[{"data":1,"prerenderedAt":3069},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhow-this-coding-standard-is-organized":28,"surround-\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhow-this-coding-standard-is-organized":1261,"sidebar-sei-cert-c-coding-standard":1270},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":1248,"extension":1249,"meta":1250,"navigation":7,"path":1257,"seo":1258,"stem":1259,"__hash__":1260},"content\u002F4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F03.how-this-coding-standard-is-organized.md","How this Coding Standard is Organized",{"type":32,"value":33,"toc":1235},"minimark",[34,38,51,54,59,62,110,113,119,122,173,177,180,183,187,195,206,217,225,228,245,335,339,342,346,349,361,368,432,443,482,488,494,497,500,503,510,555,570,578,666,669,675,678,682,696,699,710,713,717,726,729,733,736,745,792,800,808,834,837,840,843,846,857,920,923,931,944,951,966,989,1016,1032,1035,1039,1042,1045,1051,1060,1068,1077,1083,1086,1089,1112,1115,1118,1123,1128,1133,1138,1143,1148,1153,1158,1163,1168,1172,1175,1179,1231],[35,36,30],"h1",{"id":37},"how-this-coding-standard-is-organized",[39,40,41,42,47,48,50],"p",{},"This coding standard is organized into 15 chapters containing rules in specific topic areas followed by four appendices. Appendix A contains the bibliography. Appendix B lists the definitions of terms used throughout the standard. Appendix C lists the undefined behaviors from the C Standard, Annex J, J.2 [ ",[43,44,46],"a",{"href":45},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO\u002FIEC9899-2011","ISO\u002FIEC 9899:2011"," ], numbered and classified for easy reference. These numbered undefined behaviors are referenced frequently from the rules. Appendix D lists unspecified behaviors from the C Standard, Annex J, J.2 [ ",[43,49,46],{"href":45}," ]. These unspecified behaviors are occasionally referenced from the rules as well.",[39,52,53],{},"Most rules have a consistent structure. Each rule in this standard has a unique identifier, which is included in the title. The title and the introductory paragraphs define the rule and are typically followed by one or more pairs of noncompliant code examples and compliant solutions. Each rule also includes a risk assessment, related guidelines, and a bibliography (where applicable). Rules may also include a table of related vulnerabilities. The recommendations in this wiki are organized in a similar fashion.",[55,56,58],"h2",{"id":57},"identifiers","Identifiers",[39,60,61],{},"Each rule and recommendation is given a unique identifier. These identifiers consist of three parts:",[63,64,65,69,72],"ul",{},[66,67,68],"li",{},"A three-letter mnemonic representing the section of the standard",[66,70,71],{},"A two-digit numeric value in the range of 00 to 99",[66,73,74,75],{},"A suffix that represents the associated language or platform.\n",[63,76,77,86,94,102],{},[66,78,79,80],{},"\"-C\" for the ",[43,81,85],{"href":82,"rel":83},"https:\u002F\u002Fsecurecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fc",[84],"nofollow","SEI CERT C Coding Standard",[66,87,88,89],{},"\"-CPP\" for the ",[43,90,93],{"href":91,"rel":92},"https:\u002F\u002Fsecurecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fcplusplus",[84],"SEI CERT C++ Coding Standard",[66,95,96,97],{},"\"-J\" for the ",[43,98,101],{"href":99,"rel":100},"https:\u002F\u002Fsecurecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fjava",[84],"SEI CERT Oracle Coding Standard for Java",[66,103,104,105],{},"\"-PL\" for the ",[43,106,109],{"href":107,"rel":108},"https:\u002F\u002Fsecurecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fperl",[84],"SEI CERT Perl Coding Standard",[39,111,112],{},"The three-letter mnemonic can be used to group similar coding practices and to indicate which category a coding practice belongs to.",[39,114,115,116,118],{},"The numeric value is used to give each coding practice a unique identifier. Numeric values in the range of 00 to 29 are reserved for recommendations, and values in the range of 30 to 99 are reserved for rules. (The values used for the ",[43,117,93],{"href":20}," are different.) Rules and recommendations are frequently referenced from the guidelines in this standard by their identifier and title.",[39,120,121],{},"Here are some example identifiers with an explanation of each:",[63,123,124,141,157],{},[66,125,126,127],{},"INT50-CPP Do not cast to an out-of-range enumeration value\n",[63,128,129,132,135,138],{},[66,130,131],{},"This identifier indicates a rule",[66,133,134],{},"“INT” stands for the Integer category",[66,136,137],{},"“50” is the unique identifier",[66,139,140],{},"“-CPP” stands for the C++ language",[66,142,143,144],{},"EXP00-J Do not ignore values returned by methods\n",[63,145,146,148,151,154],{},[66,147,131],{},[66,149,150],{},"“EXP” stands for the Expressions category",[66,152,153],{},"“00” is the unique identifier",[66,155,156],{},"“-J” stands for the Java language",[66,158,159,160],{},"FLP00-C. Understand the limitations of floating-point numbers\n",[63,161,162,165,168,170],{},[66,163,164],{},"This identifier indicates a recommendation",[66,166,167],{},"“FLP” stands for the Floating Point category",[66,169,153],{},[66,171,172],{},"“-C” stands for the C programming language",[55,174,176],{"id":175},"noncompliant-code-examples-and-compliant-solutions","Noncompliant Code Examples and Compliant Solutions",[39,178,179],{},"Noncompliant code examples illustrate code that violates the guideline under discussion. It is important to note that these are only examples, and eliminating all occurrences of the example does not necessarily mean that the code being analyzed is now compliant with the guideline.",[39,181,182],{},"Noncompliant code examples are typically followed by compliant solutions, which show how the noncompliant code example can be recoded in a secure, compliant manner. Except where noted, noncompliant code examples should contain violations only of the guideline under discussion. Compliant solutions should comply with all of the secure coding rules but may on occasion fail to comply with a recommendation.",[55,184,186],{"id":185},"coding-conventions","Coding Conventions",[39,188,189,190,194],{},"Unless otherwise specified, all code should compile on a reasonably modern compiler, when it is following compliance with the standard. For example, you can require GCC to conform to the C11 standard with the parameter ",[191,192,193],"code",{},"--std=c11"," .",[39,196,197,198,202,203,194],{},"Code that is only expected to run on a particular subset of platforms should have those platforms mentioned in the code's section header, e.g.: ",[199,200,201],"em",{},"Compliant Solution (POSIX)"," . Likewise, code that is only expected to run on more modern versions of C should indicate the oldest standard that supports them, e.g.: ",[199,204,205],{},"Compliant Solution (C99)",[39,207,208,209,212,213,216],{},"In order to compile the code, you will need to include appropriate header files. For example, if the code invokes ",[191,210,211],{},"malloc()"," , you may need to include the ",[191,214,215],{},"stdlib.h"," header.",[39,218,219,220,224],{},"Many coding examples must lead with some variables initialized to valid values. If any code example (compliant or non-compliant) requires a local variable to be initialized with an unspecified but valid value, then that code should be wrapped inside a function that takes the variable as a function argument. Consequently, unless otherwise noted, function arguments should be assumed to point to valid values. For example, character pointers should not be NULL, but rather point to valid null-terminated byte strings.  Checking that function arguments are valid is important, and is described in detail in recommendation ",[43,221,223],{"href":222},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi00-c","API00-C. Functions should validate their parameters"," . However, the code involved with checking argument validity would be redundant across all code examples, and so function arguments in these code examples are not validated.",[39,226,227],{},"Many code examples will contain ellipsis in comments. This indicates that the comment may be replaced by arbitrary code that satisfies the comment. A comment with only ellipsis suggests that the code may do anything.",[39,229,230,231,235,236,240,241,244],{},"Proper error handling is a controversial subject, and many applications and libraries provide their own idiosyncratic error handling mechanisms. See ",[43,232,234],{"href":233},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002F","Rule 12. Error Handling (ERR)"," and ",[43,237,239],{"href":238},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002F","Rec. 12. Error Handling (ERR)"," for our guidelines on handling errors. When our code detects that an error condition might have occurred, and handling that error condition is not endemic to the guideline itself, we will use the comment: ",[191,242,243],{}," \u002F* Handle Error *\u002F "," . This comment implies that the error is somehow addressed, so that the code does not fall through. The code may abort, or fix the error somehow. For example:",[246,247,249],"code-block",{"quality":248},"good",[250,251,256],"pre",{"className":252,"code":253,"language":254,"meta":255,"style":255},"language-c shiki shiki-themes github-light github-dark monokai","char *str = malloc(10);\nif (str == NULL) {\n \u002F* Handle Error *\u002F\n}\n\n\u002F* ... str can not be NULL here. Work with str... *\u002F\n","c","",[191,257,258,292,310,317,323,329],{"__ignoreMap":255},[259,260,263,267,271,275,278,282,285,289],"span",{"class":261,"line":262},"line",1,[259,264,266],{"class":265},"sq6CD","char",[259,268,270],{"class":269},"sC2Qs"," *",[259,272,274],{"class":273},"sMOD_","str ",[259,276,277],{"class":269},"=",[259,279,281],{"class":280},"srTi1"," malloc",[259,283,284],{"class":273},"(",[259,286,288],{"class":287},"s7F3e","10",[259,290,291],{"class":273},");\n",[259,293,295,298,301,304,307],{"class":261,"line":294},2,[259,296,297],{"class":269},"if",[259,299,300],{"class":273}," (str ",[259,302,303],{"class":269},"==",[259,305,306],{"class":287}," NULL",[259,308,309],{"class":273},") {\n",[259,311,313],{"class":261,"line":312},3,[259,314,316],{"class":315},"s8-w5"," \u002F* Handle Error *\u002F\n",[259,318,320],{"class":261,"line":319},4,[259,321,322],{"class":273},"}\n",[259,324,326],{"class":261,"line":325},5,[259,327,328],{"emptyLinePlaceholder":7},"\n",[259,330,332],{"class":261,"line":331},6,[259,333,334],{"class":315},"\u002F* ... str can not be NULL here. Work with str... *\u002F\n",[55,336,338],{"id":337},"exceptions","Exceptions",[39,340,341],{},"Any rule or recommendation may specify a small set of exceptions detailing the circumstances under which the guideline is not necessary to ensure the safety, reliability, or security of software. Exceptions are informative only and are not required to be followed. Exceptions",[55,343,345],{"id":344},"risk-assessment","Risk Assessment",[39,347,348],{},"Each guideline in the CERT C Coding Standard contains a risk assessment section that attempts to provide software developers with an indication of the potential consequences of not addressing a particular rule or recommendation in their code (along with some indication of expected remediation costs). This information may be used to prioritize the repair of rule violations by a development team. The metric is designed primarily for remediation projects. It is generally assumed that new code will be developed to be compliant with the entire coding standard and applicable recommendations.",[39,350,351,352,355,356,360],{},"Each rule and recommendation has an assigned ",[199,353,354],{},"priority"," . Priorities are assigned using a metric based on Failure Mode, Effects, and Criticality Analysis (FMECA) [ ",[43,357,359],{"href":358},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-IEC608122006","IEC 60812"," ]. Three values are assigned for each rule on a scale of 1 to 3 for severity, likelihood, and remediation cost.",[39,362,363,367],{},[364,365,366],"strong",{},"Severity"," —How serious are the consequences of the rule being ignored?",[369,370,371,384],"table",{},[372,373,374],"thead",{},[375,376,377,380,382],"tr",{},[378,379],"th",{},[378,381],{},[378,383],{},[385,386,387,399,410,421],"tbody",{},[375,388,389,393,396],{},[390,391,392],"td",{},"Value",[390,394,395],{},"Meaning",[390,397,398],{},"Examples of Vulnerability",[375,400,401,404,407],{},[390,402,403],{},"1",[390,405,406],{},"Low",[390,408,409],{},"Denial-of-service attack, abnormal termination",[375,411,412,415,418],{},[390,413,414],{},"2",[390,416,417],{},"Medium",[390,419,420],{},"Data integrity violation, unintentional information disclosure",[375,422,423,426,429],{},[390,424,425],{},"3",[390,427,428],{},"High",[390,430,431],{},"Run arbitrary code",[39,433,434,437,438,442],{},[364,435,436],{},"Likelihood"," —How likely is it that a ",[43,439,441],{"href":440},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-securityflaw","flaw"," introduced by violating the rule can lead to an exploitable vulnerability?",[369,444,445,453],{},[372,446,447],{},[375,448,449,451],{},[378,450],{},[378,452],{},[385,454,455,461,468,475],{},[375,456,457,459],{},[390,458,392],{},[390,460,395],{},[375,462,463,465],{},[390,464,403],{},[390,466,467],{},"Unlikely",[375,469,470,472],{},[390,471,414],{},[390,473,474],{},"Probable",[375,476,477,479],{},[390,478,425],{},[390,480,481],{},"Likely",[39,483,484,487],{},[364,485,486],{},"Detectable"," —Can a static analysis tool automatically determine if code violates this guideline with high accuracy and precision?",[39,489,490,493],{},[364,491,492],{},"Repairable"," —Can an automated repair tool reliably fix an alert by making local changes, and can the repair be guaranteed not to break the code even if the alert is a false positive? (There might exist a small set of cases that the tool cannot repair, but the tool can reliably identify these cases.)",[39,495,496],{},"In the context of automated repair, the phrase \"break the code\" requires more elaboration.  We posit that noncompliant and un-repaired code currently works for some subset of inputs, which we would deem \"expected inputs\".  