C. Provide a consistent and usable error-checking mechanism
CERT C: Rec. ARR01-C ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array
CERT C: Rec. ARR02-C ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer
CERT C: Rec. CON01-C CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction
CERT C: Rec. CON05-C CON05-C. Do not perform operations that can block while holding a lock
CERT C: Rec. DCL01-C DCL01-C. Do not reuse variable names in subscopes
CERT C: Rec. DCL02-C DCL02-C. Use visually distinct identifiers
CERT C: Rec. DCL06-C DCL06-C. Use meaningful symbolic constants to represent literal values
CERT C: Rec. DCL07-C DCL07-C. Include the appropriate type information in function declarators
CERT C: Rec. DCL10-C DCL10-C. Maintain the contract between the writer and caller of variadic functions
CERT C: Rec. DCL11-C DCL11-C. Understand the type issues associated with variadic functions
CERT C: Rec. DCL12-C DCL12-C. Implement abstract data types using opaque types
CERT C: Rec. DCL13-C DCL13-C. Declare function parameters that are pointers to values not changed by the function as const
CERT C: Rec. DCL15-C DCL15-C. Declare file-scope objects or functions that do not need external linkage as static
CERT C: Rec. DCL16-C DCL16-C. Use "L," not "l," to indicate a long value
CERT C: Rec. DCL18-C DCL18-C. Do not begin integer constants with 0 when specifying a decimal value
CERT C: Rec. DCL19-C DCL19-C. Minimize the scope of variables and functions
CERT C: Rec. DCL22-C DCL22-C. Use volatile for data that cannot be cached
CERT C: Rec. DCL23-C DCL23-C. Guarantee that mutually visible identifiers are unique
CERT C: Rec. ENV01-C Destination buffer overflow in string manipulation ENV01-C. Do not make assumptions about the size of an environment variable
Destination buffer overflow in string manipulation STR07-C. Use the bounds-checking interfaces for string manipulation
Deterministic random output from constant seed MSC32-C. Properly seed pseudorandom number generators
Execution of externally controlled command ENV33-C. Do not call system()
Execution of externally controlled command STR02-C. Sanitize data passed to complex subsystems
File access between time of check and use (TOCTOU) FIO45-C. Avoid TOCTOU race conditions while accessing files
File access between time of check and use (TOCTOU) POS35-C. Avoid race conditions while checking for the existence of a symbolic link
File access between time of check and use (TOCTOU) FIO01-C. Be careful using functions that use file names for identification
File manipulation after chroot() without chdir("/") POS05-C. Limit access to files by creating a jail
Float conversion overflow FLP34-C. Ensure that floating-point conversions are within range of the new type
Float conversion overflow FLP03-C. Detect and handle floating-point errors
Float division by zero FLP03-C. Detect and handle floating-point errors
Float overflow FLP03-C. Detect and handle floating-point errors
Float overflow FLP06-C. Convert integers to floating point for floating-point operations
Format string specifiers and arguments mismatch EXP37-C. Call functions with the correct number and type of arguments
Format string specifiers and arguments mismatch DCL11-C. Understand the type issues associated with variadic functions
Hard coded buffer size DCL06-C. Use meaningful symbolic constants to represent literal values
Hard coded loop boundary DCL06-C. Use meaningful symbolic constants to represent literal values
Improper array initialization ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer
Incorrect pointer scaling EXP08-C. Ensure pointer arithmetic is used correctly
Integer conversion overflow INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
Integer conversion overflow FLP34-C. Ensure that floating-point conversions are within range of the new type
Integer conversion overflow INT02-C. Understand integer conversion rules
Integer conversion overflow INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
Integer division by zero INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
Integer overflow INT32-C. Ensure that operations on signed integers do not result in overflow
CERT C: Rec. ERR00-C ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy
CERT C: Rec. EXP00-C EXP00-C. Use parentheses for precedence of operation
CERT C: Rec. EXP05-C EXP05-C. Do not cast away a const qualification
CERT C: Rec. EXP08-C EXP08-C. Ensure pointer arithmetic is used correctly
CERT C: Rec. EXP09-C EXP09-C. Use sizeof to determine the size of a type or variable
CERT C: Rec. EXP10-C EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place
