[{"data":1,"prerenderedAt":4248},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio21-c":28,"surround-\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio21-c":2455,"sidebar-sei-cert-c-coding-standard":2462},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":2437,"extension":2438,"meta":2439,"navigation":7,"path":2451,"seo":2452,"stem":2453,"__hash__":2454},"content\u002F4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F18.fio21-c.md","FIO21-C. Do not create temporary files in shared directories",{"type":32,"value":33,"toc":2416},"minimark",[34,38,55,58,67,80,87,90,111,114,119,348,356,359,364,377,380,393,396,417,423,426,433,444,448,464,477,491,617,620,641,782,792,825,976,988,1016,1029,1043,1050,1061,1213,1227,1246,1252,1257,1269,1272,1341,1348,1356,1366,1706,1745,1761,1773,1777,1783,1808,1812,1815,1875,1879,2143,2147,2161,2165,2244,2248,2387,2390,2412],[35,36,30],"h1",{"id":37},"fio21-c-do-not-create-temporary-files-in-shared-directories",[39,40,41,42,46,47,50,51,54],"p",{},"Programmers frequently create temporary files in directories that are writable by everyone (examples are ",[43,44,45],"code",{},"\u002Ftmp"," and ",[43,48,49],{},"\u002Fvar\u002Ftmp"," on UNIX and ",[43,52,53],{},"%TEMP%"," on Windows) and may be purged regularly (for example, every night or during reboot).",[39,56,57],{},"Temporary files are commonly used for auxiliary storage for data that does not need to, or otherwise cannot, reside in memory and also as a means of communicating with other processes by transferring data through the file system. For example, one process will create a temporary file in a shared directory with a well-known name or a temporary name that is communicated to collaborating processes. The file then can be used to share information among these collaborating processes.",[39,59,60,61,66],{},"This practice is dangerous because a well-known file in a shared directory can be easily hijacked or manipulated by an attacker. ",[62,63,65],"a",{"href":64},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-mitigation","Mitigation"," strategies include the following:",[68,69,70,74,77],"ol",{},[71,72,73],"li",{},"Use other low-level IPC (interprocess communication) mechanisms such as sockets or shared memory.",[71,75,76],{},"Use higher-level IPC mechanisms such as remote procedure calls.",[71,78,79],{},"Use a secure directory or a jail that can be accessed only by application instances (ensuring that multiple instances of the application running on the same platform do not compete).",[39,81,82,83,86],{},"There are many different IPC mechanisms; some require the use of temporary files, and others do not. An example of an IPC mechanism that uses temporary files is the POSIX ",[43,84,85],{},"mmap()"," function. Berkeley Sockets, POSIX Local IPC Sockets, and System V Shared Memory do not require temporary files. Because the multiuser nature of shared directories poses an inherent security risk, the use of shared temporary files for IPC is discouraged.",[39,88,89],{},"When two or more users or a group of users have write permission to a directory, the potential for deception is far greater than it is for shared access to a few files. Consequently, temporary files in shared directories must be",[91,92,93,96,99,102,105,108],"ul",{},[71,94,95],{},"Created unpredictable file names",[71,97,98],{},"Created with unique names",[71,100,101],{},"Opened only if the file doesn't already exist (atomic open)",[71,103,104],{},"Opened with exclusive access",[71,106,107],{},"Opened with appropriate permissions",[71,109,110],{},"Removed before the program exits",[39,112,113],{},"The following table lists common temporary file functions and their respective conformance to these criteria:",[115,116,118],"h6",{"id":117},"conformance-of-file-functions-to-criteria-for-temporary-files","Conformance