To be noncompliant, there must also exist \"unexpected inputs\" that trigger the noncompliant code to do something unintended.  This might be undefined behavior or simply unexpected or counter-intuitive behavior, such as producing an inaccurate mathematical result.  For a repair to not break the code, the repaired code must exhibit the same behavior for all the expected inputs and only change behavior for some or all of the unexpected inputs.  The changed behavior could be to signal an error condition, using whatever error-handling mechanism the code has adopted.",[39,498,499],{},"This definition of a repair differs from a refactor, which we define as a modification of the code that changes no behavior.  That is, the refactored code behaves on both expected and unexpected inputs the same as the un-refactored code.  If code can be automatically refactored to comply with a rule without changing its behavior on any inputs, that rule is automatically repairable (even though any such modification would be a refactor rather than a repair).",[39,501,502],{},"An automated repair tool does not need to know the developer's intent of any lines of code when repairing them.  But it can be informed about idiosyncratic general details about the source code's conventions. One example would be whether assertions are disabled in production code. Knowing of such details is necessary if the repair tool must make code changes involving assertions.",[39,504,505,506,509],{},"The Detectable and Repairable questions are combined into a single ",[364,507,508],{},"Remediation Cost"," metric value that ranges from 1 to 3,",[369,511,512,522],{},[372,513,514],{},[375,515,516,518,520],{},[378,517],{},[378,519],{},[378,521],{},[385,523,524,534,545],{},[375,525,526,529,532],{},[390,527,528],{},"Automatically...",[390,530,531],{},"Not Repairable",[390,533,492],{},[375,535,536,541,543],{},[390,537,538],{},[364,539,540],{},"Not Detectable",[390,542,403],{},[390,544,414],{},[375,546,547,551,553],{},[390,548,549],{},[364,550,486],{},[390,552,414],{},[390,554,425],{},[39,556,557,558,561,562,565,566,569],{},"This Remediation Cost metric value, along with the Priority and Severity values are then multiplied together for each rule. This product provides a measure that can be used in prioritizing the application of the rules. The products range from 1 to 27, although only the following 10 distinct values are possible: 1, 2, 3, 4, 6, 8, 9, 12, 18, and 27. Rules and recommendations with a priority in the range of 1 to 4 are ",[364,559,560],{},"Level 3"," rules, 6 to 9 are ",[364,563,564],{},"Level 2"," , and 12 to 27 are ",[364,567,568],{},"Level 1"," . The following are possible interpretations of the priorities and levels.",[39,571,572,235,575],{},[364,573,574],{},"Priorities",[364,576,577],{},"Levels",[369,579,580,590],{},[372,581,582],{},[375,583,584,586,588],{},[378,585],{},[378,587],{},[378,589],{},[385,591,592,602,624,645],{},[375,593,594,597,599],{},[390,595,596],{},"Level",[390,598,574],{},[390,600,601],{},"Possible Interpretation",[375,603,604,609,621],{},[390,605,606],{},[364,607,608],{},"L1",[390,610,611,614,615,614,618],{},[364,612,613],{},"12"," , ",[364,616,617],{},"18",[364,619,620],{},"27",[390,622,623],{},"High severity, likely, inexpensive to repair",[375,625,626,631,642],{},[390,627,628],{},[364,629,630],{},"L2",[390,632,633,614,636,614,639],{},[364,634,635],{},"6",[364,637,638],{},"8",[364,640,641],{},"9",[390,643,644],{},"Medium severity, probable, medium cost to repair",[375,646,647,652,663],{},[390,648,649],{},[364,650,651],{},"L3",[390,653,654,614,656,614,658,614,660],{},[364,655,403],{},[364,657,414],{},[364,659,425],{},[364,661,662],{},"4",[390,664,665],{},"Low severity, unlikely, expensive to repair",[39,667,668],{},"Specific projects may begin remediation by implementing all rules at a particular level before proceeding to the lower priority rules, as shown in the following illustration:",[39,670,671],{},[672,673],"img",{"alt":255,"src":674},"attachments\u002F87152408\u002F88022625.png",[39,676,677],{},"Recommendations are not compulsory and are provided for information purposes only.",[55,679,681],{"id":680},"automated-detection","Automated Detection",[39,683,684,685,690,691,695],{},"Both rules and recommendations frequently have sections that describe automated detection. These sections provide additional information on analyzers that can automatically diagnose violations of coding guidelines. Most automated analyses for the C programming language are neither sound nor complete, so the inclusion of a tool in this section typically means that the tool can diagnose some violations of this particular rule. The ",[43,686,689],{"href":687,"rel":688},"https:\u002F\u002Fgithub.com\u002FSEI-CERT\u002Fscvs",[84],"Secure Coding Validation Suite"," can be used to test the ability of analyzers to diagnose violations of rules from ",[43,692,694],{"href":693},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO\u002FIECTS17961-2013","ISO\u002FIEC TS 17961:2013"," , which is related to the rules in this standard.",[39,697,698],{},"The information in the automated detection sections on this wiki may be",[63,700,701,704,707],{},[66,702,703],{},"provided by the vendors",[66,705,706],{},"determined by CERT by informally evaluating the analyzer",[66,708,709],{},"determined by CERT by reviewing the vendor documentation",[39,711,712],{},"Where possible, we try to reference the exact version of the tool for which the results were obtained. Because these tools evolve continuously, this information can rapidly become dated and obsolete.",[55,714,716],{"id":715},"related-vulnerabilities","Related Vulnerabilities",[39,718,719,720,725],{},"The risk assessment sections on the wiki also contain a link to search for related vulnerabilities on the CERT website. Whenever possible, CERT Vulnerability Notes are tagged with a keyword corresponding to the unique ID of the coding guideline. This search provides you with an up-to-date list of real-world vulnerabilities that have been determined to be at least partially caused by a violation of this specific guideline. These vulnerabilities are labeled as such only when the ",[43,721,724],{"href":722,"rel":723},"http:\u002F\u002Fwww.cert.org\u002Fvuls\u002F",[84],"vulnerability analysis team"," at the CERT\u002FCC is able to evaluate the source code and precisely determine the cause of the vulnerability. Because many vulnerability notes refer to vulnerabilities in closed-source software systems, it is not always possible to provide this additional analysis. Consequently, the related vulnerabilities field tends to be somewhat sparsely populated.",[39,727,728],{},"Related vulnerability sections are included only for specific rules in this standard, when the information is both relevant and interesting.",[55,730,732],{"id":731},"related-guidelines","Related Guidelines",[39,734,735],{},"For each entry in a Related Guidelines table, CERT has determined that there is some code flaw for which there is both a violation of some condition of the CERT guideline and a condition of the external-to-CERT guideline, where that condition is violated or that condition is described as a flaw.",[39,737,738],{},[364,739,740,741],{},"Related Guidelines Table headings ",[742,743,744],"u",{},"definitions",[63,746,747],{},[66,748,749,752,753,756,757,761,762,765,766,756,769,761,775,756,778,784,785,791],{},[364,750,751],{},"Taxonomy"," : A named set of coding rules, weaknesses, standards, or guidelines such as ",[199,754,755],{},"Information Technology—Programming Languages, Their Environments and System Software Interfaces—C Secure Coding Rules"," [ ",[43,758,759],{"href":693},[742,760,694],{}," ]; ",[199,763,764],{},"Information Technology—Programming Languages"," ",[199,767,768],{},"—Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use",[43,770,772],{"href":771},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO\u002FIECTR24772-2013",[742,773,774],{},"ISO\u002FIEC TR 24772:2013",[199,776,777],{},"MISRA C 2012: Guidelines for the Use of the C Language in Critical Systems",[43,779,781],{"href":780},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-MISRA12",[742,782,783],{},"MISRA C:2012"," ]; and CWE IDs in MITRE’s Common Weakness Enumeration (CWE) [ ",[43,786,788],{"href":787},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-MITRE",[742,789,790],{},"MITRE 2010"," ].",[63,793,794],{},[66,795,796,799],{},[364,797,798],{},"Taxonomy item"," : A single named (and\u002For numbered) item in a taxonomy",[63,801,802],{},[66,803,804,807],{},[364,805,806],{},"Relationship:"," For each entry in a Related Guidelines table, CERT has determined that there is some code flaw for which there is both a violation of some condition of the CERT guideline and a condition of the external-to-CERT guideline, where that condition is violated or that condition is described as a flaw.",[39,809,810,811,818,819,826,827,833],{},"These relationships may be defined in a precise or imprecise way. For ",[43,812,815],{"href":813,"rel":814},"https:\u002F\u002Fcwe.mitre.org\u002F",[84],[742,816,817],{},"Common Weakness Enumeration (CWE)"," , CERT has made precise mappings between CERT C rules and CWEs, as described below. For other taxonomies of coding flaws or secure coding (such as ",[43,820,823],{"href":821,"rel":822},"https:\u002F\u002Fwww.misra.org.uk\u002F",[84],[742,824,825],{},"MISRA"," or ",[43,828,831],{"href":829,"rel":830},"https:\u002F\u002Fwww.iso.org\u002Fstandard\u002F61457.html",[84],[742,832,774],{}," ), so far, CERT has made only imprecise (“Unspecified Relationship”) mappings. An “Unspecified Relationship” label indicates there is some overlapping code flaw condition, but the extent is unspecified.",[39,835,836],{},"If the mapping was made using an automated process developed by CERT, and not yet verified manually, the mapping is marked at the end with “(A)”.",[39,838,839],{},"Precise relationships explain more about the extent to which conditions of the CERT guideline and external guideline match.",[39,841,842],{},"In the simplest case, the guidelines are exactly equal (the relationship is labelled “Exact”). CERT's “partial mapping” terms {“Partial overlap”, “Guideline subset of \u003CEXTERNAL_GUIDELINE>”, “\u003CEXTERNAL_ GUIDELINE > subset of rule”} describe relationships between the guideline items using the language of sets, where the guideline item (a CERT guideline or an \u003CEXTERNAL_ GUIDELINE> entry) is a set that holds one or more conditions. By subset we mean a proper subset, that “A ⊂ B”  means every element (meaning, every condition) in A is also in B, but there exists at least one element in B that is not in A. If a condition of a program violates a CERT rule “R” and also exhibits an \u003CEXTERNAL_ GUIDELINE> “E”, that condition is in the overlap between “R” and “E”.",[39,844,845],{},"For each CWE that has a partial mapping to a CERT rule, we have documented the nature of what the rule and CWE have in common, what is exclusive to the rule, and what is exclusive to the CWE, in a section titled “CERT-CWE Mapping Notes”.",[39,847,848,849,856],{},"The 10 main precise relationship labels CERT uses are mostly the same as the 10 ",[43,850,853],{"href":851,"rel":852},"https:\u002F\u002Fcwe.mitre.org\u002Fdocuments\u002Fmapping_analysis\u002Findex.html",[84],[742,854,855],{},"CWE Mapping Fit relationship labels"," , with 3 different labels.",[369,858,859,867],{},[372,860,861],{},[375,862,863,865],{},[378,864],{},[378,866],{},[385,868,869,880,896,904,912],{},[375,870,871,878],{},[390,872,873],{},[364,874,875],{},[742,876,877],{},"Different but related terms:",[390,879],{},[375,881,882,889],{},[390,883,884],{},[364,885,886],{},[742,887,888],{},"CERT term",[390,890,891],{},[364,892,893],{},[742,894,895],{},"MITRE term",[375,897,898,901],{},[390,899,900],{},"Rule subset of CWE",[390,902,903],{},"CWE_More_Abstract",[375,905,906,909],{},[390,907,908],{},"CWE subset of rule",[390,910,911],{},"CWE_More_Specific",[375,913,914,917],{},[390,915,916],{},"Partial overlap",[390,918,919],{},"Imprecise",[39,921,922],{},"An 11th label \"None\" is specified in cases where previous mappings existed but it has been determined  that there is no overlap of conditions.",[39,924,925],{},[364,926,927,928],{},"Table column ",[742,929,930],{},"formats:",[63,932,933,938],{},[66,934,935,937],{},[364,936,751],{}," : Taxonomy name (e.g., “CWE”) followed by version name that was mapped, if that is known (e.g., “CWE 2.11”, “CERT 2016”, or “MISRA”)",[66,939,940,943],{},[364,941,942],{},"Taxonomy item:"," A single named (and\u002For numbered) item in a taxonomy, sometimes with the full title text of the item and sometimes with a hyperlink to the item.",[63,945,946],{},[66,947,948,950],{},[364,949,806],{}," A combined entry with fields for date mapped, organization that did the mapping, and relationship (all in same cell for one mapping, separated by a colon, with one entry per line): \u003C(Optional “Prior to ”)YYYY-MM-DD: ORGANIZATION: RELATIONSHIP(Optional “(A)”)>.  