CERT C: Rec. EXP12-C EXP12-C. Do not ignore values returned by functions
CERT C: Rec. EXP13-C EXP13-C. Treat relational and equality operators as if they were nonassociative
CERT C: Rec. EXP15-C EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement
CERT C: Rec. EXP19-C EXP19-C. Use braces for the body of an if, for, or while statement
CERT C: Rec. FIO02-C FIO02-C. Canonicalize path names originating from tainted sources
CERT C: Rec. FIO11-C FIO11-C. Take care when specifying the mode parameter of fopen()
CERT C: Rec. FIO21-C FIO21-C. Do not create temporary files in shared directories
CERT C: Rec. FIO24-C FIO24-C. Do not open a file that is already open
CERT C: Rec. FLP00-C FLP00-C. Understand the limitations of floating-point numbers
CERT C: Rec. FLP02-C FLP02-C. Avoid using floating-point numbers when precise computation is needed
CERT C: Rec. FLP03-C FLP03-C. Detect and handle floating-point errors
CERT C: Rec. FLP06-C FLP06-C. Convert integers to floating point for floating-point operations
CERT C: Rec. INT00-C Integer overflow INT00-C. Understand the data model used by your implementation(s)
Integer overflow CERT C: Rec. INT02-C INT02-C. Understand integer conversion rules
CERT C: Rec. INT04-C INT04-C. Enforce limits on integer values originating from tainted sources
CERT C: Rec. INT07-C INT07-C. Use only explicitly signed or unsigned char type for numeric values
CERT C: Rec. INT08-C Integer overflow INT08-C. Verify that all integer values are in range
Integer overflow INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
CERT C: Rec. INT09-C INT09-C. Ensure enumeration constants map to unique values
CERT C: Rec. INT10-C INT10 Invalid assumptions about memory organization ARR37-C. Do not add or subtract an integer to a pointer to a non-array object
Invalid free of pointer MEM34-C. Only free memory allocated dynamically
Invalid free of pointer MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
Invalid use of = operator EXP45-C. Do not perform assignments in selection statements
Invalid use of standard library floating point routine FLP32-C. Prevent or detect domain and range errors in math functions
Invalid use of standard library floating point routine FLP03-C. Detect and handle floating-point errors
Invalid use of standard library memory routine API00-C. Functions should validate their parameters
Invalid use of standard library routine API00-C. Functions should validate their parameters
Invalid use of standard library string routine STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
Invalid use of standard library string routine API00-C. Functions should validate their parameters
Invalid va_list argument MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value
Library loaded from externally controlled path STR02-C. Sanitize data passed to complex subsystems
Library loaded from externally controlled path WIN00-C. Be specific when dynamically loading libraries
Load of library from a relative path can be controlled by an external actor WIN00-C. Be specific when dynamically loading libraries
Loop bounded with tainted value INT04-C. Enforce limits on integer values originating from tainted sources
Loop bounded with tainted value MSC21-C. Use robust loop termination conditions
MISRA2012-DIR-1_1 FLP30-C. Do not use floating-point variables as loop counters
MISRA2012-RULE-13_2 PRE31-C. Avoid side effects in arguments to unsafe macros
MISRA2012-RULE-13_2 EXP30-C. Do not depend on the order of evaluation for side effects
MISRA2012-RULE-14_1 FLP30-C. Do not use floating-point variables as loop counters
MISRA2012-RULE-16_1 DCL41-C. Do not declare variables inside a switch statement before the first case label
MISRA2012-RULE-17_3 DCL31-C. Declare identifiers before using them
MISRA2012-RULE-17_3 DCL36-C. Do not declare an identifier with conflicting linkage classifications
MISRA2012-RULE-21_1 DCL37-C. Do not declare or define a reserved identifier
MISRA2012-RULE-21_2 DCL37-C. Do not declare or define a reserved identifier
MISRA2012-RULE-8_1 DCL31-C. Declare identifiers before using them
MISRA2012-RULE-8_2 DCL36-C. Do not declare an identifier with conflicting linkage classifications
MISRA2012-RULE-8_4 DCL36-C. Do not declare an identifier with conflicting linkage classifications
MISRA2012-RULE-8_8 DCL36-C. Do not declare an identifier with conflicting linkage classifications
Memory allocation with tainted size MEM35-C. Allocate sufficient memory for an object
Memory allocation with tainted size INT04-C. Enforce limits on integer values originating from tainted sources
Memory allocation with tainted size MEM07-C. Ensure that the arguments to calloc(), when multiplied, do not wrap
