| Checker | Guideline |
| ABV.ANY_SIZE_ARRAY | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.ANY_SIZE_ARRAY | ARR00-C. Understand how arrays work |
| ABV.ANY_SIZE_ARRAY | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.GENERAL | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.GENERAL | ARR38-C. Guarantee that library functions do not form invalid pointers |
| ABV.GENERAL | POS30-C. Use the readlink() function properly |
| ABV.GENERAL | ARR00-C. Understand how arrays work |
| ABV.GENERAL | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.GENERAL | EXP08-C. Ensure pointer arithmetic is used correctly |
| ABV.GENERAL.MULTIDIMENSION | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.GENERAL.MULTIDIMENSION | ARR38-C. Guarantee that library functions do not form invalid pointers |
| ABV.GENERAL.MULTIDIMENSION | POS30-C. Use the readlink() function properly |
| ABV.GENERAL.MULTIDIMENSION | ARR00-C. Understand how arrays work |
| ABV.GENERAL.MULTIDIMENSION | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.GENERAL.MULTIDIMENSION | EXP08-C. Ensure pointer arithmetic is used correctly |
| ABV.ITERATOR | ARR00-C. Understand how arrays work |
| ABV.ITERATOR | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.ITERATOR | EXP08-C. Ensure pointer arithmetic is used correctly |
| ABV.MEMBER | ARR00-C. Understand how arrays work |
| ABV.MEMBER | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.NON_ARRAY | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.STACK | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.STACK | ARR00-C. Understand how arrays work |
| ABV.STACK | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.TAINTED | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.TAINTED | ARR00-C. Understand how arrays work |
| ABV.TAINTED | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.UNICODE.BOUND_MAP | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.UNICODE.BOUND_MAP | ARR00-C. Understand how arrays work |
| ABV.UNICODE.BOUND_MAP | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.UNICODE.FAILED_MAP | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.UNICODE.FAILED_MAP | ARR00-C. Understand how arrays work |
| ABV.UNICODE.FAILED_MAP | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.UNICODE.NNTS_MAP | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.UNICODE.NNTS_MAP | ARR00-C. Understand how arrays work |
| ABV.UNICODE.NNTS_MAP | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.UNICODE.SELF_MAP | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.UNICODE.SELF_MAP | ARR00-C. Understand how arrays work |
| ABV.UNICODE.SELF_MAP | ENV01-C. Do not make assumptions about the size of an environment variable |
| ABV.UNKNOWN_SIZE | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| ABV.UNKNOWN_SIZE | ARR00-C. Understand how arrays work |
| ABV.UNKNOWN_SIZE | ENV01-C. Do not make assumptions about the size of an environment variable |
| ASSIGCOND.CALL | EXP45-C. Do not perform assignments in selection statements |
| ASSIGCOND.GEN | EXP45-C. Do not perform assignments in selection statements |
| AUTOSAR.STDLIB.CCTYPE.UCHAR | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
| AUTOSAR.STDLIB.MEMORY | MEM36-C. Do not modify the alignment of objects by calling realloc() |
| BYTEORDER.HTON.SEND | POS39-C. Use the correct byte ordering when transferring data between systems |
| BYTEORDER.HTON.WRITE | POS39-C. Use the correct byte ordering when transferring data between systems |
| BYTEORDER.NTOH.READ | POS39-C. Use the correct byte ordering when transferring data between systems |
| BYTEORDER.NTOH.RECV | POS39-C. Use the correct byte ordering when transferring data between systems |
| CERT.ALIGNOF | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.ANONYMOUS.STRUCT | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.ANONYMOUS.UNION | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.ARR.PTR.ARITH | ARR37-C. Do not add or subtract an integer to a pointer to a non-array object |
| CERT.ARR.PTR.ARITH | ARR39-C. Do not add or subtract a scaled integer to a pointer |
