Rosecheckers Code
These checkers enforce the CERT C Secure Coding rules, and are freely available from Rosecheckers Github project . For questions regarding the CERT ROSE checkers, contact info@sei.cmu.edu .
Getting Rosecheckers code from source or container
You can get the rosecheckers code from source or a container from Rosecheckers Github project .
Follow the instructions on the Readme of that project site.
Secure Coding Rules Enforced by Rosecheckers
The SEI CERT C Secure Coding Standard is freely available.
Here is a breakdown of how thoroughly Rosecheckers enforces the C Secure Coding Rules and Recommendations:
| Complete | 57 | Rosecheckers catches all violations of these rules |
| Partial | 45 | Rosecheckers catches some, but not all violations of these rules |
| false-positive | 9 | These rules could be checked by Rosecheckers, but they will also catch some false positives. |
| Potential | 29 | These rules are not checked by Rosecheckers, but could be |
| Undoable | 32 | These rules could not be checked by Rosecheckers due to various limitations in ROSE. |
| Unenforceable | 48 | These rules could not be checked by any tool that relies purely on unaided static analysis. |
| TOTAL | 220 |
Attachments:
c_rules.zip (application/zip)