Where specified by mapping day, precise mappings done by CERT use the latest published edition of a non-CERT taxonomy along with the latest published edition of the CERT standard plus changes on the CERT wiki. Precise mappings done by an external organization use the latest published edition of the CERT standard and their own latest published edition. Examples below:",[63,952,953],{},[66,954,955],{},[63,956,957],{},[66,958,959,960,765,963],{},"Example entries below, in the same cell on different lines: ",[191,961,962],{}," 2017-10-31: CERT: CERT Subset of CWE ",[191,964,965],{}," 2017-05-04: CWE: Exact ",[63,967,968],{},[66,969,970],{},[63,971,972,981],{},[66,973,974,975,978],{},"Example entry for a different mapping, where the exact mapping date is unknown but is known to be before October 03, 2017:",[976,977],"br",{},[191,979,980],{}," Prior to 2017-10-03: CERT: Unspecified Relationship ",[66,982,983,984,986],{},"Example entry for a different mapping that was made using an automated process and not yet manually verified:",[976,985],{},[191,987,988],{}," Prior to 2017-09-05: CERT: Unspecified Relationship (A) ",[39,990,991,992,756,994,761,998,765,1000,756,1002,761,1006,756,1008,784,1012,791],{},"The related guidelines sections contain links to guidelines in related standards, technical specifications, and guideline collections such as ",[199,993,755],{},[43,995,996],{"href":693},[742,997,694],{},[199,999,764],{},[199,1001,768],{},[43,1003,1004],{"href":771},[742,1005,774],{},[199,1007,777],{},[43,1009,1010],{"href":780},[742,1011,783],{},[43,1013,1014],{"href":787},[742,1015,790],{},[39,1017,1018,1019,1025,1026,194],{},"You can create a unique URL to get more information on CWEs by appending the relevant ID to the end of a fixed string. For example, to find more information about CWE-192, Integer Coercion Error,” you can append 192.html to ",[43,1020,1023],{"href":1021,"rel":1022},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F",[84],[742,1024,1021],{}," and enter the resulting URL in your browser: ",[43,1027,1030],{"href":1028,"rel":1029},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F192.html",[84],[742,1031,1028],{},[39,1033,1034],{},"The other referenced technical specifications, technical reports, and guidelines are commercially available.",[55,1036,1038],{"id":1037},"cert-cwe-mapping-notes","CERT-CWE Mapping Notes",[39,1040,1041],{},"CERT's “partial mapping” terms {Partial overlap, Rule subset of CWE, CWE subset of rule} describe relationships between the taxonomy items using the language of sets, where the taxonomy item (a CERT rule or a CWE weakness) is a set that holds one or more conditions. If a condition of a program violates a CERT rule “R” and also exhibits a CWE weakness “W”, that condition is in the overlap between the rule and weakness.",[39,1043,1044],{},"For each CWE that has a partial mapping to a CERT rule, in this section we document the nature of what the rule and CWE have in common, what is exclusive to the rule, and what is exclusive to the CWE. Sometimes what is exclusive or shared is simply described by set equations using taxonomy items, but other times documentation of what is shared may include function names or data types, or some prose description of shared characteristics.",[39,1046,1047,1050],{},[364,1048,1049],{},"Notation: “Intersection(A, B) =”"," the right side of the equals sign defines if there is an overlap between A and B, meaning if a condition of a program exists with an overlapping area between A and B.",[39,1052,1053,765,1056,1059],{},[364,1054,1055],{},"Notation:  “A",[364,1057,1058],{},"⊂ B”"," means every element in A is also in B, but there exists at least one element in B that is not in A. (It means A is a “proper subset” of B.)",[39,1061,1062,765,1064,1067],{},[364,1063,1055],{},[364,1065,1066],{},"⊄ B”"," means A is not a proper subset of B.",[39,1069,1070,765,1073,1076],{},[364,1071,1072],{},"Notation:  “Intersection(A, B)",[364,1074,1075],{},"= ∅”"," means no element in A is also in B. (It means the intersection is the empty set.)",[39,1078,1079,1082],{},[364,1080,1081],{},"Notation:  “A - B =”"," the right side of the equals sign defines what element(s), if any, exist in A that are not also in B.",[39,1084,1085],{},"No CERT C rule or recommendation is identical to any other CERT C rule or recommendation.",[39,1087,1088],{},"In this section, Independent() means all the rules listed within are independent: that is, every pair of two rules listed they have an empty intersection. Most CERT rules are designed to be independent, that is, they have no overlap. (This applies only to rules, not recommendations).",[39,1090,1091,1092,1095,1096,1098,1099,1101,1102,1111],{},"For CWE that have been identified as having at least a partial overlap with another CERT rule R ",[1093,1094,403],"sub",{}," , for current mapping to CERT rule R ",[1093,1097,414],{}," : In the Mapping Notes section we consider C’s possible overlap or exclusion of the CWE overlap area with R ",[1093,1100,403],{}," . ",[364,1103,1104,1105,1107,1108,1110],{},"We also consider the relationship of R ",[1093,1106,403],{}," and R ",[1093,1109,414],{}," , if any."," (By defining the relationship between the CERT rules that separately have at least some overlap with the CWE of interest, the mapping notes further define the conditions of overlap and\u002For non-overlap between the primary CWE-to-CERT-rule mapping of interest.)",[39,1113,1114],{},"Regarding partial overlap, we try to find segments of code as examples that are inseparable and exhibit both code flaws. An example of separable code:",[39,1116,1117],{},"The following line violates rules about integer overflow and floating-point overflow, but that does not mean that the rules about integer overflow and fp-overflow overlap:",[39,1119,1120],{},[191,1121,1122],{}," INT_MAX + 1 ; FLT_MAX + 1.0; ",[39,1124,1125],{},[191,1126,1127],{}," static char x[3]; ",[39,1129,1130],{},[191,1131,1132],{}," char* foo() { ",[39,1134,1135],{},[191,1136,1137],{}," int x_int = (int) x; \u002F\u002F x_int = 999 eg ",[39,1139,1140],{},[191,1141,1142],{}," return x_int + 5; \u002F\u002F returns 1004 , violates CWE 466 ",[39,1144,1145],{},[191,1146,1147],{}," } ",[39,1149,1150],{},[191,1151,1152],{}," ... ",[39,1154,1155],{},[191,1156,1157],{}," int y_int = foo(); \u002F\u002F violates CWE-466 ",[39,1159,1160],{},[191,1161,1162],{}," char* y = (char*) y_int; \u002F\u002F  \u002F\u002F well-defined but y may be invalid, violates INT36-C ",[39,1164,1165],{},[191,1166,1167],{}," char c = *y; \u002F\u002F indeterminate value, out-of-bounds read, violates CWE-119 ",[55,1169,1171],{"id":1170},"bibliography","Bibliography",[39,1173,1174],{},"Most guidelines have a small bibliography section that lists documents and sections in those documents that provide information relevant to the guideline.",[55,1176,1178],{"id":1177},"attachments","Attachments:",[1180,1181,1185],"div",{"className":1182,"align":1184},[1183],"greybox","left",[39,1186,1187,765,1190,1195,1196,1198,765,1200,1204,1205,1207,765,1209,1213,1214,1216,765,1218,1222,1223,1225,765,1227,1222],{},[672,1188],{"alt":255,"src":1189},"images\u002Ficons\u002Fbullet_blue.gif",[43,1191,1194],{"href":1192,"target":1193},"\u002Fattachments\u002F87152408\u002F88028707.jpg","_blank","levelsandpriorities.jpg"," (image\u002Fjpeg)",[976,1197],{},[672,1199],{"alt":255,"src":1189},[43,1201,1203],{"href":1202,"target":1193},"\u002Fattachments\u002F87152408\u002F88028706.tif","levelsandpriorities.tif"," (image\u002Ftiff)",[976,1206],{},[672,1208],{"alt":255,"src":1189},[43,1210,1212],{"href":1211,"target":1193},"\u002Fattachments\u002F87152408\u002F88028709.gif","levelsandpriorities.gif"," (image\u002Fgif)",[976,1215],{},[672,1217],{"alt":255,"src":1189},[43,1219,1221],{"href":1220,"target":1193},"\u002Fattachments\u002F87152408\u002F88020502.png","C_Intro_RiskAssessment.png"," (image\u002Fpng)",[976,1224],{},[672,1226],{"alt":255,"src":1189},[43,1228,1230],{"href":1229,"target":1193},"\u002Fattachments\u002F87152408\u002F88022625.png","Levels and Priorities.png",[1232,1233,1234],"style",{},"html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .s7F3e, html code.shiki .s7F3e{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#AE81FF}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}",{"title":255,"searchDepth":294,"depth":294,"links":1236},[1237,1238,1239,1240,1241,1242,1243,1244,1245,1246,1247],{"id":57,"depth":294,"text":58},{"id":175,"depth":294,"text":176},{"id":185,"depth":294,"text":186},{"id":337,"depth":294,"text":338},{"id":344,"depth":294,"text":345},{"id":680,"depth":294,"text":681},{"id":715,"depth":294,"text":716},{"id":731,"depth":294,"text":732},{"id":1037,"depth":294,"text":1038},{"id":1170,"depth":294,"text":1171},{"id":1177,"depth":294,"text":1178},"This coding standard is organized into 15 chapters containing rules in specific topic areas followed by four appendices. Appendix A contains the bibliography. Appendix B lists the definitions of terms used throughout the standard. Appendix C lists the undefined behaviors from the C Standard, Annex J, J.2 [ ISO\u002FIEC 9899:2011 ], numbered and classified for easy reference. These numbered undefined behaviors are referenced frequently from the rules. Appendix D lists unspecified behaviors from the C Standard, Annex J, J.2 [ ISO\u002FIEC 9899:2011 ]. These unspecified behaviors are occasionally referenced from the rules as well.","md",{"tags":1251},[1252,1253,1254,354,1255,1256],"definition","severity","likelihood","remediation","cost","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhow-this-coding-standard-is-organized",{"title":30,"description":1248},"4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F03.how-this-coding-standard-is-organized","-HV7Sk765x46rlAJG-5SBGAhkc0aO8esPxRahtne-HQ",[1262,1266],{"title":1263,"path":1264,"stem":1265,"children":-1},"Audience","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Faudience","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F02.audience",{"title":1267,"path":1268,"stem":1269,"children":-1},"History","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhistory","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F04.history",[1271],{"title":85,"path":1272,"stem":1273,"children":1274},"\u002Fsei-cert-c-coding-standard","4.sei-cert-c-coding-standard\u002F01.index",[1275,1276,1339,1929,2226,2240,2244,2248,2252,3065],{"title":85,"path":1272,"stem":1273},{"title":1277,"path":1278,"stem":1279,"children":1280},"Front Matter","\u002Fsei-cert-c-coding-standard\u002Ffront-matter","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F1.index",[1281,1282],{"title":1277,"path":1278,"stem":1279},{"title":1283,"path":1284,"stem":1285,"children":1286},"Introduction","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F01.index",[1287,1288,1292,1293,1294,1295,1299,1303,1307,1311,1315,1319,1323,1327,1331,1335],{"title":1283,"path":1284,"stem":1285},{"title":1289,"path":1290,"stem":1291},"Scope","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F01.scope",{"title":1263,"path":1264,"stem":1265},{"title":30,"path":1257,"stem":1259},{"title":1267,"path":1268,"stem":1269},{"title":1296,"path":1297,"stem":1298},"ISO\u002FIEC TS 17961 C Secure Coding Rules","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fisoiec-ts-17961-c-secure-coding-rules","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F05.isoiec-ts-17961-c-secure-coding-rules",{"title":1300,"path":1301,"stem":1302},"Tool Selection and Validation","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F06.tool-selection-and-validation",{"title":1304,"path":1305,"stem":1306},"Taint Analysis","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftaint-analysis","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F07.taint-analysis",{"title":1308,"path":1309,"stem":1310},"Rules versus Recommendations","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F08.rules-versus-recommendations",{"title":1312,"path":1313,"stem":1314},"Conformance Testing","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fconformance-testing","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F09.conformance-testing",{"title":1316,"path":1317,"stem":1318},"Development Process","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F10.development-process",{"title":1320,"path":1321,"stem":1322},"Usage","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F11.usage",{"title":1324,"path":1325,"stem":1326},"System Qualities","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F12.system-qualities",{"title":1328,"path":1329,"stem":1330},"Automatically Generated Code","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F13.automatically-generated-code",{"title":1332,"path":1333,"stem":1334},"Government Regulations","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fgovernment-regulations","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F14.government-regulations",{"title":1336,"path":1337,"stem":1338},"Acknowledgments","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgments","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F15.acknowledgments",{"title":1340,"path":1341,"stem":1342,"children":1343},"Rules","\u002Fsei-cert-c-coding-standard\u002Frules","4.sei-cert-c-coding-standard\u002F03.rules\u002F01.index",[1344,1345,1349,1379,1409,1471,1509,1535,1557,1623,1649,1707,1741,1771,1781,1819,1889,1907],{"title":1340,"path":1341,"stem":1342},{"title":1346,"path":1347,"stem":1348},"Application Programming Interfaces (API)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fapplication-programming-interfaces-api","4.sei-cert-c-coding-standard\u002F03.rules\u002F02.application-programming-interfaces-api",{"title":1350,"path":1351,"stem":1352,"children":1353},"Arrays (ARR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F1.index",[1354,1355,1359,1363,1367,1371,1375],{"title":1350,"path":1351,"stem":1352},{"title":1356,"path":1357,"stem":1358},"ARR30-C. Do not form or use out-of-bounds pointers or array subscripts","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F2.arr30-c",{"title":1360,"path":1361,"stem":1362},"ARR32-C. Ensure size arguments for variable length arrays are in a valid range","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F3.arr32-c",{"title":1364,"path":1365,"stem":1366},"ARR36-C. Do not subtract or compare two pointers that do not refer to the same array","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F4.arr36-c",{"title":1368,"path":1369,"stem":1370},"ARR37-C. Do not add or subtract an integer to a pointer to a non-array object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F5.arr37-c",{"title":1372,"path":1373,"stem":1374},"ARR38-C. Guarantee that library functions do not form invalid pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F6.arr38-c",{"title":1376,"path":1377,"stem":1378},"ARR39-C. Do not add or subtract a scaled integer to a pointer","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F7.arr39-c",{"title":1380,"path":1381,"stem":1382,"children":1383},"Characters and Strings (STR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F1.index",[1384,1385,1389,1393,1397,1401,1405],{"title":1380,"path":1381,"stem":1382},{"title":1386,"path":1387,"stem":1388},"STR30-C. Do not attempt to modify string literals","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F2.str30-c",{"title":1390,"path":1391,"stem":1392},"STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F3.str31-c",{"title":1394,"path":1395,"stem":1396},"STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F4.str32-c",{"title":1398,"path":1399,"stem":1400},"STR34-C. Cast