| CERT.ARRAY.LENGTH.ZERO | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.BITFIELD.NOT.INT | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.BITFIELD.SIGN.MODIFIER | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.CHROOT | POS05-C. Limit access to files by creating a jail |
| CERT.CHROOT.CHDIR | POS05-C. Limit access to files by creating a jail |
| CERT.CONC.ATOMIC_COMP_FAIL_IN_LOOP | CON41-C. Wrap functions that can fail spuriously in a loop |
| CERT.CONC.ATOMIC_TWICE_EXPR | CON40-C. Do not refer to an atomic variable twice in an expression |
| CERT.CONC.LIB_FUNC_USE | CON33-C. Avoid race conditions when using library functions |
| CERT.CONC.UNSAFE_COND_VAR_C | CON38-C. Preserve thread safety and liveness when using condition variables |
| CERT.CONC.WAKE_IN_LOOP_C | CON36-C. Wrap functions that can spuriously wake up in a loop |
| CERT.DCL.SWITCH.VAR_BEFORE_CASE | DCL41-C. Do not declare variables inside a switch statement before the first case label |
| CERT.EMPTY.AGR.INIT | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.ENUM.LITERAL.TYPE.INT | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.ENUM.TYPE.SPECIFIER | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.ERR.CONV.STR_TO_NUM | ERR34-C. Detect errors when converting a string to a number |
| CERT.EXIT.HANDLER_TERMINATE | ENV32-C. All exit handlers must return normally |
| CERT.EXPR.PARENS | EXP00-C. Use parentheses for precedence of operation |
| CERT.EXPR.VOLATILE.ADDR | EXP32-C. Do not access a volatile object through a nonvolatile reference |
| CERT.EXPR.VOLATILE.ADDR.PARAM | EXP32-C. Do not access a volatile object through a nonvolatile reference |
| CERT.EXPR.VOLATILE.PTRPTR | EXP32-C. Do not access a volatile object through a nonvolatile reference |
| CERT.FIO.NO_FLUSH | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call |
| CERT.FIXED.MEMORY.ADDRESS | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.FSETPOS.VALUE | FIO44-C. Only use values for fsetpos() that are returned from fgetpos() |
| CERT.LITERAL.ARRAY | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CERT.LITERAL.BINARY | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.LITERAL.BITFIELD | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CERT.LITERAL.CHAR.CONST | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CERT.LITERAL.FLT.CONST | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CERT.LITERAL.INT.CONST | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CERT.LITERAL.MULTIBYTE.CHAR | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.LITERAL.OCTAL | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.LITERAL.STR.CONST | DCL06-C. Use meaningful symbolic constants to represent literal values |
| CERT.LITERAL.SUFFIX.I64 | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.MEMCMP.FLOAT_MEMBER | FLP37-C. Do not use object representations to compare floating-point values |
| CERT.MSC.ASCTIME | MSC33-C. Do not pass invalid data to the asctime() function |
| CERT.MSC.SEED_RANDOM | MSC32-C. Properly seed pseudorandom number generators |
| CERT.MSC.STD_RAND_CALL | MSC30-C. Do not use the rand() function for generating pseudorandom numbers |
| CERT.MULTI.FUNC.ARG.CALLS | EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place |
| CERT.NAME.DOLLAR.CHAR | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.POS.THREAD.ASYNC_CANCEL | POS47-C. Do not use threads that can be canceled asynchronously |
| CERT.PUTENV.AUTO_VARIABLE | POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument |
| CERT.RTN.FLT.CAST.DBL | FLP07-C. Cast the return value of a function that returns a floating-point type |
| CERT.RTN.FLT.IMPLICIT.CAST.DBL | FLP07-C. Cast the return value of a function that returns a floating-point type |
| CERT.SIG.SIG_HANDLER.ASYNC_SAFE | SIG30-C. Call only asynchronous-safe functions within signal handlers |
| CERT.STATIC.SINGLE.USE | DCL19-C. Minimize the scope of variables and functions |
| CERT.STDLIB.SIGNAL | SIG35-C. Do not return from a computational exception signal handler |
| CERT.STMT.EXPR | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.STR.ARG.CONST_TO_NONCONST | STR30-C. Do not attempt to modify string literals |
| CERT.STR.ASSIGN.CONST_TO_NONCONST | STR30-C. Do not attempt to modify string literals |
