...
CERT Rule | Related Guidelines |
|---|---|
| DCL30-C | Escaping of the address of an automatic object [addrescape] |
| DCL37-C | Using identifiers that are reserved for the implementation [resident] |
| DCL40-C | Declaring the same function or object in incompatible ways [funcdecl] |
| EXP33-C | Referencing uninitialized memory [uninitref] |
| EXP34-C | Dereferencing an out-of-domain pointer [nullref] |
| EXP36-C | Converting pointer values to more strictly aligned pointer types [alignconv] |
| EXP37-C | Calling functions with incorrect arguments [argcomp] |
| EXP39-C | Accessing an object through a pointer to an incompatible type [ptrcomp] |
| EXP42-C | Comparison of padding data [padcomp] |
| EXP43-C | Passing pointers into the same object as arguments to different restrict-qualified parameters [restrict] |
| EXP45-C | No assignment in conditional expressions [boolasgn] |
| INT32-C | Overflowing signed integers [intoflow] |
| INT33-C | Integer division errors [diverr] |
| INT36-C | Converting a pointer to integer or integer to pointer [intptrconv] |
| ARR30-C | Forming or using out-of-bounds pointers or array subscripts [invptr] |
| ARR32-C | Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink [taintsink] |
| ARR36-C | Subtracting or comparing two pointers that do not refer to the same array [ptrobj] |
| ARR38-C | Forming invalid pointers by library functions [libptr] |
| STR30-C | Modifying string literals [strmod] |
| STR31-C | Using a tainted value to write to an object using a formatted input or output function [taintformatio] |
| STR31-C | Tainted strings are passed to a string copying function [taintstrcpy] |
| STR32-C | Passing a non-null-terminated character sequence to a library function that expects a string [strmod] |
| STR34-C | Conversion of signed characters to wider integer types before a check for EOF [signconv] |
| STR37-C | Passing arguments to character-handling functions that are not representable as unsigned char [chrsgnext] |
| MEM30-C | Accessing freed memory [accfree] |
| MEM30-C | Freeing memory multiple times [dblfree] |
| MEM31-C | Failing to close files or free dynamic memory when they are no longer needed [fileclose] |
| MEM34-C | Reallocating or freeing memory that was not dynamically allocated [xfree] |
| MEM35-C | Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr] |
| FIO30-C | Including tainted or out-of-domain input in a format string [usrfmt] |
| FIO34-C | Using character values that are indistinguishable from EOF [chreof] |
| FIO38-C | Copying a FILE object [filecpy] |
| FIO39-C | Interleaving stream inputs and outputs without a flush or positioning call [ioileave] |
| FIO42-C | Failing to close files or free dynamic memory when they are no longer needed [fileclose] |
| FIO44-C | Using a value for fsetpos other than a value returned from fgetpos [xfilepos] |
| FIO47-C | Using invalid format strings [invfmtstr] |
| ENV30-C | Modifying the string returned by getenv, localeconv, setlocale, and strerror [libmod] |
| ENV33-C | Calling system [syscall] |
| ENV34-C | Using an object overwritten by getenv, localeconv, setlocale, and strerror [libuse] |
| SIG30-C | Calling functions in the C Standard Library other than abort, _Exit, and signal from within a signal handler [asyncsig] |
| SIG31-C | Accessing shared objects in signal handlers [accsig] |
| SIG34-C | Calling signal from interruptible signal handlers [sigcall] |
| ERR30-C | Incorrectly setting and using errno [inverrno] |
| ERR33-C | Failing to detect and handle standard library errors [liberr] |
| POS54-C | Failing to detect and handle standard library errors [liberr] |
| ARR01-C | Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr] |
| DCL07-C | Using a tainted value as an argument to an unprototyped function pointer [taintnoproto] |
| EXP08-C | Forming or using out-of-bounds pointers or array subscripts [invptr] |
| EXP16-C | Comparing function addresses to zero [funcaddr] |
| MSC01-C | Use of an implied default in a switch statement [swtchdflt] |