of File Functions to Criteria for Temporary Files",[120,121,124],"table",{"className":122},[123],"wrapped",[125,126,127,179,209,237,266,294,321],"tbody",{},[128,129,132,140,150,160,170],"tr",{"className":130},[131],"header",[133,134,135],"th",{},[39,136,137],{},[138,139],"br",{},[133,141,142],{},[39,143,144,147,149],{},[43,145,146],{}," tmpnam ",[138,148],{},"\n(C)",[133,151,152],{},[39,153,154,157,159],{},[43,155,156],{}," tmpfile ",[138,158],{},"\n(C\u002FPOSIX)",[133,161,162],{},[39,163,164,167,169],{},[43,165,166],{}," mktemp ",[138,168],{},"\n(POSIX)",[133,171,172],{},[39,173,174,177,169],{},[43,175,176],{}," mkstemp ",[138,178],{},[128,180,183,192,197,201,205],{"className":181},[182],"odd",[184,185,186],"td",{},[39,187,188],{},[189,190,191],"strong",{},"Unpredictable Name",[184,193,194],{},[39,195,196],{},"Not portably",[184,198,199],{},[39,200,196],{},[184,202,203],{},[39,204,196],{},[184,206,207],{},[39,208,196],{},[128,210,213,220,225,229,233],{"className":211},[212],"even",[184,214,215],{},[39,216,217],{},[189,218,219],{},"Unique Name",[184,221,222],{},[39,223,224],{},"Yes",[184,226,227],{},[39,228,224],{},[184,230,231],{},[39,232,224],{},[184,234,235],{},[39,236,224],{},[128,238,240,249,254,258,262],{"className":239},[182],[184,241,242],{},[39,243,244],{},[189,245,246,247],{},"Atomic open",[138,248],{},[184,250,251],{},[39,252,253],{},"No",[184,255,256],{},[39,257,224],{},[184,259,260],{},[39,261,253],{},[184,263,264],{},[39,265,224],{},[128,267,269,276,281,285,289],{"className":268},[212],[184,270,271],{},[39,272,273],{},[189,274,275],{},"Exclusive Access",[184,277,278],{},[39,279,280],{},"Possible",[184,282,283],{},[39,284,253],{},[184,286,287],{},[39,288,280],{},[184,290,291],{},[39,292,293],{},"If supported by OS",[128,295,297,304,308,313,317],{"className":296},[182],[184,298,299],{},[39,300,301],{},[189,302,303],{},"Appropriate Permissions",[184,305,306],{},[39,307,280],{},[184,309,310],{},[39,311,312],{},"If supported by OS *",[184,314,315],{},[39,316,280],{},[184,318,319],{},[39,320,196],{},[128,322,324,331,335,340,344],{"className":323},[212],[184,325,326],{},[39,327,328],{},[189,329,330],{},"File Removed",[184,332,333],{},[39,334,253],{},[184,336,337],{},[39,338,339],{},"Yes*",[184,341,342],{},[39,343,253],{},[184,345,346],{},[39,347,253],{},[39,349,350,351,355],{},"* If the program terminates abnormally, this behavior is ",[62,352,354],{"href":353},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-implementation-definedbehavior","implementation-defined"," .",[39,357,358],{},"Securely creating temporary files is error prone and dependent on the version of the C runtime library used, the operating system, and the file system. Code that works for a locally mounted file system, for example, may be vulnerable when used with a remotely mounted file system. Moreover, none of these functions are without problems. The only secure solution is to not create temporary files in shared directories.",[360,361,363],"h3",{"id":362},"unique-and-unpredictable-file-names","Unique and Unpredictable File Names",[39,365,366,367,371,372,376],{},"Privileged programs that create temporary files in world-writable directories can be ",[62,368,370],{"href":369},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-exploit","exploited"," to overwrite protected system files. An attacker who can predict the name of a file created by a privileged program can create a symbolic link (with the same name as the file used by the program) to point to a protected system file. Unless the privileged program is coded securely, the program will follow the symbolic link instead of opening or creating the file that it is supposed to be using. As a result, a protected system file to which the symbolic link points can be overwritten