Page History

These checkers enforce the CERT C Secure Coding rules. The code is available for free download by selecting 'Attachments' on this page.The source code was developed by the CERT Secure Coding Group, and is freely available.

This code has been developed and tested on an i386 workstation running Linux (2.6.16.60) and g++ (3.4.4)

This code depends on ROSE 0.9.3a, which is available for free download from:

http://rosecompiler.org/^{Image Removed}

ROSE 0.9.3a also depends on the BOOST C++ library, version 1.3.5, which is available for free download from:

http://www.boost.org/^{Image Removed}

First make sure that the ROSE environment variable points to the build directory of ROSE:

export ROSE=/usr/local/rose/compileTree

Building Diagnose

To build the ROSE 'diagnose' program, which runs secure coding rules:

make pgms

To test diagnose on the code samples from the CERT C Secure Coding Rules:

make tests

To build API documentation pages, you must have doxygen installed:

make doc

To clean documentation pages and build files:

make clean

Running Diagnose

To run the diagnose program on a C file, simply pass the C file as an argument:

diagnose hello.c

are freely available from Rosecheckers Github project. For questions regarding the CERT ROSE checkers, contact info@sei.cmu.edu.

Getting Rosecheckers code from source or container

You can get the rosecheckers code from source or a container from Rosecheckers Github project.

Follow the instructions on the Readme of that project siteIf the C file violates some secure coding rules, the diagnose program will print them out. If the diagnose program can not find any violations, it prints nothing.

Secure Coding Rules Enforced by

...

Rosecheckers

The SEI CERT C Secure Coding Rules are Standard is freely available.

Here is a breakdown of how thoroughly diagnose Rosecheckers enforces the C Secure Coding Rules and Recommendations: