SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 54

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Errors of omission can result in unintended program flow.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP16-C

Low

Likely

Medium

P6

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
function-name-constant-comparison
Partially checked

Coverity

Include Page
Coverity_V
Coverity_V

BAD_COMPARE

Can detect the specific instance where the address of a function is compared against 0, such as in the case of geteuid versus getuid() in the implementation-specific details

GCC
Include Page
GCC_V
GCC_V
 

Can detect violations of this recommendation when the -Wall flag is used

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C0428, C3004, C3344
Klocwork
Include Page
Klocwork_V
Klocwork_V

CWARN.NULLCHECK.FUNCNAME
CWARN.FUNCADDR

 

LDRA tool suite
Include Page
LDRA_V
LDRA_V
99 SPartially implemented
Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
BD
CERT_C-
PB
EXP16-
CCStricter checking than the definition here.PRQA QA-C
a
Function address should not be compared to zero
PC-lint Plus

Include Page

PRQA QA

PC-

C

lint Plus_

v

V

PRQA QA

PC-

C_v3004, 3344, 428

lint Plus_V

2440, 2441

Partially supported: reports address of function, array, or variable directly or indirectly compared to null

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V516, V1058
RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

function-name-constant-comparison
Partially checked
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID EXP16-CPP. Avoid conversions using void pointers
ISO/IEC TR 24772:2013Likely incorrect expressions [KOA]
ISO/IEC TS 17961Comparing function addresses to zero [funcaddr]
MITRE CWECWE-480, Use of incorrect operator
CWE-482, Comparing instead of assigning

Bibliography

[Hatton 1995]Section 2.7.2, "Errors of Omission and Addition"

...


...