Memory allocation with tainted size MEM10-C. Define and use a pointer validation function
Memory allocation with tainted size MEM11-C. Do not assume infinite heap space
Memory leak MEM31-C. Free dynamically allocated memory when no longer needed
Memory leak MEM11-C. Do not assume infinite heap space
Memory leak MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources
Missing case for switch condition MSC01-C. Strive for logical completeness
Missing case for switch condition MSC07-C. Detect and remove dead code
Missing lock CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction
Missing null in string array STR11-C. Do not specify the bound of a character array initialized with a string literal
Missing return statement MSC37-C. Ensure that control never reaches the end of a non-void function
Missing unlock MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources
Modification of internal buffer returned from nonreentrant standard function ENV30-C. Do not modify the object referenced by the return value of certain functions
Modification of internal buffer returned from nonreentrant standard function STR06-C. Do not assume that strtok() leaves the parse string unchanged
Non-initialized pointer EXP33-C. Do not read uninitialized memory
Non-initialized variable EXP33-C. Do not read uninitialized memory
Non-initialized variable MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value
Null pointer EXP34-C. Do not dereference null pointers
Pointer access out of bounds EXP39-C. Do not access a variable through a pointer of an incompatible type
assume a positive remainder when using the % operator
CERT C: Rec. INT12-C INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression
CERT C: Rec. INT13-C INT13-C. Use bitwise operators only on unsigned operands
CERT C: Rec. INT14-C INT14-C. Avoid performing bitwise and arithmetic operations on the same data
CERT C: Rec. INT18-C INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
CERT C: Rec. MEM00-C MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
CERT C: Rec. MEM01-C MEM01-C. Store a new value in pointers immediately after free()
CERT C: Rec. MEM02-C MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type
CERT C: Rec. MEM03-C MEM03-C. Clear sensitive information stored in reusable resources
CERT C: Rec. MEM04-C MEM04-C. Beware of zero-length allocations
CERT C: Rec. MEM05-C MEM05-C. Avoid large stack allocations
CERT C: Rec. MEM06-C MEM06-C. Ensure that sensitive data is not written out to disk
CERT C: Rec. MEM11-C MEM11-C. Do not assume infinite heap space
CERT C: Rec. MEM12-C MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources
CERT C: Rec. MSC01-C MSC01-C. Strive for logical completeness
CERT C: Rec. MSC04-C MSC04-C. Use comments consistently and in a readable fashion
CERT C: Rec. MSC12-C MSC12-C. Detect and remove code that has no effect or is never executed
CERT C: Rec. MSC13-C MSC13-C. Detect and remove unused values
CERT C: Rec. MSC15-C MSC15-C. Do not depend on undefined behavior
CERT C: Rec. MSC17-C MSC17-C. Finish every set of statements associated with a case label with a break statement
CERT C: Rec. MSC18-C MSC18-C. Be careful while handling sensitive data, such as passwords, in program code
CERT C: Rec. MSC20-C MSC20-C. Do not use a switch statement to transfer control into a complex block
CERT C: Rec. MSC21-C MSC21-C. Use robust loop termination conditions
CERT C: Rec. MSC22-C MSC22-C. Use the setjmp(), longjmp() facility securely
CERT C: Rec. MSC24-C MSC24-C. Do not use deprecated or obsolescent functions
CERT C: Rec. POS05-C POS05-C. Limit access to files by creating a jail
CERT C: Rec. PRE00-C PRE00-C. Prefer inline or static functions to function-like macros
CERT C: Rec. PRE01-C PRE01-C. Use parentheses within macros around parameter names
CERT C: Rec. PRE06-C PRE06-C. Enclose header files in an include guard
CERT C: Rec. PRE07-C PRE07-C. Avoid using repeated question marks
CERT C: Rec. PRE09-C PRE09-C. Do not replace secure functions with deprecated or obsolescent functions
CERT C: Rec. PRE10-C PRE10-C. Wrap multistatement macros in a do-while loop
CERT C: Rec. PRE11-C PRE11-C. Do not conclude macro definitions with a semicolon
CERT C: Rec. STR02-C STR02-C. Sanitize data passed to complex subsystems
CERT C: Rec. STR03-C STR03-C. Do not inadvertently truncate a string
CERT C: Rec. STR07-C STR07-C. Use the bounds-checking interfaces for string manipulation
CERT C: Rec. STR11-C STR11-C. Do not specify the bound of a character array initialized with a string literal
