The first two tables list CERT C Coding Standard rules and recommendations that are Applicable in Principle, meaning that the guideline can be applied to Android app development, but examples currently shown in the guideline are not yet relevant to Android. The third table lists rules and recommendations with Unknown applicability, meaning they are guidelines whose applicability to Android app development has not yet been determined.
Contents
Rules/Unknown Applicability to Android Development
Rules | Comments |
EXP35-C. Do not modify objects with temporary lifetime | Possibly C11 relevant material, relevance must be considered on Android. |
INT36-C. Converting a pointer to integer or integer to pointer | Don't know if a hardware platform for Android that this applies to. (only apply to certain arcane platform) |
STR34-C. Cast characters to unsigned char before converting to larger integer sizes | Can chars be unsigned on Android? Might be a compiler option, so yes. Not needed for new code, but might have previous code affected by it. |
STR38-C. Do not confuse narrow and wide character strings and functions | Not sure, needs more investigation. |
FIO29-C. Do not open a file that is already open | |
FIO32-C. Do not perform operations on devices that are only appropriate for files | |
FIO34-C. Distinguish between characters read from a file and EOF or WEOF | EOF/WEOF: Only apply to app's public files? Others protected by VM? |
FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful | |
FIO38-C. Do not copy a FILE object | FIO reference. What is Android filesystem? http://stackoverflow.com/questions/2421826/what-is-androids-file-system It depends on what filesystem, for example /system and /data are yaffs2 while /sdcard is vfat By default, it uses YAFFS - Yet Another Flash File System. Depends on what hardware/platform you use. Since Android uses the Linux-kernel at this level, it is more or less possible to use whatever filesystem the Linux-kernel supports. But since most phones use some kind of nand flash, it is safe to assume that they use YAFFS. But please note that if some vendor wants to sell a Android netbook (with a harddrive), they could use ext3 or something like that. |
FIO40-C. Reset strings on fgets() or fgetws() failure | |
FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects | |
FIO42-C. Close files when they are no longer needed | |
FIO44-C. Only use values for fsetpos() that are returned from fgetpos() | |
FIO45-C. Avoid TOCTOU race conditions while accessing files | |
FIO46-C. Do not access a closed file | |
CON30-C. Clean up thread-specific storage | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON31-C. Do not destroy a mutex while it is locked | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON32-C. Prevent data races when accessing bit-fields from multiple threads | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON33-C. Avoid race conditions when using library functions | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON34-C. Declare objects shared between threads with appropriate storage durations | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON35-C. Avoid deadlock by locking in a predefined order | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON36-C. Wrap functions that can spuriously wake up in a loop | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON37-C. Do not call signal() in a multithreaded program | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON38-C. Preserve thread safety and liveness when using condition variables | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON39-C. Do not join or detach a thread that was previously joined or detached | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON40-C. Do not refer to an atomic variable twice in an expression | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
CON41-C. Wrap functions that can fail spuriously in a loop | CON concurrency: Need to look into Android, does it support C11? Look at specifics of Android. Maybe POSIX threads, not C11 threads. |
POS30-C. Use the readlink() function properly | |
POS33-C. Do not use vfork() | |
POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument | |
POS35-C. Avoid race conditions while checking for the existence of a symbolic link | Can apps get root? Can they run a shell? These rules/guidelines are not meant to address rooted devices (different OS than standard Android) |
POS36-C. Observe correct revocation order while relinquishing privileges | Can apps get root? Can they run a shell? These rules/guidelines are not meant to address rooted devices (different OS than standard Android) |
POS37-C. Ensure that privilege relinquishment is successful | Can apps get root? Can they run a shell? These rules/guidelines are not meant to address rooted devices (different OS than standard Android) |
POS38-C. Beware of race conditions when using fork and file descriptors | |
POS39-C. Use the correct byte ordering when transferring data between systems | |
POS44-C. Do not use signals to terminate threads | Further investigation needed, specific to SigAction |
POS47-C. Do not use threads that can be canceled asynchronously | |
POS48-C. Do not unlock or destroy another POSIX thread's mutex | |
POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed | Look into Android specifics for this, regarding "guarantee no adjacent data is accessed". |
POS50-C. Declare objects shared between POSIX threads with appropriate storage durations | |
POS51-C. Avoid deadlock with POSIX threads by locking in predefined order | |
POS52-C. Do not perform operations that can block while holding a POSIX lock | |
POS53-C. Do not use more than one mutex for concurrent waiting operations on a condition variable | |
POS54-C. Detect and handle POSIX library errors |
Recommendations/Unknown Applicability to Android Development