You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

C checkers

CERT C Secure Coding Standard

BAD_COMPARE

MSC02-A. Avoid errors of omission

BAD_FREE

MEM34-C. Only free memory allocated dynamically

CHAR_IO

FIO34-C. Use int to capture the return value of character IO functions

CHECKED_RETURN

FIO33-C. Detect and handle input output errors resulting in undefined behavior

DEADCODE

MSC07-A. Detect and remove dead code

FORWARD_NULL

EXP34-C. Ensure a pointer is valid before dereferencing it

MISSING_RETURN

MSC02-A. Avoid errors of omission

NEGATIVE_RETURNS

INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data

NO_EFFECT

MSC12-A. Detect and remove code that has no effect

NULL_RETURNS

EXP34-C. Ensure a pointer is valid before dereferencing it

OVERRUN_STATIC

STR34-C. Do not copy data from an unbounded source to a fixed-length array

OVERRUN_DYNAMIC

STR34-C. Do not copy data from an unbounded source to a fixed-length array

RESOURCE_LEAK

MEM31-C. Free dynamically allocated memory exactly once

RETURN_LOCAL

DCL30-C. Declare objects with appropriate storage durations

REVERSE_INULL

EXP34-C. Ensure a pointer is valid before dereferencing it

REVERSE_NEGATIVE

INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data

SIZECHECK

MEM35-C. Allocate sufficient memory for an object

STACK_USE

MEM05-A. Avoid large stack allocations

UNINIT

EXP33-C. Do not reference uninitialized variables

UNUSED_VALUE

MSC13-A. Detect and remove unused values

USE_AFTER_FREE

MEM30-C. Do not access freed memory, MEM31-C. Free dynamically allocated memory exactly once

VARARGS

No equivalent

C++ Checkers

CERT C++ Secure Coding Standard

BAD_OVERRIDE

No equivalent

CTOR_DTOR_LEAK

No equivalent

DELETE_ARRAY

No equivalent

INVALIDATE_ITERATOR

https://www.securecoding.cert.org/confluence/display/cplusplus/STL30-C.+Use+Valid+Iterators

PASS_BY_VALUE

No equivalent

UNCAUGHT_EXCEPT

https://www.securecoding.cert.org/confluence/display/cplusplus/ERR30-C.+Check+for+all+error+conditions

UNINIT_CTOR

No equivalent

WRAPPER_ESCAPE

No equivalent

Concurrency Checkers

CERT C Secure Coding Standard

LOCK

Out of scope

ORDER_REVERSAL

Out of scope

SLEEP

Out of scope

Security checkers

CERT C Secure Coding Standard

BUFFER_SIZE

STR31-C. Guarantee that storage for strings has sufficient space for character data and the NULL terminator, ARR33-C. Guarantee that copies are made into storage of sufficient size

CHROOT

Out of scope

OPEN_ARGS

FIO03-A. Do not make assumptions about fopen() and file creation

READLINK

POS30-C. Use the readlink() function properly

SECURE_CODING

STR34-C. Do not copy data from an unbounded source to a fixed-length array, others?

SECURE_TEMP

TMP30-C. Temporary files must created with unique and unpredictable file names, TMP31-C. Temporary files must have an unpredictable name, TMP32-C. Temporary files must be opened with exclusive access, TMP33-C. Temporary files must be removed before the program exits, TMPxx-C. Temporary file names must be unique when the file is created

STRING_OVERFLOW

STR31-C. Guarantee that storage for strings has sufficient space for character data and the NULL terminator

STRING_NULL

STR32-C. Null-terminate byte strings as required

STRING_SIZE

STR31-C. Guarantee that storage for strings has sufficient space for character data and the NULL terminator

TAINTED_SCALAR

ARR30-C. Guarantee that array indices are within the valid range, INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data, INT32-C. Ensure that integer operations do not result in an overflow

TAINTED_STRING

STR02-A. Sanitize data passed to complex subsystems, FIO30-C. Exclude user input from format strings, FIO02-A. Canonicalize file names originating from untrusted sources

TOCTOU

FIO03-A. Do not make assumptions about fopen() and file creation, FIO01-A. Prefer functions that do not rely on file names for identification, FIO08-A. Take care when calling remove() on an open file, others?

USER_POINTER

No equivalent

  • No labels