CERT C: Rec. WIN00-C WIN00-C. Be specific when dynamically loading libraries
CERT C: Rule ARR30-C ARR30-C. Do not form Pointer access out of bounds ARR30-C. Do not form or use out-of-bounds pointers or array subscripts Pointer access out of bounds
CERT C: Rule ARR32-C ARR32 MEM35-C. Allocate sufficient memory for an object
Pointer access out of bounds API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
Pointer access out of bounds EXP08-C. Ensure pointer arithmetic is used correctly
Ensure size arguments for variable length arrays are in a valid range
CERT C: Rule ARR36-C ARR36-C. Do not subtract or compare two pointers that do not refer to the same array
CERT C: Rule ARR37-C ARR37 Pointer dereference with tainted offset ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
Pointer or reference to stack variable leaving scope DCL30-C. Declare objects with appropriate storage durations
Possible misuse of sizeof ARR00-C. Understand how arrays work
Possible misuse of sizeof ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array
Possibly unintended evaluation of expression because of operator precedence rules EXP00-C. Use parentheses for precedence of operation
Possibly unintended evaluation of expression because of operator precedence rules EXP13-C. Treat relational and equality operators as if they were nonassociative
Predictable random output from predictable seed MSC32-C. Properly seed pseudorandom number generators
Qualifier removed in conversion EXP32-C. Do not access a volatile object through a nonvolatile reference
Qualifier removed in conversion EXP37-C. Call functions with the correct number and type of arguments
Qualifier removed in conversion EXP05-C. Do not cast away a const qualification
Resource leak FIO42-C. Close files when they are no longer needed
Resource leak MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources
Sensitive data printed out MEM06-C. Ensure that sensitive data is not written out to disk
Sensitive heap memory not cleared before release MEM03-C. Clear sensitive information stored in reusable resources
Sensitive heap memory not cleared before release MSC18-C. Be careful while handling sensitive data, such as passwords, in program code
Shift of a negative value INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
Shift operation overflow INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
Sign change integer conversion overflow INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
Standard function call with incorrect arguments EXP37-C. Call functions with the correct number and type of arguments
Standard function call with incorrect arguments STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
add or subtract an integer to a pointer to a non-array object
CERT C: Rule ARR38-C ARR38-C. Guarantee that library functions do not form invalid pointers
CERT C: Rule ARR39-C ARR39-C. Do not add or subtract a scaled integer to a pointer
CERT C: Rule CON30-C CON30-C. Clean up thread-specific storage
CERT C: Rule CON31-C CON31-C. Do not destroy a mutex while it is locked
CERT C: Rule CON32-C CON32-C. Prevent data races when accessing bit-fields from multiple threads
CERT C: Rule CON33-C CON33-C. Avoid race conditions when using library functions
CERT C: Rule CON34-C CON34-C. Declare objects shared between threads with appropriate storage durations
CERT C: Rule CON35-C CON35-C. Avoid deadlock by locking in a predefined order
CERT C: Rule CON36-C CON36-C. Wrap functions that can spuriously wake up in a loop
CERT C: Rule CON37-C CON37-C. Do not call signal() in a multithreaded program
CERT C: Rule CON38-C CON38-C. Preserve thread safety and liveness when using condition variables
CERT C: Rule CON39-C CON39-C. Do not join or detach a thread that was previously joined or detached
CERT C: Rule CON40-C CON40-C. Do not refer to an atomic variable twice in an expression
CERT C: Rule CON41-C CON41-C. Wrap functions that can fail spuriously in a loop
CERT C: Rule CON43-C CON43-C. Do not allow data races in multithreaded code
CERT C: Rule DCL30-C DCL30-C. Declare objects with appropriate storage durations
CERT C: Rule DCL31-C DCL31-C. Declare identifiers before using them
CERT C: Rule DCL36-C DCL36-C. Do not declare an identifier with conflicting linkage classifications
CERT C: Rule DCL37-C DCL37-C. Do not declare or define a reserved identifier
CERT C: Rule DCL38-C DCL38-C. Use the correct syntax when declaring a flexible array member
CERT C: Rule DCL39-C DCL39-C. Avoid information leakage when passing a structure across a trust boundary
CERT C: Rule DCL40-C DCL40-C. Do not create incompatible declarations of the same function or object
