Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In the external string_m.h file, the string_mx type is defined to be an instance of struct string_mx, which in turn is declared as an incomplete type:

Code Block
bgColor#ccccff
langc
struct string_mx;
typedef struct string_mx string_mx;

/* Function declarations */
extern errno_t strcpy_m(string_mx *s1, const string_mx *s2);
extern errno_t strcat_m(string_mx *s1, const string_mx *s2);
/* ... */

...

The use of opaque abstract data types, though not essential to secure programming, can significantly reduce the number of defects and vulnerabilities introduced in code, particularly during ongoing maintenance.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

DCL12-C

Low

Unlikely

High

P1

L3

Automated Detection

Tool

Version

Checker

Description

Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-DCL12
LDRA tool suite
Include Page
LDRA_V
LDRA_V
352 S

104 D

Fully implemented

Partially implemented

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. DCL12-CChecks for structure or union object implementation visible in file where pointer to this object is not dereferenced (rule partially covered)


Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-DCL12-aIf a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should be hidden

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

MISRA C:2012

Directive 4.8 (advisory)

Bibliography

...


...

Image Modified Image Modified Image Modified