SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 48

changes.mady.by.user Anirban Gangopadhyay

Saved on

compared with

New Version Current

changes.mady.by.user Valery

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
langc
char *improved_strncpy(char * restrict s1, size_t s1count, const char * restrict s2, size_t s2count, size_t n);
char *improved_strncat(char * restrict s1, size_t s1count, const char * restrict s2, size_t s2count, size_t n);

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
BADFUNC.BO.*

A collection of checks that report uses of library functions prone to internal buffer overflows.

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
SECURITY-12, SECURITY-07
Polyspace Bug FinderR2016a

Array access out of bounds

Array access with tainted index

Pointer access out of bounds

Use of dangerous standard function

Use of tainted pointer

Pointer dereference with tainted offset

CERT_C-API02-a
CERT_C-API02-b

Avoid using unsafe string functions which may cause buffer overflows
Don't use unsafe C functions that do write to range-unchecked buffers

Functions that read or write to or from an array should take an argument to specify the source or target size

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

[ISO/IEC 9899:2011]Annex K (normative) Bounds-checking Interfaces


...