| CERT.STR.ASSIGN.CONST_TO_NONCONST | POS35-C. Avoid race conditions while checking for the existence of a symbolic link |
| CERT.STR.RANGE.FORMATTER | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.STRUCT.FLEXIBLE_ARRAY_MEMBER | DCL38-C. Use the correct syntax when declaring a flexible array member |
| CERT.TU.UNUSED.GLOBAL.DECL | DCL19-C. Minimize the scope of variables and functions |
| CERT.TYPEOF | MSC14-C. Do not introduce unnecessary platform dependencies |
| CERT.UNNAMED.MEMBER | MSC14-C. Do not introduce unnecessary platform dependencies |
| CL.FFM.ASSIGN | MEM31-C. Free dynamically allocated memory when no longer needed |
| CL.FFM.COPY | MEM31-C. Free dynamically allocated memory when no longer needed |
| CL.SHALLOW.ASSIGN | MEM31-C. Free dynamically allocated memory when no longer needed |
| CL.SHALLOW.COPY | MEM31-C. Free dynamically allocated memory when no longer needed |
| CONC.DL | CON35-C. Avoid deadlock by locking in a predefined order |
| CONC.DL | POS51-C. Avoid deadlock with POSIX threads by locking in predefined order |
| CONC.NO_UNLOCK | CON35-C. Avoid deadlock by locking in a predefined order |
| CONC.NO_UNLOCK | POS51-C. Avoid deadlock with POSIX threads by locking in predefined order |
| CONC.SLEEP | POS52-C. Do not perform operations that can block while holding a POSIX lock |
| CONC.SLEEP | CON05-C. Do not perform operations that can block while holding a lock |
| CWARN.CMPCHR.EOF | FIO34-C. Distinguish between characters read from a file and EOF or WEOF |
| CWARN.EMPTY.LABEL | MSC01-C. Strive for logical completeness |
| CWARN.FUNCADDR | EXP16-C. Do not compare function pointers to constant values |
| CWARN.IMPLICITINT | DCL31-C. Declare identifiers before using them |
| CWARN.MEMSET.SIZEOF.PTR | ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array |
| CWARN.NOEFFECT.OUTOFRANGE | INT30-C. Ensure that unsigned integer operations do not wrap |
| CWARN.NOEFFECT.OUTOFRANGE | INT32-C. Ensure that operations on signed integers do not result in overflow |
| CWARN.NOEFFECT.SELF_ASSIGN | MSC12-C. Detect and remove code that has no effect or is never executed |
| CWARN.NOEFFECT.UCMP.GE | MSC12-C. Detect and remove code that has no effect or is never executed |
| CWARN.NOEFFECT.UCMP.GE.MACRO | MSC12-C. Detect and remove code that has no effect or is never executed |
| CWARN.NOEFFECT.UCMP.LT | MSC12-C. Detect and remove code that has no effect or is never executed |
| CWARN.NOEFFECT.UCMP.LT.MACRO | MSC12-C. Detect and remove code that has no effect or is never executed |
| CWARN.NULLCHECK.FUNCNAME | EXP16-C. Do not compare function pointers to constant values |
| CWARN.NULLCHECK.FUNCNAME | MSC12-C. Detect and remove code that has no effect or is never executed |
| CXX.CAST.SIGNED_CHAR_TO_INTEGER | STR34-C. Cast characters to unsigned char before converting to larger integer sizes |
| CXX.DIFF.WIDTH.STR_AND_FUNC | STR38-C. Do not confuse narrow and wide character strings and functions |
| CXX.ERRNO.INCORRECTLY_CHECKED | ERR30-C. Take care when reading errno |
| CXX.ERRNO.NOT_CHECKED | ERR30-C. Take care when reading errno |
| CXX.ERRNO.NOT_SET | ERR30-C. Take care when reading errno |
| CXX.ID_VIS.GLOBAL_VARIABLE.EXTERN | DCL19-C. Minimize the scope of variables and functions |
| CXX.ID_VIS.GLOBAL_VARIABLE.STATIC | DCL19-C. Minimize the scope of variables and functions |
| CXX.SV.PWD.PLAIN | MSC41-C. Never hard code sensitive information |
| CXX.SV.PWD.PLAIN.LENGTH | MSC41-C. Never hard code sensitive information |
| CXX.SV.PWD.PLAIN.ZERO | MSC41-C. Never hard code sensitive information |
| DBZ.CONST | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| DBZ.CONST.CALL | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| DBZ.GENERAL | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| DBZ.ITERATOR | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| DBZ.ITERATOR.CALL | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| EFFECT | MSC12-C. Detect and remove code that has no effect or is never executed |
| FMM.MIGHT | MEM31-C. Free dynamically allocated memory when no longer needed |
| FMM.MIGHT | WIN30-C. Properly pair allocation and deallocation functions |
| FMM.MUST | MEM31-C. Free dynamically allocated memory when no longer needed |
