Use type definitions (typedef) to improve code readability.
Non-Compliant Code Example
The following declaration of the signal() function is difficult to read and comprehend.
void (*signal(int, void (*)(int)))(int);
Compliant Solution
This compliant solution makes use of type definitions to specify the same type as in the non-compliant code example.
typedef void (*SighandlerType)(int signum); extern SighandlerType signal( int signum, SighandlerType handler );
Risk Assessment
Code readability is important for discovering and eliminating vulnerabilities.
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
DCL05-A |
low |
unlikely |
medium |
P2 |
L3 |
Automated Detection
The LDRA tool suite V 7.6.0 is able to detect violations of this recommendation.
Compass/ROSE could detect violations of this recommendation...typedefs are well represented in ROSE's AST. To detect violations, we first have to rigorously define what constitutes a 'too complicated type'. Most could concede that a pointer to a simple type is not too complicated, but a function type is. I think a reasonable definition of 'too complicated' would be any type that has two pointers, two arrays, one array + one pointer, or one function.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
[[ISO/IEC 9899:1999]] Section 6.7.7, "Type definitions"
[[ISO/IEC PDTR 24772]] "BRS Leveraging human experience"
DCL04-A. Do not declare more than one variable per declaration 02. Declarations and Initialization (DCL) DCL06-A. Use meaningful symbolic constants to represent literal values in program logic