SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 84

changes.mady.by.user Unknown User (lflynn)

Saved on

compared with

New Version Current

changes.mady.by.user Swasti Shrivastava

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Terminating a call to an exit handler in any way other than by returning is undefined behavior and may result in abnormal program termination or other unpredictable behavior. It may also prevent other registered handlers from being invoked.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

ENV32-C

Medium

Likely

Medium

P12

L1

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

user_defined

bad-function

bad-function-use

Soundly supported
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-ENV32
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.ABORT
BADFUNC.EXIT
BADFUNC.LONGJMP

Use of abort
Use of exit
Use of longjmp

Compass/ROSE

 

 



Can detect violations of this rule. In particular, it ensures that all functions registered with atexit() do not call functions such as exit()

Cppcheck Premium
24.9.0
premium-cert-env32-c

Partially Implemented

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF4856, DF4857, DF4858


Klocwork

Include Page
Klocwork_V
Klocwork_V

CERT.EXIT.HANDLER_TERMINATE


LDRA tool suite
Include Page
LDRA_V
LDRA_V
122 S
7 S		Enhanced enforcement
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-ENV32-a

Properly define exit handlers

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule ENV32-CChecks for abnormal termination of exit handler (rule fully covered)
RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

bad-function

bad-function-use

Supported

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

CERT C Secure Coding StandardSIG30-C. Call only asynchronous-safe functions within signal handlersPrior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Structured Programming [EWD]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013Termination Strategy [REU]Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11CWE-705, Incorrect Control Flow Scoping2017-07-10: CERT: Rule subset of CWE

CERT-CWE Mapping Notes

Key here for mapping notes

...

  • Improper control flow besides a non-returning exit handler

 



...