Compile code using the highest warning level available for your compiler and eliminate warnings by modifying the code.
According to C99 Section 5.1.1.3:
A conforming implementation shall produce at least one diagnostic message (identified in an implementation-defined manner) if a preprocessing translation unit or translation unit contains a violation of any syntax rule or constraint, even if the behavior is also explicitly specified as undefined or implementation-defined. Diagnostic messages need not be produced in other circumstances.
Assuming a comforming implementation, eliminating diagnostic messages will eliminate any violation of syntax rules or other constraints.
Priority: P12 Level: L1
Eliminating violations of syntax rules and other constraints can eliminate serious software vulnerabilities that can lead to the execution of arbitrary code with the permissions of the vulnerable process.
Component |
Value |
|---|---|
Severity |
3 (high) |
Likelihood |
2 (probable) |
Remediation cost |
2 (medium) |
References
- Sutter 05 Item 1
- ISO/IEC 9899-1999 Section 5.1.1.3 Diagnostics
- Seacord 05 Chapter 8 Recommended Practices