| FMM.MUST | WIN30-C. Properly pair allocation and deallocation functions |
| FNH.MIGHT | MEM34-C. Only free memory allocated dynamically |
| FNH.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| FNH.MUST | MEM34-C. Only free memory allocated dynamically |
| FNH.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| FUM.GEN.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| FUM.GEN.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| FUNCRET.GEN | MSC37-C. Ensure that control never reaches the end of a non-void function |
| FUNCRET.IMPLICIT | MSC37-C. Ensure that control never reaches the end of a non-void function |
| HCC | MSC41-C. Never hard code sensitive information |
| HCC.PWD | MSC41-C. Never hard code sensitive information |
| HCC.USER | MSC41-C. Never hard code sensitive information |
| INCORRECT.ALLOC_SIZE | MEM35-C. Allocate sufficient memory for an object |
| INFINITE_LOOP.GLOBAL | MSC01-C. Strive for logical completeness |
| INFINITE_LOOP.LOCAL | MSC01-C. Strive for logical completeness |
| INFINITE_LOOP.MACRO | MSC01-C. Strive for logical completeness |
| INVARIANT_CONDITION.UNREACH | MSC07-C. Detect and remove dead code |
| INVARIANT_CONDITION.UNREACH | MSC12-C. Detect and remove code that has no effect or is never executed |
| LA_UNUSED | MSC01-C. Strive for logical completeness |
| LA_UNUSED | MSC07-C. Detect and remove dead code |
| LA_UNUSED | MSC12-C. Detect and remove code that has no effect or is never executed |
| LOCRET.ARG | DCL30-C. Declare objects with appropriate storage durations |
| LOCRET.GLOB | DCL30-C. Declare objects with appropriate storage durations |
| LOCRET.RET | DCL30-C. Declare objects with appropriate storage durations |
| LV_UNUSED.GEN | MSC13-C. Detect and remove unused values |
| MISRA.ARRAY.VAR_LENGTH.2012 | ARR32-C. Ensure size arguments for variable length arrays are in a valid range |
| MISRA.ASSIGN.COND | EXP45-C. Do not perform assignments in selection statements |
| MISRA.BITFIELD.TYPE | INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression |
| MISRA.BITS.NOT_UNSIGNED | INT13-C. Use bitwise operators only on unsigned operands |
| MISRA.BITS.NOT_UNSIGNED.PREP | INT13-C. Use bitwise operators only on unsigned operands |
| MISRA.CAST.FLOAT.INT | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| MISRA.CAST.FLOAT.WIDER | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| MISRA.CAST.FUNC_PTR.2012 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA.CAST.FUNC_PTR.2012 | DCL07-C. Include the appropriate type information in function declarators |
| MISRA.CAST.INCOMPLETE_PTR_TO_ANY.2012 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA.CAST.INT | INT02-C. Understand integer conversion rules |
| MISRA.CAST.INT_FLOAT | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| MISRA.CAST.OBJ_PTR_TO_INT.2012 | INT36-C. Converting a pointer to integer or integer to pointer |
| MISRA.CAST.OBJ_PTR_TO_NON_INT.2012 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012 | EXP39-C. Do not access a variable through a pointer of an incompatible type |
| MISRA.CAST.UNSIGNED_BITS | INT02-C. Understand integer conversion rules |
| MISRA.CONV.FLOAT | FLP34-C. Ensure that floating-point conversions are within range of the new type |
| MISRA.CONV.INT.SIGN | INT02-C. Understand integer conversion rules |
| MISRA.CVALUE.IMPL.CAST | INT02-C. Understand integer conversion rules |
| MISRA.DECL.NO_TYPE | DCL31-C. Declare identifiers before using them |
| MISRA.DEFINE.BADEXP | PRE02-C. Macro replacement lists should be parenthesized |
| MISRA.DEFINE.BADEXP | PRE10-C. Wrap multistatement macros in a do-while loop |
| MISRA.DEFINE.FUNC | PRE00-C. Prefer inline or static functions to function-like macros |
| MISRA.DEFINE.NOPARS | PRE01-C. Use parentheses within macros around parameter names |
| MISRA.DEFINE.SHARP | PRE30-C. Do not create a universal character name through concatenation |
| MISRA.DEFINE.SHARP.ORDER.2012 | PRE05-C. Understand macro replacement when concatenating tokens or performing stringification |
| MISRA.DEFINE.WRONGNAME.UNDERSCORE | DCL37-C. Do not declare or define a reserved identifier |
