GitHub
CERT Secure Coding

SonarQube C/C++ Plugin

This page was automatically generated and should not be edited.

The information on this page was provided by outside contributors and has not been verified by SEI CERT.

The table below can be re-ordered, by clicking column headers.

Tool Version: 3.11

CheckerGuideline
AssignmentInSubExpressionEXP45-C. Do not perform assignments in selection statements
ElseIfWithoutElseMSC01-C. Strive for logical completeness
IdentifierLongerThan31DCL23-C. Guarantee that mutually visible identifiers are unique
IncAndDecMixedWithOtherOperatorsEXP30-C. Do not depend on the order of evaluation for side effects
LiteralSuffixDCL16-C. Use "L," not "l," to indicate a long value
NarrowAndWideStringConcatSTR10-C. Do not concatenate different type of string literals
NonEmptyCaseWithoutBreakMSC17-C. Finish every set of statements associated with a case label with a break statement
OctalConstantAndSequenceDCL18-C. Do not begin integer constants with 0 when specifying a decimal value
S121EXP19-C. Use braces for the body of an if, for, or while statement
S810STR00-C. Represent characters using an appropriate type
S810STR04-C. Use plain char for characters in the basic character set
S814INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression
S819DCL31-C. Declare identifiers before using them
S819DCL07-C. Include the appropriate type information in function declarators
S820DCL31-C. Declare identifiers before using them
S820INT07-C. Use only explicitly signed or unsigned char type for numeric values
S834ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer
S864EXP00-C. Use parentheses for precedence of operation
S874INT13-C. Use bitwise operators only on unsigned operands
S929DCL20-C. Explicitly specify void when a function accepts no arguments
S930EXP37-C. Call functions with the correct number and type of arguments
S930DCL07-C. Include the appropriate type information in function declarators
S935MSC37-C. Ensure that control never reaches the end of a non-void function
S960PRE00-C. Prefer inline or static functions to function-like macros
S973MSC00-C. Compile cleanly at high warning levels
S978DCL37-C. Do not declare or define a reserved identifier
S982MSC22-C. Use the setjmp(), longjmp() facility securely
S989ERR34-C. Detect errors when converting a string to a number
S990ENV33-C. Do not call system()
S1036MSC20-C. Do not use a switch statement to transfer control into a complex block
S1065MSC12-C. Detect and remove code that has no effect or is never executed
S1116EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement
S1116MSC12-C. Detect and remove code that has no effect or is never executed
S1172MSC12-C. Detect and remove code that has no effect or is never executed
S1578MSC09-C. Character encoding: Use subset of ASCII for safety
S1656MSC12-C. Detect and remove code that has no effect or is never executed
S1751MSC07-C. Detect and remove dead code
S1751MSC12-C. Detect and remove code that has no effect or is never executed
S1762MSC00-C. Compile cleanly at high warning levels
S1763MSC07-C. Detect and remove dead code
S1763MSC12-C. Detect and remove code that has no effect or is never executed
S1764MSC12-C. Detect and remove code that has no effect or is never executed
S1767INT36-C. Converting a pointer to integer or integer to pointer
S1836EXP43-C. Avoid undefined behavior when using restrict-qualified pointers
S1854MSC13-C. Detect and remove unused values
S1862MSC12-C. Detect and remove code that has no effect or is never executed
S2095FIO42-C. Close files when they are no longer needed
S2193FLP30-C. Do not use floating-point variables as loop counters
S2259EXP34-C. Do not dereference null pointers
S2583MSC12-C. Detect and remove code that has no effect or is never executed
S2589MSC12-C. Detect and remove code that has no effect or is never executed
S2754MSC12-C. Detect and remove code that has no effect or is never executed
S3518INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors
S3584MEM31-C. Free dynamically allocated memory when no longer needed
S3588FIO46-C. Do not access a closed file
SideEffectInRightHandSideOfLogicalEXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators
SingleDeclarationPerStatementDCL04-C. Do not declare more than one variable per declaration
SwitchWithoutDefaultMSC01-C. Strive for logical completeness
TrigraphUsagePRE07-C. Avoid using repeated question marks