when the program is executed [ ",[62,373,375],{"href":374},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-HP03","HP 2003"," ]. Unprivileged programs can be similarly exploited to overwrite protected user files.",[360,378,275],{"id":379},"exclusive-access",[39,381,382,383,387,388,392],{},"Exclusive access grants unrestricted file access to the locking process while denying access to all other processes and eliminates the potential for a race condition on the locked region. (See ",[384,385,386],"em",{},"Secure Coding in C and"," C++, Chapter 8 [ ",[62,389,391],{"href":390},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Seacord2013","Seacord 2013"," ].)",[39,394,395],{},"Files, or regions of files, can be locked to prevent two processes from concurrent access. Windows supports two types of file locks:",[91,397,398,408],{},[71,399,400,403,404,407],{},[384,401,402],{},"Shared locks"," , provided by ",[43,405,406],{},"LockFile()"," , prohibit all write access to the locked file region while allowing concurrent read access to all processes.",[71,409,410,403,413,416],{},[384,411,412],{},"Exclusive locks",[43,414,415],{},"LockFileEx()"," , grant unrestricted file access to the locking process while denying access to all other processes.",[39,418,419,420,355],{},"In both cases, the lock is removed by calling ",[43,421,422],{},"UnlockFile()",[39,424,425],{},"Both shared locks and exclusive locks eliminate the potential for a race condition on the locked region. The exclusive lock is similar to a mutual exclusion solution, and the shared lock eliminates race conditions by removing the potential for altering the state of the locked file region (one of the required properties for a race).",[39,427,428,429,432],{},"These Windows file-locking mechanisms are called ",[384,430,431],{},"mandatory locks"," because every process attempting to access a locked file region is subject to the restriction. Linux implements mandatory locks and advisory locks. An advisory lock is not enforced by the operating system, which severely diminishes its value from a security perspective. Unfortunately, the mandatory file lock in Linux is also largely impractical for the following reasons:",[91,434,435,438,441],{},[71,436,437],{},"Mandatory locking works only on local file systems and does not extend to network file systems (such as NFS or AFS).",[71,439,440],{},"File systems must be mounted with support for mandatory locking, and this is disabled by default.",[71,442,443],{},"Locking relies on the group ID bit that can be turned off by another process (thereby defeating the lock).",[360,445,447],{"id":446},"removal-before-termination","Removal before Termination",[39,449,450,451,455,456,459,460,463],{},"Removing temporary files when they are no longer required allows file names and other resources (such as secondary storage) to be recycled. In the case of ",[62,452,454],{"href":453},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-abnormaltermination","abnormal termination"," , there is no sure method that can guarantee the removal of orphaned files. For this reason, temporary file cleaner utilities, which are invoked manually by a system administrator or periodically run by a daemon to sweep temporary directories and remove old files, are widely used. However, these utilities are themselves vulnerable to file-based ",[62,457,458],{"href":369},"exploits"," and often require the use of shared directories. During normal operation, it is the responsibility of the program to ensure that temporary files are removed either explicitly or through the use of library routines, such as ",[43,461,462],{},"tmpfile_s"," , which guarantee temporary file deletion upon program termination.",[465,466,468,469,472,473,476],"h2",{"id":467},"noncompliant-code-example-fopenopen-with-tmpnam","Noncompliant