| MISRA.ENUM.IMPLICIT.VAL.NON_UNIQUE.2012 | INT09-C. Ensure enumeration constants map to unique values |
| MISRA.ETYPE.ASSIGN.2012 | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
| MISRA.EXPANSION.DIRECTIVE | PRE32-C. Do not use preprocessor directives in invocations of function-like macros |
| MISRA.FILE_PTR.DEREF.2012 | FIO38-C. Do not copy a FILE object |
| MISRA.FILE_PTR.DEREF.CAST.2012 | FIO38-C. Do not copy a FILE object |
| MISRA.FILE_PTR.DEREF.INDIRECT.2012 | FIO38-C. Do not copy a FILE object |
| MISRA.FILE_PTR.DEREF.RETURN.2012 | FIO38-C. Do not copy a FILE object |
| MISRA.FOR.COUNTER.FLT | FLP30-C. Do not use floating-point variables as loop counters |
| MISRA.FUNC.NO_PARAMS | DCL20-C. Explicitly specify void when a function accepts no arguments |
| MISRA.FUNC.NOPROT.CALL | DCL31-C. Declare identifiers before using them |
| MISRA.FUNC.NOPROT.DEF | DCL07-C. Include the appropriate type information in function declarators |
| MISRA.FUNC.NOPROT.DEF.2012 | DCL40-C. Do not create incompatible declarations of the same function or object |
| MISRA.FUNC.PARAMS.IDENT | DCL40-C. Do not create incompatible declarations of the same function or object |
| MISRA.FUNC.PROT_FORM.KR.2012 | DCL07-C. Include the appropriate type information in function declarators |
| MISRA.FUNC.RECUR | MEM05-C. Avoid large stack allocations |
| MISRA.FUNC.STATIC.REDECL | DCL36-C. Do not declare an identifier with conflicting linkage classifications |
| MISRA.FUNC.STATIC.REDECL | MSC40-C. Do not violate constraints |
| MISRA.FUNC.UNMATCHED.PARAMS | EXP37-C. Call functions with the correct number and type of arguments |
| MISRA.FUNC.UNUSEDRET.2012 | EXP12-C. Do not ignore values returned by functions |
| MISRA.FUNC.VARARG | DCL11-C. Understand the type issues associated with variadic functions |
| MISRA.IDENT.DISTINCT.C99.2012 | DCL23-C. Guarantee that mutually visible identifiers are unique |
| MISRA.IF.NO_COMPOUND | EXP19-C. Use braces for the body of an if, for, or while statement |
| MISRA.IF.NO_ELSE | MSC01-C. Strive for logical completeness |
| MISRA.INCGUARD | PRE06-C. Enclose header files in an include guard |
| MISRA.INCL.SIGNAL.2012 | ERR32-C. Do not rely on indeterminate values of errno |
| MISRA.INCL.SIGNAL.2012 | POS44-C. Do not use signals to terminate threads |
| MISRA.INCOMPLETE.STRUCT | MEM33-C. Allocate and copy structures containing a flexible array member dynamically |
| MISRA.INCR_DECR.OTHER | EXP30-C. Do not depend on the order of evaluation for side effects |
| MISRA.LOGIC.OPERATOR.NOT_BOOL | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| MISRA.LOGIC.SIDEEFF | EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators |
| MISRA.MEMB.FLEX_ARRAY.2012 | MEM33-C. Allocate and copy structures containing a flexible array member dynamically |
| MISRA.PPARAM.NEEDS.CONST | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
| MISRA.PTR.ARITH | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array |
| MISRA.SHIFT.RANGE.2012 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
| MISRA.SIZEOF.SIDE_EFFECT | EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic |
| MISRA.STDLIB.ATOI | ERR34-C. Detect errors when converting a string to a number |
| MISRA.STDLIB.CTYPE.RANGE.2012_AMD1 | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1 | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1 | ENV34-C. Do not store pointers returned by certain functions |
| MISRA.STDLIB.ILLEGAL_WRITE.2012_AMD1 | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES | EXP42-C. Do not compare padding data |
| MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES | FLP37-C. Do not use object representations to compare floating-point values |
| MISRA.STDLIB.SIGNAL | SIG34-C. Do not call signal() from within interruptible signal handlers |
| MISRA.STDLIB.SIGNAL | ERR32-C. Do not rely on indeterminate values of errno |
| MISRA.STDLIB.SIGNAL | CON37-C. Do not call signal() in a multithreaded program |
| MISRA.STDLIB.WRONGNAME | DCL37-C. Do not declare or define a reserved identifier |
| MISRA.STDLIB.WRONGNAME.UNDERSCORE | DCL37-C. Do not declare or define a reserved identifier |
| MISRA.STMT.NO_COMPOUND | EXP19-C. Use braces for the body of an if, for, or while statement |