CERT C: Rule DCL41-C DCL41-C. Do not declare variables inside a switch statement before the first case label
CERT C: Rule ENV30-C ENV30-C. Do not modify the object referenced by the return value of certain functions
CERT C: Rule ENV31-C ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it
CERT C: Rule ENV32-C ENV32-C. All exit handlers must return normally
CERT C: Rule ENV33-C ENV33-C. Do not call system()
CERT C: Rule ENV34-C ENV34-C. Do not store pointers returned by certain functions
CERT C: Rule ERR30-C ERR30-C. Take care when reading errno
CERT C: Rule ERR32-C ERR32-C. Do not rely on indeterminate values of errno
CERT C: Rule ERR33-C ERR33-C. Detect and handle standard library errors
CERT C: Rule ERR34-C ERR34-C. Detect errors when converting a string to a number
CERT C: Rule EXP30-C EXP30-C. Do not depend on the order of evaluation for side effects
CERT C: Rule EXP32-C EXP32-C. Do not access a volatile object through a nonvolatile reference
CERT C: Rule EXP33-C EXP33-C. Do not read uninitialized memory
CERT C: Rule EXP34-C EXP34-C. Do not dereference null pointers
CERT C: Rule EXP36-C EXP36-C. Do not cast pointers into more strictly aligned pointer types
CERT C: Rule EXP37-C EXP37-C. Call functions with the correct number and type of arguments
CERT C: Rule EXP39-C EXP39-C. Do not access a variable through a pointer of an incompatible type
CERT C: Rule EXP40-C EXP40-C. Do not modify constant objects
CERT C: Rule EXP42-C EXP42-C. Do not compare padding data
CERT C: Rule EXP43-C EXP43-C. Avoid undefined behavior when using restrict-qualified pointers
CERT C: Rule EXP44-C EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic
CERT C: Rule EXP45-C EXP45-C. Do not perform assignments in selection statements
CERT C: Rule EXP46-C EXP46-C. Do not use a bitwise operator with a Boolean-like operand
CERT C: Rule EXP47-C EXP47-C. Do not call va_arg with an argument of the incorrect type
CERT C: Rule FIO30-C FIO30-C. Exclude user input from format strings
CERT C: Rule FIO32-C FIO32-C. Do not perform operations on devices that are only appropriate for files
CERT C: Rule FIO34-C FIO34-C. Distinguish between characters read from a file and EOF or WEOF
CERT C: Rule FIO37-C FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful
CERT C: Rule FIO38-C FIO38-C. Do not copy a FILE object
CERT C: Rule FIO39-C FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call
CERT C: Rule FIO40-C FIO40-C. Reset strings on fgets() or fgetws() failure
CERT C: Rule FIO41-C FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
CERT C: Rule FIO42-C FIO42-C. Close files when they are no longer needed
CERT C: Rule FIO44-C FIO44-C. Only use values for fsetpos() that are returned from fgetpos()
CERT C: Rule FIO45-C FIO45-C. Avoid TOCTOU race conditions while accessing files
CERT C: Rule FIO46-C Standard function call with incorrect arguments FIO46-C. Do not access a closed file
Standard function call with incorrect arguments API00-C. Functions should validate their parameters
Tainted Data Defects API00-C. Functions should validate their parameters
Tainted NULL or non-null-terminated string STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
Tainted NULL or non-null-terminated string ENV01-C. Do not make assumptions about the size of an environment variable
Tainted division operand INT32-C. Ensure that operations on signed integers do not result in overflow
Tainted division operand INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
CERT C: Rule FIO47-C FIO47-C. Use valid format strings
CERT C: Rule FLP30-C FLP30-C. Do not use floating-point variables as loop counters
CERT C: Rule FLP34-C FLP34-C. Ensure that floating-point conversions are within range of the new type
CERT C: Rule FLP37-C FLP37-C. Do not use object representations to compare floating-point values
CERT C: Rule INT30-C INT30-C. Ensure that unsigned integer operations do not wrap
CERT C: Rule INT31-C INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
CERT C: Rule INT32-C INT32-C. Ensure that operations on signed integers do not result in overflow
CERT C: Rule INT33-C Tainted modulo operand INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
CERT C: Rule INT34-C INT34 Tainted modulo operand INT10-C. Do not assume a positive remainder when using the % operator
Tainted sign change conversion INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
Tainted sign change conversion INT02-C. Understand integer conversion rules
Tainted sign change conversion MEM04-C. Beware of zero-length allocations
Tainted sign change conversion MEM11-C. Do not assume infinite heap space
