SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 52

changes.mady.by.user Arthur Hicken

Saved on

compared with

New Version Current

changes.mady.by.user Michal Rozenau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft 2020.2

...

The following table summarizes the characteristics of error-reporting and error-detection mechanisms.

Method

Code Increase

Manages Allocated Resources

Automatically Enforceable

Return value

Big (30–40%)

No

Yes

Address argument

Bigger

No

No

Global indicator

Medium

No

Yes

longjmp()

Small

No

n/a

Risk Assessment

Lack of an error-detection mechanism prevents applications from knowing when an error has disrupted normal program behavior.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

ERR05-C

Medium

Probable

High

P4

L3

Automated Detection

Tool

Version

Checker

Description

Compass/ROSE

 

 



Could detect violations of this rule merely by reporting functions that call abort(), exit(), or _Exit() inside an if or switch statement.
This would also catch many false positives, as ROSE could not distinguish a library function from an application function

Parasoft C/C++test
9.5MISRA2012-RULE-21_8
Include Page
Parasoft_V
Parasoft_V

CERT_C-ERR05-a
CERT_C-ERR05-b
CERT_C-ERR05-c

The 'abort()' function from the 'stdlib.h' or 'cstdlib' library shall not be used
The 'exit()' function from the 'stdlib.h' or 'cstdlib' library shall not be used
The 'quick_exit()' and '_Exit()' functions from the 'stdlib.h' or 'cstdlib' library shall not be u

Use of getenv(), abort(), exit() and system()

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID ERR05-CPP. Application-independent code should provide error detection without dictating error handling

Bibliography

[Miller 2004]
[Saks 2007b]

...


...

Image Modified Image Modified Image Modified