| MISRA.STMT.NO_EFFECT | MSC12-C. Detect and remove code that has no effect or is never executed |
| MISRA.STRING_LITERAL.NON_CONST.2012 | STR05-C. Use pointers to const when referring to string literals |
| MISRA.SWITCH.WELL_FORMED.BREAK.2012 | MSC17-C. Finish every set of statements associated with a case label with a break statement |
| MISRA.SWITCH.WELL_FORMED.DEFAULT.2012 | MSC01-C. Strive for logical completeness |
| MISRA.TOKEN.OCTAL.ESCAPE | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| MISRA.TOKEN.OCTAL.INT | DCL18-C. Do not begin integer constants with 0 when specifying a decimal value |
| MISRA.TYPE.RESTRICT.QUAL.2012 | EXP43-C. Avoid undefined behavior when using restrict-qualified pointers |
| MISRA.UMINUS.UNSIGNED | INT02-C. Understand integer conversion rules |
| MISRA.VAR.HIDDEN | DCL01-C. Do not reuse variable names in subscopes |
| MISRA.VAR.MIN.VIS | DCL19-C. Minimize the scope of variables and functions |
| MLK.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MLK.MIGHT | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| MLK.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MLK.MUST | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| MLK.RET.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MLK.RET.MIGHT | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| MLK.RET.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| MLK.RET.MUST | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| NNTS.MIGHT | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| NNTS.MIGHT | STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string |
| NNTS.MIGHT | ARR00-C. Understand how arrays work |
| NNTS.MIGHT | STR03-C. Do not inadvertently truncate a string |
| NNTS.MUST | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| NNTS.MUST | STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string |
| NNTS.MUST | ARR00-C. Understand how arrays work |
| NNTS.MUST | STR03-C. Do not inadvertently truncate a string |
| NNTS.TAINTED | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| NNTS.TAINTED | ARR00-C. Understand how arrays work |
| NNTS.TAINTED | STR02-C. Sanitize data passed to complex subsystems |
| NPD.CHECK.CALL.MIGHT | EXP34-C. Do not dereference null pointers |
| NPD.CHECK.CALL.MUST | EXP34-C. Do not dereference null pointers |
| NPD.CHECK.MIGHT | EXP34-C. Do not dereference null pointers |
| NPD.CHECK.MUST | EXP34-C. Do not dereference null pointers |
| NPD.CHECK.MUST | ERR33-C. Detect and handle standard library errors |
| NPD.CONST.CALL | EXP34-C. Do not dereference null pointers |
| NPD.CONST.DEREF | EXP34-C. Do not dereference null pointers |
| NPD.FUNC.CALL.MIGHT | EXP34-C. Do not dereference null pointers |
| NPD.FUNC.CALL.MIGHT | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| NPD.FUNC.CALL.MUST | EXP34-C. Do not dereference null pointers |
| NPD.FUNC.MIGHT | EXP34-C. Do not dereference null pointers |
| NPD.FUNC.MUST | EXP34-C. Do not dereference null pointers |
| NPD.FUNC.MUST | ERR33-C. Detect and handle standard library errors |
| NPD.GEN.CALL.MIGHT | EXP34-C. Do not dereference null pointers |
| NPD.GEN.CALL.MUST | EXP34-C. Do not dereference null pointers |
| NPD.GEN.MIGHT | EXP34-C. Do not dereference null pointers |
| NPD.GEN.MUST | EXP34-C. Do not dereference null pointers |
| NUM.OVERFLOW | INT30-C. Ensure that unsigned integer operations do not wrap |
| NUM.OVERFLOW | INT32-C. Ensure that operations on signed integers do not result in overflow |
| NUM.OVERFLOW.DF | INT30-C. Ensure that unsigned integer operations do not wrap |
| NUM.OVERFLOW.DF | INT32-C. Ensure that operations on signed integers do not result in overflow |
| PORTING.CAST.FLTPNT | FLP36-C. Preserve precision when converting integral values to floating-point type |
| PORTING.CAST.SIZE | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| PORTING.CAST.SIZE | INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size |
| PORTING.SIGNED.CHAR | INT07-C. Use only explicitly signed or unsigned char type for numeric values |
| PORTING.STORAGE.STRUCT | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| PORTING.VAR.EFFECTS | PRE31-C. Avoid side effects in arguments to unsafe macros |