Tainted sign change conversion MSC21-C. Use robust loop termination conditions
Tainted size of variable length array ARR32-C. Ensure size arguments for variable length arrays are in a valid range
Tainted size of variable length array INT04-C. Enforce limits on integer values originating from tainted sources
Tainted size of variable length array MEM04-C. Beware of zero-length allocations
Tainted size of variable length array MEM05-C. Avoid large stack allocations
Tainted string format FIO30-C. Exclude user input from format strings
Umask used with chmod-style arguments FIO06-C. Create files with appropriate access permissions
Uncleared sensitive data in stack MEM03-C. Clear sensitive information stored in reusable resources
Uncleared sensitive data in stack MSC18-C. Be careful while handling sensitive data, such as passwords, in program code
Unprotected dynamic memory allocation MEM10-C. Define and use a pointer validation function
Unprotected dynamic memory allocation MEM11-C. Do not assume infinite heap space
Unreachable code MSC01-C. Strive for logical completeness
Unreachable code MSC07-C. Detect and remove dead code
Unreachable code MSC12-C. Detect and remove code that has no effect or is never executed
Unreliable cast of function pointer EXP37-C. Call functions with the correct number and type of arguments
Unreliable cast of pointer EXP36-C. Do not cast pointers into more strictly aligned pointer types
Unsafe standard encryption function MSC18-C. Be careful while handling sensitive data, such as passwords, in program code
Unsigned integer conversion overflow INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data
Unsigned integer conversion overflow FLP34-C. Ensure that floating-point conversions are within range of the new type
Unsigned integer conversion overflow INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
Unsigned integer overflow INT30-C. Ensure that unsigned integer operations do not wrap
Unsigned integer overflow INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size
Unused parameter MSC13-C. Detect and remove unused values
Use of dangerous standard function API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
Use of dangerous standard function ENV01-C. Do not make assumptions about the size of an environment variable
Use of dangerous standard function STR07-C. Use the bounds-checking interfaces for string manipulation
Use of memset with size argument zero MSC12-C. Detect and remove code that has no effect or is never executed
Use of non-secure temporary file FIO03-C. Do not make assumptions about fopen() and file creation
Use of non-secure temporary file FIO21-C. Do not create temporary files in shared directories
Use of obsolete standard function MSC33-C. Do not pass invalid data to the asctime() function
Use of obsolete standard function POS33-C. Do not use vfork()
Use of obsolete standard function MSC24-C. Do not use deprecated or obsolescent functions
Use of previously closed resource FIO46-C. Do not access a closed file
Use of previously freed pointer MEM30-C. Do not access freed memory
Use of previously freed pointer MEM00-C. Allocate and free memory in the same module, at the same level of abstraction
Use of setjmp/longjmp MSC22-C. Use the setjmp(), longjmp() facility securely
Use of tainted pointer EXP34-C. Do not dereference null pointers
Use of tainted pointer ARR30-C. Do not form or use out-of-bounds pointers or array subscripts
Use of tainted pointer API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size
Use of tainted pointer MEM10-C. Define and use a pointer validation function
Variable length array with nonpositive size MEM04-C. Beware of zero-length allocations
Variable length array with nonpositive size MEM05-C. Avoid large stack allocations
Variable shadowing DCL01-C. Do not reuse variable names in subscopes
Vulnerable path manipulation FIO02-C. Canonicalize path names originating from tainted sources
Vulnerable permission assignments FIO06-C. Create files with appropriate access permissions
Vulnerable pseudo-random number generator MSC30-C. Do not use the rand() function for generating pseudorandom numbers
Write without a further read MSC13-C. Detect and remove unused values
Write without a further reads DCL22-C. Use volatile for data that cannot be cached
Writing to const qualified object EXP40-C. Do not modify constant objects
Writing to const qualified object STR30-C. Do not attempt to modify string literals
Writing to const qualified object STR05-C. Use pointers to const when referring to string literals
Writing to const qualified object STR06-C. Do not assume that strtok() leaves the parse string unchanged
shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
CERT C: Rule INT35-C INT35-C. Use correct integer precisions
CERT C: Rule INT36-C INT36-C. Converting a pointer to integer or integer to pointer
CERT C: Rule MEM30-C MEM30-C. Do not access freed memory
CERT C: Rule MEM31-C MEM31-C. Free dynamically allocated memory when no longer needed
CERT C: Rule MEM33-C MEM33-C. Allocate and copy structures containing a flexible array member dynamically
CERT C: Rule MEM34-C MEM34-C. Only free memory allocated dynamically
CERT C: Rule MEM35-C MEM35-C. Allocate sufficient memory for an object
CERT C: Rule MEM36-C MEM36-C. Do not modify the alignment of objects by calling realloc()
CERT C: Rule MSC07-C MSC07-C. Detect and remove dead code
CERT C: Rule MSC30-C MSC30-C. Do not use the rand() function for generating pseudorandom numbers
CERT C: Rule MSC32-C MSC32-C. Properly seed pseudorandom number generators
CERT C: Rule MSC33-C MSC33-C. Do not pass invalid data to the asctime() function
CERT C: Rule MSC37-C MSC37-C. Ensure that control never reaches the end of a non-void function
CERT C: Rule MSC38-C MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro
CERT C: Rule MSC39-C MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value
CERT C: Rule MSC40-C MSC40-C. Do not violate constraints
CERT C: Rule MSC41-C MSC41-C. Never hard code sensitive information
CERT C: Rule POS30-C POS30-C. Use the readlink() function properly
CERT C: Rule POS34-C POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument
CERT C: Rule POS35-C POS35-C. Avoid race conditions while checking for the existence of a symbolic link
CERT C: Rule POS36-C POS36-C. Observe correct revocation order while relinquishing privileges
CERT C: Rule POS37-C POS37-C. Ensure that privilege relinquishment is successful
CERT C: Rule POS38-C POS38-C. Beware of race conditions when using fork and file descriptors
CERT C: Rule POS39-C POS39-C. Use the correct byte ordering when transferring data between systems
CERT C: Rule POS44-C POS44-C. Do not use signals to terminate threads
CERT C: Rule POS47-C POS47-C. Do not use threads that can be canceled asynchronously
CERT C: Rule POS48-C POS48-C. Do not unlock or destroy another POSIX thread's mutex
CERT C: Rule POS49-C POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed
CERT C: Rule POS50-C POS50-C. Declare objects shared between POSIX threads with appropriate storage durations
CERT C: Rule POS51-C POS51-C. Avoid deadlock with POSIX threads by locking in predefined order
CERT C: Rule POS52-C POS52-C. Do not perform operations that can block while holding a POSIX lock
CERT C: Rule POS53-C POS53-C. Do not use more than one mutex for concurrent waiting operations on a condition variable
CERT C: Rule POS54-C POS54-C. Detect and handle POSIX library errors
CERT C: Rule PRE30-C PRE30-C. Do not create a universal character name through concatenation
CERT C: Rule PRE31-C PRE31-C. Avoid side effects in arguments to unsafe macros
CERT C: Rule PRE32-C PRE32-C. Do not use preprocessor directives in invocations of function-like macros
CERT C: Rule SIG30-C SIG30-C. Call only asynchronous-safe functions within signal handlers
CERT C: Rule SIG31-C SIG31-C. Do not access shared objects in signal handlers
CERT C: Rule SIG34-C SIG34-C. Do not call signal() from within interruptible signal handlers
CERT C: Rule SIG35-C SIG35-C. Do not return from a computational exception signal handler
CERT C: Rule STR30-C STR30-C. Do not attempt to modify string literals
CERT C: Rule STR31-C STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator
CERT C: Rule STR32-C STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string
CERT C: Rule STR34-C STR34-C. Cast characters to unsigned char before converting to larger integer sizes
CERT C: Rule STR37-C STR37-C. Arguments to character-handling functions must be representable as an unsigned char
CERT C: Rule STR38-C Wrong allocated object size for cast STR38-C. Do not confuse narrow and wide character strings and functions
Wrong allocated object size for cast MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type
Wrong type used in sizeof MEM35-C. Allocate sufficient memory for an object
CERT C: Rule WIN30-C WIN30-C. Properly pair allocation and deallocation functions
CERT-C: Rule EXP35-C EXP35-C. Do not modify objects with temporary lifetime
CERT-C: Rule FLP32-C FLP32-C. Prevent or detect domain and range errors in math functions
CERT-C: Rule FLP36-C FLP36-C. Preserve precision when converting integral values to floating-point Wrong type used in sizeof MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type