SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 36

changes.mady.by.user Arthur Hicken

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
langc
int value;

if (scanf("%d", &value) == 1) {
  if (value % 2 != 0) {
    /* Take action if value is odd */
  }
}

Compliant Solution

Using bitwise operators is safe on unsigned integers:

Code Block
bgColor#ccccff
languagec
unsigned int value;

if (scanf("%u", &value) == 1) {
  if (value & 0x1 != 0) {
    /* Take action if value is odd */
  }
}

Risk Assessment

Incorrect assumptions about integer representation can lead to execution of unintended code branches and other unexpected behavior.

...

2940, 2941, 2942, 2943, 2945, 2946, 2947, 2948

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
bitop-type
Partially checked
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C2940, C2945 

DF2941, DF2942, DF2943, DF2946, DF2947, DF2948


LDRA tool suite
Include Page
LDRA_V
LDRA_V
50 S, 120 SPartially Implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
CODSTA-63ImplementedPRQA QA-C
Include Page
PRQA QA-C_vPRQA QA-C_vCERT_C-INT16-a
Bitwise operators shall only be applied to operands of unsigned underlying type
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

502, 2704, 9088

Partially supported: reports bitwise not of signed quantity, declaration of named signed single-bit bitfields, and negation of the minimum negative integer

RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

bitop-type
Partially checked


...