| PORTING.VAR.EFFECTS | EXP30-C. Do not depend on the order of evaluation for side effects |
| PRECISION.LOSS | INT02-C. Understand integer conversion rules |
| RETVOID.IMPLICIT | DCL31-C. Declare identifiers before using them |
| RH.LEAK | FIO42-C. Close files when they are no longer needed |
| RH.LEAK | FIO22-C. Close files before spawning processes |
| RH.LEAK | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| RH.LEAK | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| RNPD.CALL | EXP34-C. Do not dereference null pointers |
| RNPD.DEREF | EXP34-C. Do not dereference null pointers |
| SEMICOL | EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement |
| SV.BANNED.RECOMMENDED.SCANF | ERR34-C. Detect errors when converting a string to a number |
| SV.CODE_INJECTION.SHELL_EXEC | ENV33-C. Do not call system() |
| SV.DLLPRELOAD.NONABSOLUTE.DLL | FIO02-C. Canonicalize path names originating from tainted sources |
| SV.DLLPRELOAD.NONABSOLUTE.DLL | WIN00-C. Be specific when dynamically loading libraries |
| SV.DLLPRELOAD.NONABSOLUTE.EXE | WIN00-C. Be specific when dynamically loading libraries |
| SV.DLLPRELOAD.SEARCHPATH | WIN00-C. Be specific when dynamically loading libraries |
| SV.FMT_STR.BAD_SCAN_FORMAT | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD | FIO47-C. Use valid format strings |
| SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED | FIO47-C. Use valid format strings |
| SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMT_STR.PRINT_IMPROP_LENGTH | FIO47-C. Use valid format strings |
| SV.FMT_STR.PRINT_IMPROP_LENGTH | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW | FIO47-C. Use valid format strings |
| SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
| SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY | FIO47-C. Use valid format strings |
| SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
| SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD | FIO47-C. Use valid format strings |
| SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED | FIO47-C. Use valid format strings |
| SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMT_STR.SCAN_IMPROP_LENGTH | FIO47-C. Use valid format strings |
| SV.FMT_STR.SCAN_PARAMS_WRONGNUM.FEW | FIO47-C. Use valid format strings |
| SV.FMT_STR.SCAN_PARAMS_WRONGNUM.FEW | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
| SV.FMT_STR.SCAN_PARAMS_WRONGNUM.MANY | FIO47-C. Use valid format strings |
| SV.FMT_STR.SCAN_PARAMS_WRONGNUM.MANY | DCL10-C. Maintain the contract between the writer and caller of variadic functions |
| SV.FMT_STR.UNKWN_FORMAT | FIO47-C. Use valid format strings |
| SV.FMT_STR.UNKWN_FORMAT.SCAN | DCL11-C. Understand the type issues associated with variadic functions |
| SV.FMTSTR.GENERIC | FIO30-C. Exclude user input from format strings |
| SV.INCORRECT_RESOURCE_HANDLING.URH | FIO46-C. Do not access a closed file |
| SV.RVT.RETVAL_NOTTESTED | ERR33-C. Detect and handle standard library errors |
| SV.RVT.RETVAL_NOTTESTED | POS54-C. Detect and handle POSIX library errors |
| SV.RVT.RETVAL_NOTTESTED | EXP12-C. Do not ignore values returned by functions |
| SV.STRBO.BOUND_COPY.OVERFLOW | ARR00-C. Understand how arrays work |
| SV.STRBO.BOUND_COPY.UNTERM | STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string |
| SV.STRBO.BOUND_COPY.UNTERM | ARR00-C. Understand how arrays work |
| SV.STRBO.BOUND_SPRINTF | ARR00-C. Understand how arrays work |
| SV.STRBO.UNBOUND_COPY | ARR00-C. Understand how arrays work |
| SV.STRBO.UNBOUND_SPRINTF | ARR00-C. Understand how arrays work |
| SV.TAINTED.ALLOC_SIZE | MEM35-C. Allocate sufficient memory for an object |
| SV.TAINTED.ALLOC_SIZE | ARR00-C. Understand how arrays work |
| SV.TAINTED.ALLOC_SIZE | INT04-C. Enforce limits on integer values originating from tainted sources |
| SV.TAINTED.BINOP | INT04-C. Enforce limits on integer values originating from tainted sources |
| SV.TAINTED.CALL.BINOP | INT04-C. Enforce limits on integer values originating from tainted sources |
| SV.TAINTED.CALL.INDEX_ACCESS | ARR00-C. Understand how arrays work |
| SV.TAINTED.CALL.INDEX_ACCESS | INT04-C. Enforce limits on integer values originating from tainted sources |
