SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 56

changes.mady.by.user Anirban Gangopadhyay

Saved on

compared with

New Version Current

changes.mady.by.user Yozo TODA

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: parens are needed to "increment the value", pointed out by someone reading japanese version.

...

Code Block
bgColor#FFCCCC
langc
void incr(int *intptr) {
  if (intptr == NULL) {
    /* Handle error */
  }
  (*intptr)++;
}

Compliant Solution

This incr() function can be improved by using the valid() function. The resulting implementation is less likely to dereference an invalid pointer or write to memory that is outside the bounds of a valid object.

Code Block
bgColor#ccccff
langc
void incr(int *intptr) {
  if (!valid(intptr)) {
    /* Handle error */
  }
  (*intptr)++;
}

The valid() function can be implementation dependent and perform additional, platform-dependent checks when possible. In the worst case, the valid() function may only perform the same null-pointer check as the noncompliant code example. However, on platforms where additional pointer validation is possible, the use of a valid() function can provide checks.

...

Tool

Version

Checker

Description

LDRA tool suite
Include Page
LDRA_V
LDRA_V
159 SEnhanced enforcementPolyspace Bug Finder
Include Page
Polyspace Bug Finder_VPolyspace Bug Finder_V

Memory allocation with tainted size

Unprotected dynamic memory allocation

Use of tainted pointer

Size argument to memory function is from an unsecure source

Pointer returned from dynamic allocation not checked for NULL value

Pointer from an unsecure source may be NULL or point to unknown memory

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...