characters to unsigned char before converting to larger integer sizes","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F5.str34-c",{"title":1402,"path":1403,"stem":1404},"STR37-C. Arguments to character-handling functions must be representable as an unsigned char","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F6.str37-c",{"title":1406,"path":1407,"stem":1408},"STR38-C. Do not confuse narrow and wide character strings and functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F7.str38-c",{"title":1410,"path":1411,"stem":1412,"children":1413},"Concurrency (CON)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F01.index",[1414,1415,1419,1423,1427,1431,1435,1439,1443,1447,1451,1455,1459,1463,1467],{"title":1410,"path":1411,"stem":1412},{"title":1416,"path":1417,"stem":1418},"CON30-C. Clean up thread-specific storage","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F02.con30-c",{"title":1420,"path":1421,"stem":1422},"CON31-C. Do not destroy a mutex while it is locked","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F03.con31-c",{"title":1424,"path":1425,"stem":1426},"CON32-C. Prevent data races when accessing bit-fields from multiple threads","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F04.con32-c",{"title":1428,"path":1429,"stem":1430},"CON33-C. Avoid race conditions when using library functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F05.con33-c",{"title":1432,"path":1433,"stem":1434},"CON34-C. Declare objects shared between threads with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F06.con34-c",{"title":1436,"path":1437,"stem":1438},"CON35-C. Avoid deadlock by locking in a predefined order","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F07.con35-c",{"title":1440,"path":1441,"stem":1442},"CON36-C. Wrap functions that can spuriously wake up in a loop","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F08.con36-c",{"title":1444,"path":1445,"stem":1446},"CON37-C. Do not call signal() in a multithreaded program","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F09.con37-c",{"title":1448,"path":1449,"stem":1450},"CON38-C. Preserve thread safety and liveness when using condition variables","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F10.con38-c",{"title":1452,"path":1453,"stem":1454},"CON39-C. Do not join or detach a thread that was previously joined or detached","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F11.con39-c",{"title":1456,"path":1457,"stem":1458},"CON40-C. Do not refer to an atomic variable twice in an expression","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F12.con40-c",{"title":1460,"path":1461,"stem":1462},"CON41-C. Wrap functions that can fail spuriously in a loop","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F13.con41-c",{"title":1464,"path":1465,"stem":1466},"CON42-C. Don't allow attackers to influence environment variables that control concurrency parameters","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F14.con42-c",{"title":1468,"path":1469,"stem":1470},"CON43-C. Do not allow data races in multithreaded code","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon43-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F15.con43-c",{"title":1472,"path":1473,"stem":1474,"children":1475},"Declarations and Initialization (DCL)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F1.index",[1476,1477,1481,1485,1489,1493,1497,1501,1505],{"title":1472,"path":1473,"stem":1474},{"title":1478,"path":1479,"stem":1480},"DCL30-C. Declare objects with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F2.dcl30-c",{"title":1482,"path":1483,"stem":1484},"DCL31-C. Declare identifiers before using them","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F3.dcl31-c",{"title":1486,"path":1487,"stem":1488},"DCL36-C. Do not declare an identifier with conflicting linkage classifications","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F4.dcl36-c",{"title":1490,"path":1491,"stem":1492},"DCL37-C. Do not declare or define a reserved identifier","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F5.dcl37-c",{"title":1494,"path":1495,"stem":1496},"DCL38-C. Use the correct syntax when declaring a flexible array member","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F6.dcl38-c",{"title":1498,"path":1499,"stem":1500},"DCL39-C. Avoid information leakage when passing a structure across a trust boundary","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F7.dcl39-c",{"title":1502,"path":1503,"stem":1504},"DCL40-C. Do not create incompatible declarations of the same function or object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F8.dcl40-c",{"title":1506,"path":1507,"stem":1508},"DCL41-C. Do not declare variables inside a switch statement before the first case label","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F9.dcl41-c",{"title":1510,"path":1511,"stem":1512,"children":1513},"Environment (ENV)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F1.index",[1514,1515,1519,1523,1527,1531],{"title":1510,"path":1511,"stem":1512},{"title":1516,"path":1517,"stem":1518},"ENV30-C. Do not modify the object referenced by the return value of certain functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F2.env30-c",{"title":1520,"path":1521,"stem":1522},"ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F3.env31-c",{"title":1524,"path":1525,"stem":1526},"ENV32-C. All exit handlers must return normally","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F4.env32-c",{"title":1528,"path":1529,"stem":1530},"ENV33-C. Do not call system()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F5.env33-c",{"title":1532,"path":1533,"stem":1534},"ENV34-C. Do not store pointers returned by certain functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F6.env34-c",{"title":1536,"path":1537,"stem":1538,"children":1539},"Error Handling (ERR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F1.index",[1540,1541,1545,1549,1553],{"title":1536,"path":1537,"stem":1538},{"title":1542,"path":1543,"stem":1544},"ERR30-C. Take care when reading errno","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F2.err30-c",{"title":1546,"path":1547,"stem":1548},"ERR32-C. Do not rely on indeterminate values of errno","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F3.err32-c",{"title":1550,"path":1551,"stem":1552},"ERR33-C. Detect and handle standard library errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F4.err33-c",{"title":1554,"path":1555,"stem":1556},"ERR34-C. Detect errors when converting a string to a number","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F5.err34-c",{"title":1558,"path":1559,"stem":1560,"children":1561},"Expressions (EXP)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F01.index",[1562,1563,1567,1571,1575,1579,1583,1587,1591,1595,1599,1603,1607,1611,1615,1619],{"title":1558,"path":1559,"stem":1560},{"title":1564,"path":1565,"stem":1566},"EXP30-C. Do not depend on the order of evaluation for side effects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F02.exp30-c",{"title":1568,"path":1569,"stem":1570},"EXP32-C. Do not access a volatile object through a nonvolatile reference","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F03.exp32-c",{"title":1572,"path":1573,"stem":1574},"EXP33-C. Do not read uninitialized memory","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F04.exp33-c",{"title":1576,"path":1577,"stem":1578},"EXP34-C. Do not dereference null pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F05.exp34-c",{"title":1580,"path":1581,"stem":1582},"EXP35-C. Do not modify objects with temporary lifetime","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F06.exp35-c",{"title":1584,"path":1585,"stem":1586},"EXP36-C. Do not cast pointers into more strictly aligned pointer types","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F07.exp36-c",{"title":1588,"path":1589,"stem":1590},"EXP37-C. Call functions with the correct number and type of arguments","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F08.exp37-c",{"title":1592,"path":1593,"stem":1594},"EXP39-C. Do not access a variable through a pointer of an incompatible type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F09.exp39-c",{"title":1596,"path":1597,"stem":1598},"EXP40-C. Do not modify constant objects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F10.exp40-c",{"title":1600,"path":1601,"stem":1602},"EXP42-C. Do not compare padding data","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F11.exp42-c",{"title":1604,"path":1605,"stem":1606},"EXP43-C. Avoid undefined behavior when using restrict-qualified pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp43-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F12.exp43-c",{"title":1608,"path":1609,"stem":1610},"EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F13.exp44-c",{"title":1612,"path":1613,"stem":1614},"EXP45-C. Do not perform assignments in selection statements","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp45-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F14.exp45-c",{"title":1616,"path":1617,"stem":1618},"EXP46-C. Do not use a bitwise operator with a Boolean-like operand","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp46-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F15.exp46-c",{"title":1620,"path":1621,"stem":1622},"EXP47-C. Do not call va_arg with an argument of the incorrect type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F16.exp47-c",{"title":1624,"path":1625,"stem":1626,"children":1627},"Floating Point (FLP)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F1.index",[1628,1629,1633,1637,1641,1645],{"title":1624,"path":1625,"stem":1626},{"title":1630,"path":1631,"stem":1632},"FLP30-C. Do not use floating-point variables as loop counters","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F2.flp30-c",{"title":1634,"path":1635,"stem":1636},"FLP32-C. Prevent or detect domain and range errors in math functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F3.flp32-c",{"title":1638,"path":1639,"stem":1640},"FLP34-C. Ensure that floating-point conversions are within range of the new type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F4.flp34-c",{"title":1642,"path":1643,"stem":1644},"FLP36-C. Preserve precision when converting integral values to floating-point type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F5.flp36-c",{"title":1646,"path":1647,"stem":1648},"FLP37-C. Do not use object representations to compare floating-point values","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F6.flp37-c",{"title":1650,"path":1651,"stem":1652,"children":1653},"Input Output (FIO)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F01.index",[1654,1655,1659,1663,1667,1671,1675,1679,1683,1687,1691,1695,1699,1703],{"title":1650,"path":1651,"stem":1652},{"title":1656,"path":1657,"stem":1658},"FIO30-C. Exclude user input from format strings","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F02.fio30-c",{"title":1660,"path":1661,"stem":1662},"FIO32-C. Do not perform operations on devices that are only appropriate for files","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F03.fio32-c",{"title":1664,"path":1665,"stem":1666},"FIO34-C. Distinguish between characters read from a file and EOF or WEOF","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F04.fio34-c",{"title":1668,"path":1669,"stem":1670},"FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F05.fio37-c",{"title":1672,"path":1673,"stem":1674},"FIO38-C. Do not copy a FILE object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F06.fio38-c",{"title":1676,"path":1677,"stem":1678},"FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F07.fio39-c",{"title":1680,"path":1681,"stem":1682},"FIO40-C. Reset strings on fgets() or fgetws() failure","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F08.fio40-c",{"title":1684,"path":1685,"stem":1686},"FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F09.fio41-c",{"title":1688,"path":1689,"stem":1690},"FIO42-C. Close files when they are no longer needed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F10.fio42-c",{"title":1692,"path":1693,"stem":1694},"FIO44-C. Only use values for fsetpos() that are returned from fgetpos()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F11.fio44-c",{"title":1696,"path":1697,"stem":1698},"FIO45-C. Avoid TOCTOU race conditions while accessing files","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio45-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F12.fio45-c",{"title":1700,"path":1701,"stem":1702},"FIO46-C. Do not access a closed file","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio46-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F13.fio46-c",{"title":1704,"path":1705,"stem":1706},"FIO47-C. Use valid format strings","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F14.fio47-c",{"title":1708,"path":1709,"stem":1710,"children":1711},"Integers (INT)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F1.index",[1712,1713,1717,1721,1725,1729,1733,1737],{"title":1708,"path":1709,"stem":1710},{"title":1714,"path":1715,"stem":1716},"INT30-C. Ensure that unsigned integer operations do not wrap","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F2.int30-c",{"title":1718,"path":1719,"stem":1720},"INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F3.int31-c",{"title":1722,"path":1723,"stem":1724},"INT32-C. Ensure that operations on signed integers do not result in overflow","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F4.int32-c",{"title":1726,"path":1727,"stem":1728},"INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F5.int33-c",{"title":1730,"path":1731,"stem":1732},"INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F6.int34-c",{"title":1734,"path":1735,"stem":1736},"INT35-C. Use correct integer precisions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F7.int35-c",{"title":1738,"path":1739,"stem":1740},"INT36-C. Converting a pointer to integer or integer to pointer","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F8.int36-c",{"title":1742,"path":1743,"stem":1744,"children":1745},"Memory