| SV.TAINTED.CALL.LOOP_BOUND | ARR00-C. Understand how arrays work |
| SV.TAINTED.CALL.LOOP_BOUND | INT04-C. Enforce limits on integer values originating from tainted sources |
| SV.TAINTED.FMTSTR | FIO30-C. Exclude user input from format strings |
| SV.TAINTED.INDEX_ACCESS | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| SV.TAINTED.INDEX_ACCESS | ARR00-C. Understand how arrays work |
| SV.TAINTED.INDEX_ACCESS | INT04-C. Enforce limits on integer values originating from tainted sources |
| SV.TAINTED.INJECTION | STR02-C. Sanitize data passed to complex subsystems |
| SV.TAINTED.LOOP_BOUND | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| SV.TAINTED.LOOP_BOUND | ARR00-C. Understand how arrays work |
| SV.TAINTED.LOOP_BOUND | INT04-C. Enforce limits on integer values originating from tainted sources |
| SV.TOCTOU.FILE_ACCESS | FIO45-C. Avoid TOCTOU race conditions while accessing files |
| SV.TOCTOU.FILE_ACCESS | POS35-C. Avoid race conditions while checking for the existence of a symbolic link |
| SV.TOCTOU.FILE_ACCESS | FIO01-C. Be careful using functions that use file names for identification |
| SV.TOCTOU.FILE_ACCESS | FIO02-C. Canonicalize path names originating from tainted sources |
| SV.UNBOUND_STRING_INPUT.CIN | ARR00-C. Understand how arrays work |
| SV.UNBOUND_STRING_INPUT.FUNC | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator |
| SV.UNBOUND_STRING_INPUT.FUNC | ARR00-C. Understand how arrays work |
| SV.USAGERULES.PERMISSIONS | POS36-C. Observe correct revocation order while relinquishing privileges |
| SV.USAGERULES.PERMISSIONS | POS37-C. Ensure that privilege relinquishment is successful |
| SV.USAGERULES.PERMISSIONS | POS02-C. Follow the principle of least privilege |
| UFM.DEREF.MIGHT | MEM30-C. Do not access freed memory |
| UFM.DEREF.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UFM.DEREF.MUST | MEM30-C. Do not access freed memory |
| UFM.DEREF.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UFM.FFM.MIGHT | MEM30-C. Do not access freed memory |
| UFM.FFM.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UFM.FFM.MUST | MEM30-C. Do not access freed memory |
| UFM.FFM.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UFM.RETURN.MIGHT | MEM30-C. Do not access freed memory |
| UFM.RETURN.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UFM.RETURN.MUST | MEM30-C. Do not access freed memory |
| UFM.RETURN.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UFM.USE.MIGHT | MEM30-C. Do not access freed memory |
| UFM.USE.MIGHT | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UFM.USE.MUST | MEM30-C. Do not access freed memory |
| UFM.USE.MUST | MEM00-C. Allocate and free memory in the same module, at the same level of abstraction |
| UNINIT.HEAP.MIGHT | EXP33-C. Do not read uninitialized memory |
| UNINIT.HEAP.MUST | EXP33-C. Do not read uninitialized memory |
| UNINIT.STACK.ARRAY.MIGHT | EXP33-C. Do not read uninitialized memory |
| UNINIT.STACK.ARRAY.MUST | EXP33-C. Do not read uninitialized memory |
| UNINIT.STACK.ARRAY.PARTIAL.MUST | EXP33-C. Do not read uninitialized memory |
| UNINIT.STACK.MIGHT | EXP33-C. Do not read uninitialized memory |
| UNINIT.STACK.MUST | EXP33-C. Do not read uninitialized memory |
| UNREACH.ENUM | MSC07-C. Detect and remove dead code |
| UNREACH.ENUM | MSC12-C. Detect and remove code that has no effect or is never executed |
| UNREACH.GEN | MSC07-C. Detect and remove dead code |
| UNREACH.GEN | MSC12-C. Detect and remove code that has no effect or is never executed |
| UNREACH.RETURN | MSC07-C. Detect and remove dead code |
| UNREACH.RETURN | MSC12-C. Detect and remove code that has no effect or is never executed |
| UNREACH.SIZEOF | MSC07-C. Detect and remove dead code |
| UNREACH.SIZEOF | MSC12-C. Detect and remove code that has no effect or is never executed |
| VA.LIST.INDETERMINATE | MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value |
| VA_UNUSED.GEN | MSC12-C. Detect and remove code that has no effect or is never executed |
| VA_UNUSED.GEN | MSC13-C. Detect and remove unused values |
| VA_UNUSED.INIT | MSC12-C. Detect and remove code that has no effect or is never executed |
| VA_UNUSED.INIT | MSC13-C. Detect and remove unused values |