SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 22 Next »

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7f25acb1-3060-433e-9091-0ff2191fe207"><ac:parameter ac:name=""> asynchronous-safe</ac:parameter></ac:structured-macro>
asynchronous-safe [[GNU Pth]]
A function is asynchronous-safe, or asynchronous-signal safe, if it can be called safely and without side effects from within a signal handler context. That is, it must be able to be interrupted at any point and run linearly out of sequence without causing an inconsistent state. Some asynchronous-safe operations are listed below:

  • call the signal() function to reinstall a signal handler
  • unconditionally modify a volatile sig_atomic_t variable (as modification to this type is atomic)
  • call the _Exit() function to immediately terminate program execution
  • invoke an asynchronous-safe function, as specified by your implementation

Few functions are asynchronous-safe. If a function performs any other operations, it is probably not asynchronous-safe.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83705a7c-5a3a-45f5-a893-07b1860a5379"><ac:parameter ac:name=""> exploit</ac:parameter></ac:structured-macro>
exploit [[Seacord 05]]
An exploit is a piece of software or technique that takes advantage of a security vulnerability to violate an explicit or implicit security policy.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9db5060c-e816-441a-9591-dd3891910e3f"><ac:parameter ac:name=""> freestanding environment</ac:parameter></ac:structured-macro>
freestanding environment [[ISO/IEC 9899-1999]]
An environment in which C program execution may take place without any benefit of an operating system.  Program startup might occur at some function other than main(), complex types might not be implemented, and only certain minimal library facilities are guaranteed to be available.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="25f513b6-c396-4456-bd5d-a285dfe1e9d1"><ac:parameter ac:name=""> hosted environment</ac:parameter></ac:structured-macro>
hosted environment [[ISO/IEC 9899-1999]]
An environment that is not freestanding.  Program startup occurs at main(), complex types are implemented, and all C standard library facilities are available.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3c91d98d-b3f2-44e5-b71b-5502f01e716e"><ac:parameter ac:name=""> implementation</ac:parameter></ac:structured-macro>
implementation [[ISO/IEC 9899-1999]]
Particular set of software, running in a particular translation environment under particular control options, that performs translation of programs for, and supports execution of functions in, a particular execution environment.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e05f2d1e-b471-4ecb-8232-aa88516432c3"><ac:parameter ac:name=""> implementation-defined behavior</ac:parameter></ac:structured-macro>
implementation-defined behavior [[ISO/IEC 9899-1999]]
Unspecified behavior where each implementation documents how the choice is made.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7157507-50a9-4be5-ae62-127298294690"><ac:parameter ac:name=""> locale-specific behavior</ac:parameter></ac:structured-macro>
locale-specific behavior [[ISO/IEC 9899-1999]]
Behavior that depends on local conventions of nationality, culture, and language that each implementation documents.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="29108bfc-0a5a-4319-b718-43bb2336b966"><ac:parameter ac:name=""> lvalue</ac:parameter></ac:structured-macro>
lvalue [[ISO/IEC 9899-1999]]
An lvalue is an expression with an object type or an incomplete type other than void. The name "lvalue" comes originally from the assignment expression E1 = E2, in which the left operand E1 is required to be a (modifiable) lvalue. It is perhaps better considered as representing an object "locator value".

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="220f2ae6-b47f-4fbb-8bed-e4ba9cee62ed"><ac:parameter ac:name=""> mitigation</ac:parameter></ac:structured-macro>
mitigation [[Seacord 05]]
Mitigations are methods, techniques, processes, tools, or runtime libraries that can prevent or limit exploits against vulnerabilities.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8699afda-c462-4033-9266-eff3a3110fef"><ac:parameter ac:name=""> reentrant</ac:parameter></ac:structured-macro>
reentrant [[Dowd 06]]
A function is reentrant if multiple instances of the same function can run in the same address space concurrently without creating the potential for inconsistent states.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88cda73f-d809-40db-a4c5-7106c614bdd6"><ac:parameter ac:name=""> rvalue</ac:parameter></ac:structured-macro>
rvalue [[ISO/IEC 9899-1999]]
Value of an expression.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="47b4ca63-a79c-44b9-86cf-c66f1b67ec54"><ac:parameter ac:name=""> security flaw</ac:parameter></ac:structured-macro>
security flaw [[Seacord 05]]
A security flaw is a software defect that poses a potential security risk.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8c1c2230-daf6-4afa-a2ca-3561cd51d95b"><ac:parameter ac:name=""> security policy</ac:parameter></ac:structured-macro>
security policy [[Internet Society 00]]
A set of rules and practices that specify or regulate how a system or organization
provides security services to protect sensitive and critical system resources.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="256fa303-fd7c-4464-8f45-c4b1d3bec906"><ac:parameter ac:name=""> undefined behavior</ac:parameter></ac:structured-macro>
undefined behavior [[ISO/IEC 9899-1999]]
Behavior, upon use of a nonportable or erroneous program construct or of erroneous data, for which the standard imposes no requirements. An example of undefined behavior is the behavior on integer overflow.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d46b03f9-e55e-4fc8-8fbd-273e089c6d2a"><ac:parameter ac:name=""> unspecified behavior</ac:parameter></ac:structured-macro>
unspecified behavior [[ISO/IEC 9899-1999]]
Behavior where the standard provides two or more possibilities and imposes no further requirements on which is chosen in any instance.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ab1c2316-8d3b-43f8-b009-08bc9e5e229d"><ac:parameter ac:name=""> validation</ac:parameter></ac:structured-macro>
validation [[IEC 61508-4]]
Confirmation by examination and provision of objective evidence that the particular requirements for a specific intended use are fulfilled.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="935cf56f-5a85-4b2a-9401-c16651fbde10"><ac:parameter ac:name=""> verification</ac:parameter></ac:structured-macro>
verification [[IEC 61508-4]]
Confirmation by examination and provision of objective evidence that the requirements have been fulfilled.

<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0b1dbec2-66c7-43eb-bb60-7cbf21214142"><ac:parameter ac:name=""> verification</ac:parameter></ac:structured-macro>
vulnerability [[Seacord 05]]
A vulnerability is a set of conditions that allows an attacker to violate an explicit or implicit security policy.

  • No labels