Management (MEM)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F1.index",[1746,1747,1751,1755,1759,1763,1767],{"title":1742,"path":1743,"stem":1744},{"title":1748,"path":1749,"stem":1750},"MEM30-C. Do not access freed memory","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F2.mem30-c",{"title":1752,"path":1753,"stem":1754},"MEM31-C. Free dynamically allocated memory when no longer needed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F3.mem31-c",{"title":1756,"path":1757,"stem":1758},"MEM33-C. Allocate and copy structures containing a flexible array member dynamically","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F4.mem33-c",{"title":1760,"path":1761,"stem":1762},"MEM34-C. Only free memory allocated dynamically","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F5.mem34-c",{"title":1764,"path":1765,"stem":1766},"MEM35-C. Allocate sufficient memory for an object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F6.mem35-c",{"title":1768,"path":1769,"stem":1770},"MEM36-C. Do not modify the alignment of objects by calling realloc()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F7.mem36-c",{"title":1772,"path":1773,"stem":1774,"children":1775},"Microsoft Windows (WIN)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmicrosoft-windows-win","4.sei-cert-c-coding-standard\u002F03.rules\u002F14.microsoft-windows-win\u002F1.index",[1776,1777],{"title":1772,"path":1773,"stem":1774},{"title":1778,"path":1779,"stem":1780},"WIN30-C. Properly pair allocation and deallocation functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmicrosoft-windows-win\u002Fwin30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F14.microsoft-windows-win\u002F2.win30-c",{"title":1782,"path":1783,"stem":1784,"children":1785},"Miscellaneous (MSC)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F1.index",[1786,1787,1791,1795,1799,1803,1807,1811,1815],{"title":1782,"path":1783,"stem":1784},{"title":1788,"path":1789,"stem":1790},"MSC30-C. Do not use the rand() function for generating pseudorandom numbers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F2.msc30-c",{"title":1792,"path":1793,"stem":1794},"MSC32-C. Properly seed pseudorandom number generators","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F3.msc32-c",{"title":1796,"path":1797,"stem":1798},"MSC33-C. Do not pass invalid data to the asctime() function","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F4.msc33-c",{"title":1800,"path":1801,"stem":1802},"MSC37-C. Ensure that control never reaches the end of a non-void function","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F5.msc37-c",{"title":1804,"path":1805,"stem":1806},"MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F6.msc38-c",{"title":1808,"path":1809,"stem":1810},"MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F7.msc39-c",{"title":1812,"path":1813,"stem":1814},"MSC40-C. Do not violate constraints","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F8.msc40-c",{"title":1816,"path":1817,"stem":1818},"MSC41-C. Never hard code sensitive information","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F9.msc41-c",{"title":1820,"path":1821,"stem":1822,"children":1823},"POSIX (POS)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F01.index",[1824,1825,1829,1833,1837,1841,1845,1849,1853,1857,1861,1865,1869,1873,1877,1881,1885],{"title":1820,"path":1821,"stem":1822},{"title":1826,"path":1827,"stem":1828},"POS30-C. Use the readlink() function properly","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F02.pos30-c",{"title":1830,"path":1831,"stem":1832},"POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F03.pos34-c",{"title":1834,"path":1835,"stem":1836},"POS35-C. Avoid race conditions while checking for the existence of a symbolic link","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F04.pos35-c",{"title":1838,"path":1839,"stem":1840},"POS36-C. Observe correct revocation order while relinquishing privileges","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F05.pos36-c",{"title":1842,"path":1843,"stem":1844},"POS37-C. Ensure that privilege relinquishment is successful","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F06.pos37-c",{"title":1846,"path":1847,"stem":1848},"POS38-C. Beware of race conditions when using fork and file descriptors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F07.pos38-c",{"title":1850,"path":1851,"stem":1852},"POS39-C. Use the correct byte ordering when transferring data between systems","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F08.pos39-c",{"title":1854,"path":1855,"stem":1856},"POS44-C. Do not use signals to terminate threads","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F09.pos44-c",{"title":1858,"path":1859,"stem":1860},"POS47-C. Do not use threads that can be canceled asynchronously","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F10.pos47-c",{"title":1862,"path":1863,"stem":1864},"POS48-C. Do not unlock or destroy another POSIX thread's mutex","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos48-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F11.pos48-c",{"title":1866,"path":1867,"stem":1868},"POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos49-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F12.pos49-c",{"title":1870,"path":1871,"stem":1872},"POS50-C. Declare objects shared between POSIX threads with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos50-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F13.pos50-c",{"title":1874,"path":1875,"stem":1876},"POS51-C. Avoid deadlock with POSIX threads by locking in predefined order","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos51-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F14.pos51-c",{"title":1878,"path":1879,"stem":1880},"POS52-C. Do not perform operations that can block while holding a POSIX lock","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos52-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F15.pos52-c",{"title":1882,"path":1883,"stem":1884},"POS53-C. Do not use more than one mutex for concurrent waiting operations on a condition variable","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos53-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F16.pos53-c",{"title":1886,"path":1887,"stem":1888},"POS54-C. Detect and handle POSIX library errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos54-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F17.pos54-c",{"title":1890,"path":1891,"stem":1892,"children":1893},"Preprocessor (PRE)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F1.index",[1894,1895,1899,1903],{"title":1890,"path":1891,"stem":1892},{"title":1896,"path":1897,"stem":1898},"PRE30-C. Do not create a universal character name through concatenation","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F2.pre30-c",{"title":1900,"path":1901,"stem":1902},"PRE31-C. Avoid side effects in arguments to unsafe macros","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F3.pre31-c",{"title":1904,"path":1905,"stem":1906},"PRE32-C. Do not use preprocessor directives in invocations of function-like macros","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F4.pre32-c",{"title":1908,"path":1909,"stem":1910,"children":1911},"Signals (SIG)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F1.index",[1912,1913,1917,1921,1925],{"title":1908,"path":1909,"stem":1910},{"title":1914,"path":1915,"stem":1916},"SIG30-C. Call only asynchronous-safe functions within signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F2.sig30-c",{"title":1918,"path":1919,"stem":1920},"SIG31-C. Do not access shared objects in signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F3.sig31-c",{"title":1922,"path":1923,"stem":1924},"SIG34-C. Do not call signal() from within interruptible signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F4.sig34-c",{"title":1926,"path":1927,"stem":1928},"SIG35-C. Do not return from a computational exception signal handler","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F5.sig35-c",{"title":1930,"path":1931,"stem":1932,"children":1933},"Back Matter","\u002Fsei-cert-c-coding-standard\u002Fback-matter","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F1.index",[1934,1935,1939,1943,1947,1951,2165,2222],{"title":1930,"path":1931,"stem":1932},{"title":1936,"path":1937,"stem":1938},"AA. Bibliography","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F2.aa-bibliography",{"title":1940,"path":1941,"stem":1942},"BB. Definitions","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F3.bb-definitions",{"title":1944,"path":1945,"stem":1946},"CC. Undefined Behavior","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fcc-undefined-behavior","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F4.cc-undefined-behavior",{"title":1948,"path":1949,"stem":1950},"DD. Unspecified Behavior","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fdd-unspecified-behavior","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F5.dd-unspecified-behavior",{"title":1952,"path":1953,"stem":1954,"children":1955},"EE. Analyzers","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F01.index",[1956,1957,1961,1965,1969,1973,1977,1981,1985,1989,1993,1997,2001,2005,2009,2013,2017,2021,2025,2029,2033,2037,2041,2045,2049,2053,2057,2061,2065,2069,2073,2077,2081,2085,2089,2093,2097,2101,2105,2109,2113,2117,2121,2125,2129,2133,2137,2141,2145,2149,2153,2157,2161],{"title":1952,"path":1953,"stem":1954},{"title":1958,"path":1959,"stem":1960},"Astrée","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fastree","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F02.astree",{"title":1962,"path":1963,"stem":1964},"Astrée_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fastree_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F03.astree_v",{"title":1966,"path":1967,"stem":1968},"Axivion Bauhaus Suite","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Faxivion-bauhaus-suite","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F04.axivion-bauhaus-suite",{"title":1970,"path":1971,"stem":1972},"Axivion Bauhaus Suite_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Faxivion-bauhaus-suite_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F05.axivion-bauhaus-suite_v",{"title":1974,"path":1975,"stem":1976},"Clang","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F06.clang",{"title":1978,"path":1979,"stem":1980},"Clang_38_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_38_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F07.clang_38_v",{"title":1982,"path":1983,"stem":1984},"Clang_39_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_39_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F08.clang_39_v",{"title":1986,"path":1987,"stem":1988},"Clang_40_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_40_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F09.clang_40_v",{"title":1990,"path":1991,"stem":1992},"Clang_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F10.clang_v",{"title":1994,"path":1995,"stem":1996},"Codee","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodee","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F11.codee",{"title":1998,"path":1999,"stem":2000},"Codee_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodee_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F12.codee_v",{"title":2002,"path":2003,"stem":2004},"CodeSonar","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodesonar","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F13.codesonar",{"title":2006,"path":2007,"stem":2008},"CodeSonar_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodesonar_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F14.codesonar_v",{"title":2010,"path":2011,"stem":2012},"Coverity","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcoverity","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F15.coverity",{"title":2014,"path":2015,"stem":2016},"Coverity_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcoverity_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F16.coverity_v",{"title":2018,"path":2019,"stem":2020},"Cppcheck","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F17.cppcheck",{"title":2022,"path":2023,"stem":2024},"Cppcheck Premium","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck-premium","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F18.cppcheck-premium",{"title":2026,"path":2027,"stem":2028},"Cppcheck Premium_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck-premium_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F19.cppcheck-premium_v",{"title":2030,"path":2031,"stem":2032},"Cppcheck_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F20.cppcheck_v",{"title":2034,"path":2035,"stem":2036},"ECLAIR","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Feclair","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F21.eclair",{"title":2038,"path":2039,"stem":2040},"ECLAIR_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Feclair_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F22.eclair_v",{"title":2042,"path":2043,"stem":2044},"EDG","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fedg","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F23.edg",{"title":2046,"path":2047,"stem":2048},"EDG_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fedg_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F24.edg_v",{"title":2050,"path":2051,"stem":2052},"GCC","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fgcc","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F25.gcc",{"title":2054,"path":2055,"stem":2056},"GCC_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fgcc_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F26.gcc_v",{"title":2058,"path":2059,"stem":2060},"Helix QAC","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fhelix-qac","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F27.helix-qac",{"title":2062,"path":2063,"stem":2064},"Helix