SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 60

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version Current

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Eliminating violations of syntax rules and other constraints can eliminate serious software vulnerabilities that can lead to the execution of arbitrary code with the permissions of the vulnerable process.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC00-C

Medium

Probable

Medium

P8

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BUILD.WALL

BUILD.WERROR

Not All Warnings Are Enabled

Warnings Not Treated As Errors

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V665
SonarQube C/C++ Plugin
 
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
 

S1762

 Warns

S973

Warns when the default warning specifier is used with  #pragma warning.

Requires documentation of #pragma uses

Related Guidelines

SEI CERT C++
Secure
Coding StandardVOID MSC00-CPP. Compile cleanly at high warning levels
MITRE CWECWE-563, Unused variable
CWE-570, Expression is always false
CWE-571, Expression is always true

Bibliography

[ISO/IEC 9899:2011]Section 5.1.1.3, "Diagnostics"
[Seacord 2013]Chapter 9, "Recommended Practices"
[Sutter 2005]Item 1

 


...

Image Modified Image Modified Image Modified