QAC_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fhelix-qac_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F28.helix-qac_v",{"title":2066,"path":2067,"stem":2068},"Klocwork","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fklocwork","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F29.klocwork",{"title":2070,"path":2071,"stem":2072},"Klocwork_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fklocwork_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F30.klocwork_v",{"title":2074,"path":2075,"stem":2076},"LDRA","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fldra","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F31.ldra",{"title":2078,"path":2079,"stem":2080},"LDRA_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fldra_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F32.ldra_v",{"title":2082,"path":2083,"stem":2084},"Parasoft","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fparasoft","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F33.parasoft",{"title":2086,"path":2087,"stem":2088},"Parasoft_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fparasoft_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F34.parasoft_v",{"title":2090,"path":2091,"stem":2092},"PC-lint Plus","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpc-lint-plus","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F35.pc-lint-plus",{"title":2094,"path":2095,"stem":2096},"PC-lint Plus_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpc-lint-plus_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F36.pc-lint-plus_v",{"title":2098,"path":2099,"stem":2100},"Polyspace Bug Finder","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpolyspace-bug-finder","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F37.polyspace-bug-finder",{"title":2102,"path":2103,"stem":2104},"Polyspace Bug Finder_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpolyspace-bug-finder_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F38.polyspace-bug-finder_v",{"title":2106,"path":2107,"stem":2108},"PVS-Studio","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpvs-studio","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F39.pvs-studio",{"title":2110,"path":2111,"stem":2112},"PVS-Studio_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpvs-studio_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F40.pvs-studio_v",{"title":2114,"path":2115,"stem":2116},"Rose","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frose","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F41.rose",{"title":2118,"path":2119,"stem":2120},"Rose_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frose_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F42.rose_v",{"title":2122,"path":2123,"stem":2124},"Rosecheckers Code","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frosecheckers-code","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F43.rosecheckers-code",{"title":2126,"path":2127,"stem":2128},"RuleChecker","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frulechecker","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F44.rulechecker",{"title":2130,"path":2131,"stem":2132},"RuleChecker_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frulechecker_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F45.rulechecker_v",{"title":2134,"path":2135,"stem":2136},"Security Reviewer - Static Reviewer","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsecurity-reviewer-static-reviewer","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F46.security-reviewer-static-reviewer",{"title":2138,"path":2139,"stem":2140},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsecurity-reviewer-static-reviewer_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F47.security-reviewer-static-reviewer_v",{"title":2142,"path":2143,"stem":2144},"SonarQube C\u002FC++ Plugin","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsonarqube-ccpp-plugin","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F48.sonarqube-ccpp-plugin",{"title":2146,"path":2147,"stem":2148},"SonarQube C\u002FC++ Plugin_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsonarqube-ccpp-plugin_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F49.sonarqube-ccpp-plugin_v",{"title":2150,"path":2151,"stem":2152},"Splint","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsplint","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F50.splint",{"title":2154,"path":2155,"stem":2156},"Splint_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsplint_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F51.splint_v",{"title":2158,"path":2159,"stem":2160},"TrustInSoft Analyzer","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Ftrustinsoft-analyzer","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F52.trustinsoft-analyzer",{"title":2162,"path":2163,"stem":2164},"TrustInSoft Analyzer_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Ftrustinsoft-analyzer_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F53.trustinsoft-analyzer_v",{"title":2166,"path":2167,"stem":2168,"children":2169},"FF. Related Guidelines","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F01.index",[2170,2171,2175,2179,2183,2187,2191,2195,2199,2203,2206,2210,2214,2218],{"title":2166,"path":2167,"stem":2168},{"title":2172,"path":2173,"stem":2174},"2003","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F02.2003","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F02.2003",{"title":2176,"path":2177,"stem":2178},"2006","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F03.2006","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F03.2006",{"title":2180,"path":2181,"stem":2182},"2007","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F04.2007","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F04.2007",{"title":2184,"path":2185,"stem":2186},"2008","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F05.2008","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F05.2008",{"title":2188,"path":2189,"stem":2190},"2010","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F06.2010","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F06.2010",{"title":2192,"path":2193,"stem":2194},"2011","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F07.2011","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F07.2011",{"title":2196,"path":2197,"stem":2198},"2012","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F08.2012","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F08.2012",{"title":2200,"path":2201,"stem":2202},"2013","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F09.2013","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F09.2013",{"title":2200,"path":2204,"stem":2205},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F10.2013","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F10.2013",{"title":2207,"path":2208,"stem":2209},"MITRE CWE","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F11.mitre-cwe",{"title":2211,"path":2212,"stem":2213},"MITRE CWE 2.11","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-211","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F12.mitre-cwe-211",{"title":2215,"path":2216,"stem":2217},"MITRE CWE 3.1","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-31","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F13.mitre-cwe-31",{"title":2219,"path":2220,"stem":2221},"MITRE CWE 3.11","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-311","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F14.mitre-cwe-311",{"title":2223,"path":2224,"stem":2225},"GG. Risk Assessments","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fgg-risk-assessments","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F8.gg-risk-assessments",{"title":2227,"path":2228,"stem":2229,"children":2230},"Admin","\u002Fsei-cert-c-coding-standard\u002Fadmin","4.sei-cert-c-coding-standard\u002F05.admin\u002F1.index",[2231,2232,2236],{"title":2227,"path":2228,"stem":2229},{"title":2233,"path":2234,"stem":2235},"TODO List","\u002Fsei-cert-c-coding-standard\u002Fadmin\u002Ftodo-list","4.sei-cert-c-coding-standard\u002F05.admin\u002F2.todo-list",{"title":2237,"path":2238,"stem":2239},"Undefined and implementation-defined behaviors not deemed ruleworthy","\u002Fsei-cert-c-coding-standard\u002Fadmin\u002Fundefined-and-implementation-defined-behaviors-not-deemed-ruleworthy","4.sei-cert-c-coding-standard\u002F05.admin\u002F3.undefined-and-implementation-defined-behaviors-not-deemed-ruleworthy",{"title":2241,"path":2242,"stem":2243},"Coding Style Guidelines","\u002Fsei-cert-c-coding-standard\u002Fcoding-style-guidelines","4.sei-cert-c-coding-standard\u002F05.coding-style-guidelines",{"title":2245,"path":2246,"stem":2247},"Errata for SEI CERT C Coding Standard (2016 Edition)","\u002Fsei-cert-c-coding-standard\u002Ferrata-for-sei-cert-c-coding-standard-2016-edition","4.sei-cert-c-coding-standard\u002F06.errata-for-sei-cert-c-coding-standard-2016-edition",{"title":2249,"path":2250,"stem":2251},"Wiki Contents","\u002Fsei-cert-c-coding-standard\u002Fwiki-contents","4.sei-cert-c-coding-standard\u002F06.wiki-contents",{"title":2253,"path":2254,"stem":2255,"children":2256},"Recommendations","\u002Fsei-cert-c-coding-standard\u002Frecommendations","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F01.index",[2257,2258,2297,2314,2359,2400,2497,2514,2547,2616,2653,2738,2803,2852,2877,2970,2991,3048],{"title":2253,"path":2254,"stem":2255},{"title":1346,"path":2259,"stem":2260,"children":2261},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F01.index",[2262,2263,2265,2269,2273,2277,2281,2285,2289,2293],{"title":1346,"path":2259,"stem":2260},{"title":223,"path":222,"stem":2264},"4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F02.api00-c",{"title":2266,"path":2267,"stem":2268},"API01-C. Avoid laying out strings in memory directly before sensitive data","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F03.api01-c",{"title":2270,"path":2271,"stem":2272},"API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F04.api02-c",{"title":2274,"path":2275,"stem":2276},"API03-C. Create consistent interfaces and capabilities across related functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F05.api03-c",{"title":2278,"path":2279,"stem":2280},"API04-C. Provide a consistent and usable error-checking mechanism","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F06.api04-c",{"title":2282,"path":2283,"stem":2284},"API05-C. Use conformant array parameters","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F07.api05-c",{"title":2286,"path":2287,"stem":2288},"API07-C. Enforce type safety","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F08.api07-c",{"title":2290,"path":2291,"stem":2292},"API09-C. Compatible values should have the same type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F09.api09-c",{"title":2294,"path":2295,"stem":2296},"API10-C. APIs should have security options enabled by default","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F10.api10-c",{"title":1350,"path":2298,"stem":2299,"children":2300},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F1.index",[2301,2302,2306,2310],{"title":1350,"path":2298,"stem":2299},{"title":2303,"path":2304,"stem":2305},"ARR00-C. Understand how arrays work","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F2.arr00-c",{"title":2307,"path":2308,"stem":2309},"ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F3.arr01-c",{"title":2311,"path":2312,"stem":2313},"ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F4.arr02-c",{"title":1380,"path":2315,"stem":2316,"children":2317},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F01.index",[2318,2319,2323,2327,2331,2335,2339,2343,2347,2351,2355],{"title":1380,"path":2315,"stem":2316},{"title":2320,"path":2321,"stem":2322},"STR00-C. Represent characters using an appropriate type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F02.str00-c",{"title":2324,"path":2325,"stem":2326},"STR01-C. Adopt and implement a consistent plan for managing strings","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F03.str01-c",{"title":2328,"path":2329,"stem":2330},"STR02-C. Sanitize data passed to complex subsystems","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F04.str02-c",{"title":2332,"path":2333,"stem":2334},"STR03-C. Do not inadvertently truncate a string","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F05.str03-c",{"title":2336,"path":2337,"stem":2338},"STR04-C. Use plain char for characters in the basic character set","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F06.str04-c",{"title":2340,"path":2341,"stem":2342},"STR05-C. Use pointers to const when referring to string literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F07.str05-c",{"title":2344,"path":2345,"stem":2346},"STR06-C. Do not assume that strtok() leaves the parse string unchanged","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F08.str06-c",{"title":2348,"path":2349,"stem":2350},"STR09-C. Don't assume numeric values for expressions with type plain character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F09.str09-c",{"title":2352,"path":2353,"stem":2354},"STR10-C. Do not concatenate different type of string literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F10.str10-c",{"title":2356,"path":2357,"stem":2358},"STR11-C. Do not specify the bound of a character array initialized with a string literal","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F11.str11-c",{"title":1410,"path":2360,"stem":2361,"children":2362},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F01.index",[2363,2364,2368,2372,2376,2380,2384,2388,2392,2396],{"title":1410,"path":2360,"stem":2361},{"title":2365,"path":2366,"stem":2367},"CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F02.con01-c",{"title":2369,"path":2370,"stem":2371},"CON02-C. Do not use volatile as a synchronization primitive","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F03.con02-c",{"title":2373,"path":2374,"stem":2375},"CON03-C. Ensure visibility when accessing shared variables","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F04.con03-c",{"title":2377,"path":2378,"stem":2379},"CON04-C. Join or detach threads even if their exit status is unimportant","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F05.con04-c",{"title":2381,"path":2382,"stem":2383},"CON05-C. Do not perform operations that can block while holding a lock","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F06.con05-c",{"title":2385,"path":2386,"stem":2387},"CON06-C. Ensure that every mutex outlives the data it protects","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F07.con06-c",{"title":2389,"path":2390,"stem":2391},"CON07-C. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F08.con07-c",{"title":2393,"path":2394,"stem":2395},"CON08-C. Do not assume that a group of calls to independently atomic methods is atomic","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F09.con08-c",{"title":2397,"path":2398,"stem":2399},"CON09-C. Avoid the ABA problem when using lock-free algorithms","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F10.con09-c",{"title":1472,"path":2401,"stem":2402,"children":2403},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F01.index",[2404,2405,2409,2413,2417,2421,2425,2429,2433,2437,2441,2445,2449,2453,2457,2461,2465,2469,2473,2477,2481,2485,2489,2493],{"title":1472,"path":2401,"stem":2402},{"title":2406,"path":2407,"stem":2408},"DCL00-C. Const-qualify immutable objects","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F02.dcl00-c",{"title":2410,"path":2411,"stem":2412},"DCL01-C. Do not reuse variable names in subscopes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F03.dcl01-c",{"title":2414,"path":2415,"stem":2416},"DCL02-C. Use visually distinct identifiers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F04.dcl02-c",{"title":2418,"path":2419,"stem":2420},"DCL03-C. Use a static assertion to test the value of a constant expression","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F05.dcl03-c",{"title":2422,"path":2423,"stem":2424},"DCL04-C. Do not declare more than one variable per declaration","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F06.dcl04-c",{"title":2426,"path":2427,"stem":2428},"DCL05-C. Use typedefs of non-pointer types only","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F07.dcl05-c",{"title":2430,"path":2431,"stem":2432},"DCL06-C. Use meaningful symbolic constants to represent literal values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F08.dcl06-c",{"title":2434,"path":2435,"stem":2436},"DCL07-C. Include the appropriate type information in function declarators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F09.dcl07-c",{"title":2438,"path":2439,"stem":2440},"DCL08-C. Properly encode relationships in constant definitions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F10.dcl08-c",{"title":2442,"path":2443,"stem":2444},"DCL09-C. Declare functions that return errno with a return type of errno_t","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F11.dcl09-c",{"title":2446,"path":2447,"stem":2448},"DCL10-C. Maintain the contract between the writer and caller of variadic functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F12.dcl10-c",{"title":2450,"path":2451,"stem":2452},"DCL11-C. Understand the type issues associated with variadic functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F13.dcl11-c",{"title":2454,"path":2455,"stem":2456},"DCL12-C. Implement abstract data types using opaque types","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F14.dcl12-c",{"title":2458,"path":2459,"stem":2460},"DCL13-C. Declare function parameters that are pointers to values not changed by the function as const","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F15.dcl13-c",{"title":2462,"path":2463,"stem":2464},"DCL15-C. Declare file-scope objects or functions that do not need external linkage as static","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F16.dcl15-c",{"title":2466,"path":2467,"stem":2468},"DCL16-C. Use \"L,\" not \"l,\" to indicate a long value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F17.dcl16-c",{"title":2470,"path":2471,"stem":2472},"DCL17-C. Beware of miscompiled volatile-qualified variables","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F18.dcl17-c",{"title":2474,"path":2475,"stem":2476},"DCL18-C. Do not begin integer constants with 0 when specifying a decimal value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F19.dcl18-c",{"title":2478,"path":2479,"stem":2480},"DCL19-C. Minimize the scope of variables and functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F20.dcl19-c",{"title":2482,"path":2483,"stem":2484},"DCL20-C. Explicitly specify void when a function accepts no arguments","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F21.dcl20-c",{"title":2486,"path":2487,"stem":2488},"DCL21-C. Understand the storage of compound literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F22.dcl21-c",{"title":2490,"path":2491,"stem":2492},"DCL22-C. Use volatile for data that cannot be cached","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F23.dcl22-c",{"title":2494,"path":2495,"stem":2496},"DCL23-C. Guarantee that mutually visible identifiers are unique","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F24.dcl23-c",{"title":1510,"path":2498,"stem":2499,"children":2500},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F1.index",[2501,2502,2506,2510],{"title":1510,"path":2498,"stem":2499},{"title":2503,"path":2504,"stem":2505},"ENV01-C. Do not make assumptions about the size of an environment variable","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F2.env01-c",{"title":2507,"path":2508,"stem":2509},"ENV02-C. Beware of multiple environment variables with the same effective name","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F3.env02-c",{"title":2511,"path":2512,"stem":2513},"ENV03-C. Sanitize the environment when invoking external programs","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F4.env03-c",{"title":1536,"path":2515,"stem":2516,"children":2517},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F1.index",[2518,2519,2523,2527,2531,2535,2539,2543],{"title":1536,"path":2515,"stem":2516},{"title":2520,"path":2521,"stem":2522},"ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F2.err00-c",{"title":2524,"path":2525,"stem":2526},"ERR01-C. Use ferror() rather than errno to check for FILE stream errors","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F3.err01-c",{"title":2528,"path":2529,"stem":2530},"ERR02-C. Avoid in-band error indicators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F4.err02-c",{"title":2532,"path":2533,"stem":2534},"ERR04-C. Choose an appropriate termination strategy","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F5.err04-c",{"title":2536,"path":2537,"stem":2538},"ERR05-C. Application-independent code should provide error detection without dictating error handling","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F6.err05-c",{"title":2540,"path":2541,"stem":2542},"ERR06-C. Understand the termination behavior of assert() and abort()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F7.err06-c",{"title":2544,"path":2545,"stem":2546},"ERR07-C. Prefer functions that support error checking over equivalent functions that don't","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F8.err07-c",{"title":1558,"path":2548,"stem":2549,"children":2550},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F01.index",[2551,2552,2556,2560,2564,2568,2572,2576,2580,2584,2588,2592,2596,2600,2604,2608,2612],{"title":1558,"path":2548,"stem":2549},{"title":2553,"path":2554,"stem":2555},"EXP00-C. Use parentheses for precedence of operation","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F02.exp00-c",{"title":2557,"path":2558,"stem":2559},"EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F03.exp02-c",{"title":2561,"path":2562,"stem":2563},"EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F04.exp03-c",{"title":2565,"path":2566,"stem":2567},"EXP05-C. Do not cast away a const qualification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F05.exp05-c",{"title":2569,"path":2570,"stem":2571},"EXP07-C. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F06.exp07-c",{"title":2573,"path":2574,"stem":2575},"EXP08-C. Ensure pointer arithmetic is used correctly","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F07.exp08-c",{"title":2577,"path":2578,"stem":2579},"EXP09-C. Use sizeof to determine the size of a type or variable","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F08.exp09-c",{"title":2581,"path":2582,"stem":2583},"EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F09.exp10-c",{"title":2585,"path":2586,"stem":2587},"EXP11-C. Do not make assumptions regarding the layout of structures with bit-fields","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F10.exp11-c",{"title":2589,"path":2590,"stem":2591},"EXP12-C. Do not ignore values returned by functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F11.exp12-c",{"title":2593,"path":2594,"stem":2595},"EXP13-C. Treat relational and equality operators as if they were nonassociative","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F12.exp13-c",{"title":2597,"path":2598,"stem":2599},"EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F13.exp14-c",{"title":2601,"path":2602,"stem":2603},"EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F14.exp15-c",{"title":2605,"path":2606,"stem":2607},"EXP16-C. Do not compare function pointers to constant values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F15.exp16-c",{"title":2609,"path":2610,"stem":2611},"EXP19-C. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F16.exp19-c",{"title":2613,"path":2614,"stem":2615},"EXP20-C. Perform explicit tests to determine success, true and false, and equality","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F17.exp20-c",{"title":1624,"path":2617,"stem":2618,"children":2619},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F1.index",[2620,2621,2625,2629,2633,2637,2641,2645,2649],{"title":1624,"path":2617,"stem":2618},{"title":2622,"path":2623,"stem":2624},"FLP00-C. Understand the limitations of floating-point numbers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F2.flp00-c",{"title":2626,"path":2627,"stem":2628},"FLP01-C. Take care in rearranging floating-point expressions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F3.flp01-c",{"title":2630,"path":2631,"stem":2632},"FLP02-C. Avoid using floating-point numbers when precise computation is needed","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F4.flp02-c",{"title":2634,"path":2635,"stem":2636},"FLP03-C. Detect and handle floating-point errors","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F5.flp03-c",{"title":2638,"path":2639,"stem":2640},"FLP04-C. Check floating-point inputs for exceptional values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F6.flp04-c",{"title":2642,"path":2643,"stem":2644},"FLP05-C. Do not use denormalized numbers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F7.flp05-c",{"title":2646,"path":2647,"stem":2648},"FLP06-C. Convert integers to floating point for floating-point operations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F8.flp06-c",{"title":2650,"path":2651,"stem":2652},"FLP07-C. Cast the return value of a function that returns a floating-point type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F9.flp07-c",{"title":1650,"path":2654,"stem":2655,"children":2656},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F01.index",[2657,2658,2662,2666,2670,2674,2678,2682,2686,2690,2694,2698,2702,2706,2710,2714,2718,2722,2726,2730,2734],{"title":1650,"path":2654,"stem":2655},{"title":2659,"path":2660,"stem":2661},"FIO01-C. Be careful using functions that use file names for identification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F02.fio01-c",{"title":2663,"path":2664,"stem":2665},"FIO02-C. Canonicalize path names originating from tainted sources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F03.fio02-c",{"title":2667,"path":2668,"stem":2669},"FIO03-C. Do not make assumptions about fopen() and file creation","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F04.fio03-c",{"title":2671,"path":2672,"stem":2673},"FIO05-C. Identify files using multiple file attributes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F05.fio05-c",{"title":2675,"path":2676,"stem":2677},"FIO06-C. Create files with appropriate access permissions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F06.fio06-c",{"title":2679,"path":2680,"stem":2681},"FIO08-C. Take care when calling remove() on an open file","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F07.fio08-c",{"title":2683,"path":2684,"stem":2685},"FIO09-C. Be careful with binary data when transferring data across systems","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F08.fio09-c",{"title":2687,"path":2688,"stem":2689},"FIO10-C. Take care when using the rename() function","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F09.fio10-c",{"title":2691,"path":2692,"stem":2693},"FIO11-C. Take care when specifying the mode parameter of fopen()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F10.fio11-c",{"title":2695,"path":2696,"stem":2697},"FIO13-C. Never push back anything other than one read character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F11.fio13-c",{"title":2699,"path":2700,"stem":2701},"FIO14-C. Understand the difference between text mode and binary mode with file streams","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F12.fio14-c",{"title":2703,"path":2704,"stem":2705},"FIO15-C. Ensure that file operations are performed in a secure directory","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F13.fio15-c",{"title":2707,"path":2708,"stem":2709},"FIO17-C. Do not rely on an ending null character when using fread()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F14.fio17-c",{"title":2711,"path":2712,"stem":2713},"FIO18-C. Never expect fwrite() to terminate the writing process at a null character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F15.fio18-c",{"title":2715,"path":2716,"stem":2717},"FIO19-C. Do not use fseek() and ftell() to compute the size of a regular file","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F16.fio19-c",{"title":2719,"path":2720,"stem":2721},"FIO20-C. Avoid unintentional truncation when using fgets() or fgetws()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F17.fio20-c",{"title":2723,"path":2724,"stem":2725},"FIO21-C. Do not create temporary files in shared directories","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F18.fio21-c",{"title":2727,"path":2728,"stem":2729},"FIO22-C. Close files before spawning processes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F19.fio22-c",{"title":2731,"path":2732,"stem":2733},"FIO23-C. Do not exit with unflushed data in stdout or stderr","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F20.fio23-c",{"title":2735,"path":2736,"stem":2737},"FIO24-C. Do not open a file that is already open","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio24-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F21.fio24-c",{"title":1708,"path":2739,"stem":2740,"children":2741},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F01.index",[2742,2743,2747,2751,2755,2759,2763,2767,2771,2775,2779,2783,2787,2791,2795,2799],{"title":1708,"path":2739,"stem":2740},{"title":2744,"path":2745,"stem":2746},"INT00-C. Understand the data model used by your implementation(s)","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F02.int00-c",{"title":2748,"path":2749,"stem":2750},"INT01-C. Use size_t or rsize_t for all integer values representing the size of an object","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F03.int01-c",{"title":2752,"path":2753,"stem":2754},"INT04-C. Enforce limits on integer values originating from tainted sources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F05.int04-c",{"title":2756,"path":2757,"stem":2758},"INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F06.int05-c",{"title":2760,"path":2761,"stem":2762},"INT07-C. Use only explicitly signed or unsigned char type for numeric values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F07.int07-c",{"title":2764,"path":2765,"stem":2766},"INT08-C. Verify that all integer values are in range","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F08.int08-c",{"title":2768,"path":2769,"stem":2770},"INT09-C. Ensure enumeration constants map to unique values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F09.int09-c",{"title":2772,"path":2773,"stem":2774},"INT10-C. Do not assume a positive remainder when using the % operator","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F10.int10-c",{"title":2776,"path":2777,"stem":2778},"INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F11.int12-c",{"title":2780,"path":2781,"stem":2782},"INT13-C. Use bitwise operators only on unsigned operands","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F12.int13-c",{"title":2784,"path":2785,"stem":2786},"INT14-C. Avoid performing bitwise and arithmetic operations on the same data","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F13.int14-c",{"title":2788,"path":2789,"stem":2790},"INT15-C. Use intmax_t or uintmax_t for formatted IO on programmer-defined integer types","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F14.int15-c",{"title":2792,"path":2793,"stem":2794},"INT16-C. Do not make assumptions about representation of signed integers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F15.int16-c",{"title":2796,"path":2797,"stem":2798},"INT17-C. Define integer constants in an implementation-independent manner","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F16.int17-c",{"title":2800,"path":2801,"stem":2802},"INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F17.int18-c",{"title":1742,"path":2804,"stem":2805,"children":2806},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F01.index",[2807,2808,2812,2816,2820,2824,2828,2832,2836,2840,2844,2848],{"title":1742,"path":2804,"stem":2805},{"title":2809,"path":2810,"stem":2811},"MEM00-C. Allocate and free memory in the same module, at the same level of abstraction","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F02.mem00-c",{"title":2813,"path":2814,"stem":2815},"MEM01-C. Store a new value in pointers immediately after free()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F03.mem01-c",{"title":2817,"path":2818,"stem":2819},"MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F04.mem02-c",{"title":2821,"path":2822,"stem":2823},"MEM03-C. Clear sensitive information stored in reusable resources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F05.mem03-c",{"title":2825,"path":2826,"stem":2827},"MEM04-C. Beware of zero-length allocations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F06.mem04-c",{"title":2829,"path":2830,"stem":2831},"MEM05-C. Avoid large stack allocations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F07.mem05-c",{"title":2833,"path":2834,"stem":2835},"MEM06-C. Ensure that sensitive data is not written out to disk","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F08.mem06-c",{"title":2837,"path":2838,"stem":2839},"MEM07-C. Ensure that the arguments to calloc(), when multiplied, do not wrap","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F09.mem07-c",{"title":2841,"path":2842,"stem":2843},"MEM10-C. Define and use a pointer validation function","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F10.mem10-c",{"title":2845,"path":2846,"stem":2847},"MEM11-C. Do not assume infinite heap space","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F11.mem11-c",{"title":2849,"path":2850,"stem":2851},"MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F12.mem12-c",{"title":1772,"path":2853,"stem":2854,"children":2855},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F1.index",[2856,2857,2861,2865,2869,2873],{"title":1772,"path":2853,"stem":2854},{"title":2858,"path":2859,"stem":2860},"WIN00-C. Be specific when dynamically loading libraries","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F2.win00-c",{"title":2862,"path":2863,"stem":2864},"WIN01-C. Do not forcibly terminate execution","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F3.win01-c",{"title":2866,"path":2867,"stem":2868},"WIN02-C. Restrict privileges when spawning child processes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F4.win02-c",{"title":2870,"path":2871,"stem":2872},"WIN03-C. Understand HANDLE inheritance","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F5.win03-c",{"title":2874,"path":2875,"stem":2876},"WIN04-C. Consider encrypting function pointers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F6.win04-c",{"title":1782,"path":2878,"stem":2879,"children":2880},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F01.index",[2881,2882,2886,2890,2894,2898,2902,2906,2910,2914,2918,2922,2926,2930,2934,2938,2942,2946,2950,2954,2958,2962,2966],{"title":1782,"path":2878,"stem":2879},{"title":2883,"path":2884,"stem":2885},"MSC00-C. Compile cleanly at high warning levels","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F02.msc00-c",{"title":2887,"path":2888,"stem":2889},"MSC01-C. Strive for logical completeness","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F03.msc01-c",{"title":2891,"path":2892,"stem":2893},"MSC04-C. Use comments consistently and in a readable fashion","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F04.msc04-c",{"title":2895,"path":2896,"stem":2897},"MSC05-C. Do not manipulate time_t typed values directly","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F05.msc05-c",{"title":2899,"path":2900,"stem":2901},"MSC06-C. Beware of compiler optimizations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F06.msc06-c",{"title":2903,"path":2904,"stem":2905},"MSC07-C. Detect and remove dead code","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F07.msc07-c",{"title":2907,"path":2908,"stem":2909},"UTF8-related issues","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Futf8-related-issues","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F08.utf8-related-issues",{"title":2911,"path":2912,"stem":2913},"MSC11-C. Incorporate diagnostic tests using assertions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F09.msc11-c",{"title":2915,"path":2916,"stem":2917},"MSC12-C. Detect and remove code that has no effect or is never executed","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F10.msc12-c",{"title":2919,"path":2920,"stem":2921},"MSC13-C. Detect and remove unused values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F11.msc13-c",{"title":2923,"path":2924,"stem":2925},"MSC14-C. Do not introduce unnecessary platform dependencies","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F12.msc14-c",{"title":2927,"path":2928,"stem":2929},"MSC15-C. Do not depend on undefined behavior","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F13.msc15-c",{"title":2931,"path":2932,"stem":2933},"MSC17-C. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F14.msc17-c",{"title":2935,"path":2936,"stem":2937},"MSC18-C. Be careful while handling sensitive data, such as passwords, in program code","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F15.msc18-c",{"title":2939,"path":2940,"stem":2941},"MSC19-C. For functions that return an array, prefer returning an empty array over a null value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F16.msc19-c",{"title":2943,"path":2944,"stem":2945},"MSC20-C. Do not use a switch statement to transfer control into a complex block","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F17.msc20-c",{"title":2947,"path":2948,"stem":2949},"MSC21-C. Use robust loop termination conditions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F18.msc21-c",{"title":2951,"path":2952,"stem":2953},"MSC22-C. Use the setjmp(), longjmp() facility securely","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F19.msc22-c",{"title":2955,"path":2956,"stem":2957},"MSC23-C. Beware of vendor-specific library and language differences","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F20.msc23-c",{"title":2959,"path":2960,"stem":2961},"MSC24-C. Do not use deprecated or obsolescent functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc24-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F21.msc24-c",{"title":2963,"path":2964,"stem":2965},"MSC25-C. Do not use insecure or weak cryptographic algorithms","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc25-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F22.msc25-c",{"title":2967,"path":2968,"stem":2969},"Use subset of ASCII for safety","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fuse-subset-of-ascii-for-safety","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F23.use-subset-of-ascii-for-safety",{"title":1820,"path":2971,"stem":2972,"children":2973},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F1.index",[2974,2975,2979,2983,2987],{"title":1820,"path":2971,"stem":2972},{"title":2976,"path":2977,"stem":2978},"POS01-C. Check for the existence of links when dealing with files","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F2.pos01-c",{"title":2980,"path":2981,"stem":2982},"POS02-C. Follow the principle of least privilege","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F3.pos02-c",{"title":2984,"path":2985,"stem":2986},"POS04-C. Avoid using PTHREAD_MUTEX_NORMAL type mutex locks","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F4.pos04-c",{"title":2988,"path":2989,"stem":2990},"POS05-C. Limit access to files by creating a jail","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F5.pos05-c",{"title":1890,"path":2992,"stem":2993,"children":2994},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F01.index",[2995,2996,3000,3004,3008,3012,3016,3020,3024,3028,3032,3036,3040,3044],{"title":1890,"path":2992,"stem":2993},{"title":2997,"path":2998,"stem":2999},"PRE00-C. Prefer inline or static functions to function-like macros","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F02.pre00-c",{"title":3001,"path":3002,"stem":3003},"PRE01-C. Use parentheses within macros around parameter names","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F03.pre01-c",{"title":3005,"path":3006,"stem":3007},"PRE02-C. Macro replacement lists should be parenthesized","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F04.pre02-c",{"title":3009,"path":3010,"stem":3011},"PRE04-C. Do not reuse a standard header file name","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F05.pre04-c",{"title":3013,"path":3014,"stem":3015},"PRE05-C. Understand macro replacement when concatenating tokens or performing stringification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F06.pre05-c",{"title":3017,"path":3018,"stem":3019},"PRE06-C. Enclose header files in an include guard","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F07.pre06-c",{"title":3021,"path":3022,"stem":3023},"PRE07-C. Avoid using repeated question marks","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F08.pre07-c",{"title":3025,"path":3026,"stem":3027},"PRE08-C. Guarantee that header file names are unique","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F09.pre08-c",{"title":3029,"path":3030,"stem":3031},"PRE09-C. Do not replace secure functions with deprecated or obsolescent functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F10.pre09-c",{"title":3033,"path":3034,"stem":3035},"PRE10-C. Wrap multistatement macros in a do-while loop","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F11.pre10-c",{"title":3037,"path":3038,"stem":3039},"PRE11-C. Do not conclude macro definitions with a semicolon","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F12.pre11-c",{"title":3041,"path":3042,"stem":3043},"PRE12-C. Do not define unsafe macros","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F13.pre12-c",{"title":3045,"path":3046,"stem":3047},"PRE13-C. Use the Standard predefined macros to test for versions and features.","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F14.pre13-c",{"title":1908,"path":3049,"stem":3050,"children":3051},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F1.index",[3052,3053,3057,3061],{"title":1908,"path":3049,"stem":3050},{"title":3054,"path":3055,"stem":3056},"SIG00-C. Mask signals handled by noninterruptible signal handlers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F2.sig00-c",{"title":3058,"path":3059,"stem":3060},"SIG01-C. Understand implementation-specific details regarding signal handler persistence","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F3.sig01-c",{"title":3062,"path":3063,"stem":3064},"SIG02-C. Avoid using signals to implement normal functionality","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F4.sig02-c",{"title":3066,"path":3067,"stem":3068},"CERT manifest files","\u002Fsei-cert-c-coding-standard\u002Fcert-manifest-files","4.sei-cert-c-coding-standard\u002F09.cert-manifest-files",1775657789252]