Code Example ( ",[43,470,471],{},"fopen()\u002Fopen()"," with ",[43,474,475],{},"tmpnam()"," )",[39,478,479,480,483,484,486,487,490],{},"This noncompliant code example creates a file with a hard-coded ",[43,481,482],{},"file_name"," (presumably in a shared directory such as ",[43,485,45],{}," or ",[43,488,489],{},"C:\\Temp"," ):",[492,493,495],"code-block",{"quality":494},"bad",[496,497,502],"pre",{"className":498,"code":499,"language":500,"meta":501,"style":501},"language-c shiki shiki-themes github-light github-dark monokai","#include \u003Cstdio.h>\n \nvoid func(const char *file_name) {\n FILE *fp = fopen(file_name, \"wb+\");\n if (fp == NULL) {\n \u002F* Handle error *\u002F\n }\n}\n","c","",[43,503,504,517,524,553,580,598,605,611],{"__ignoreMap":501},[505,506,509,513],"span",{"class":507,"line":508},"line",1,[505,510,512],{"class":511},"sC2Qs","#include",[505,514,516],{"class":515},"sstjo"," \u003Cstdio.h>\n",[505,518,520],{"class":507,"line":519},2,[505,521,523],{"class":522},"sMOD_"," \n",[505,525,527,531,535,538,541,544,547,550],{"class":507,"line":526},3,[505,528,530],{"class":529},"sq6CD","void",[505,532,534],{"class":533},"srTi1"," func",[505,536,537],{"class":522},"(",[505,539,540],{"class":511},"const",[505,542,543],{"class":529}," char",[505,545,546],{"class":511}," *",[505,548,482],{"class":549},"sTHNf",[505,551,552],{"class":522},") {\n",[505,554,556,559,562,565,568,571,574,577],{"class":507,"line":555},4,[505,557,558],{"class":522}," FILE ",[505,560,561],{"class":511},"*",[505,563,564],{"class":522},"fp ",[505,566,567],{"class":511},"=",[505,569,570],{"class":533}," fopen",[505,572,573],{"class":522},"(file_name, ",[505,575,576],{"class":515},"\"wb+\"",[505,578,579],{"class":522},");\n",[505,581,583,586,589,592,596],{"class":507,"line":582},5,[505,584,585],{"class":511}," if",[505,587,588],{"class":522}," (fp ",[505,590,591],{"class":511},"==",[505,593,595],{"class":594},"s7F3e"," NULL",[505,597,552],{"class":522},[505,599,601],{"class":507,"line":600},6,[505,602,604],{"class":603},"s8-w5"," \u002F* Handle error *\u002F\n",[505,606,608],{"class":507,"line":607},7,[505,609,610],{"class":522}," }\n",[505,612,614],{"class":507,"line":613},8,[505,615,616],{"class":522},"}\n",[39,618,619],{},"Because the name is hard coded and consequently neither unique nor unpredictable, an attacker need only replace a file with a symbolic link, and the target file referenced by the link is opened and truncated.",[39,621,622,623,625,626,628,629,631,632,636,637,640],{},"This noncompliant code example attempts to remedy the problem by generating the file name at runtime using ",[43,624,475],{}," . The C ",[43,627,475],{}," function generates a string that is a valid file name and that is not the same as the name of an existing file. Files created using strings generated by the ",[43,630,475],{}," function are temporary in that their names should not collide with those generated by conventional naming rules for the ",[62,633,635],{"href":634},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-implementation","implementation"," . The function is potentially capable of generating ",[43,638,639],{},"TMP_MAX"," different strings, but any or all of them may already be in use by existing files.",[492,642,643],{"quality":494},[496,644,646],{"className":498,"code":645,"language":500,"meta":501,"style":501},"#include \u003Cstdio.h>\n \nvoid func(void) {\n char file_name[L_tmpnam];\n FILE *fp;\n\n if (!tmpnam(file_name)) {\n \u002F* Handle error *\u002F\n }\n\n \u002F* A TOCTOU race condition exists here *\u002F\n\n fp = fopen(file_name, \"wb+\");\n if (fp == NULL) {\n \u002F* Handle error *\u002F\n }\n}\n",[43,647,648,654,658,670,682,691,696,712,716,721,726,732,737,753,766,772,777],{"__ignoreMap":501},[505,649,650,652],{"class":507,"line":508},[505,651,512],{"class":511},[505,653,516],{"class":515},[505,655,656],{"class":507,"line":519},[505,657,523],{"class":522},[505,659,660,662,664,666,668],{"class":507,"line":526},[505,661,530],{"class":529},[505,663,534],{"class":533},[505,665,537],{"class":522},[505,667,530],{"class":529},[505,669,552],{"class":522},[505,671,672,675,679],{"class":507,"line":555},[505,673,674],{"class":529}," char",[505,676,678],{"class":677},"sOrwc"," file_name",[505,680,681],{"class":522},"[L_tmpnam];\n",[505,683,684,686,688],{"class":507,"line":582},[505,685,558],{"class":522},[505,687,561],{"class":511},[505,689,690],{"class":522},"fp;\n",[505,692,693],{"class":507,"line":600},[505,694,695],{"emptyLinePlaceholder":7},"\n",[505,697,698,700,703,706,709],{"class":507,"line":607},[505,699,585],{"class":511},[505,701,702],{"class":522}," (",[505,704,705],{"class":511},"!",[505,707,708],{"class":533},"tmpnam",[505,710,711],{"class":522},"(file_name)) {\n",[505,713,714],{"class":507,"line":613},[505,715,604],{"class":603},[505,717,719],{"class":507,"line":718},9,[505,720,610],{"class":522},[505,722,724],{"class":507,"line":723},10,[505,725,695],{"emptyLinePlaceholder":7},[505,727,729],{"class":507,"line":728},11,[505,730,731],{"class":603}," \u002F* A TOCTOU race condition exists here *\u002F\n",[505,733,735],{"class":507,"line":734},12,[505,736,695],{"emptyLinePlaceholder":7},[505,738,740,743,745,747,749,751],{"class":507,"line":739},13,[505,741,742],{"class":522}," fp ",[505,744,567],{"class":511},[505,746,570],{"class":533},[505,748,573],{"class":522},[505,750,576],{"class":515},[505,752,579],{"class":522},[505,754,756,758,760,762,764],{"class":507,"line":755},14,[505,757,585],{"class":511},[505,759,588],{"class":522},[505,761,591],{"class":511},[505,763,595],{"class":594},[505,765,552],{"class":522},[505,767,769],{"class":507,"line":768},15,[505,770,771],{"class":603}," \u002F* Handle error *\u002F\n",[505,773,775],{"class":507,"line":774},16,[505,776,610],{"class":522},[505,778,780],{"class":507,"line":779},17,[505,781,616],{"class":522},[39,783,784,785,787,788,791],{},"Because ",[43,786,475],{}," does not guarantee a unique name and ",[43,789,790],{},"fopen()"," does not provide a facility for an exclusive open, this code is still vulnerable.",[39,793,794,795,798,799,803,804,46,807,810,811,813,814,816,817,46,819,821,822,824],{},"The next noncompliant code example attempts to remedy the problem by using the POSIX ",[43,796,797],{},"open()"," function and providing a mechanism to indicate whether an existing file has been opened for writing or a new file has been created [ ",[62,800,802],{"href":801},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-IEEEStd1003.1-2013","IEEE Std 1003.1:2013"," ]. If the ",[43,805,806],{},"O_CREAT",[43,808,809],{},"O_EXCL"," flags are used together, the ",[43,812,797],{}," function fails when the file specified by ",[43,815,482],{}," already exists. To prevent an existing file from being opened and truncated, include the flags ",[43,818,806],{},[43,820,809],{}," when calling ",[43,823,797],{}," :",[492,826,827],{"quality":494},[496,828,830],{"className":498,"code":829,"language":500,"meta":501,"style":501},"#include \u003Cstdio.h>\n \nvoid func(void) {\n char file_name[L_tmpnam];\n int fd;\n\n if (!(tmpnam(file_name))) {\n \u002F* Handle error *\u002F\n }\n\n \u002F* A TOCTOU race condition exists here *\u002F\n\n fd = open(file_name, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC,\n 0600);\n if (fd \u003C 0) {\n \u002F* Handle error *\u002F\n }\n}\n",[43,831,832,838,842,854,862,870,874,889,893,897,901,905,909,938,948,963,967,971],{"__ignoreMap":501},[505,833,834,836],{"class":507,"line":508},[505,835,512],{"class":511},[505,837,516],{"class":515},[505,839,840],{"class":507,"line":519},[505,841,523],{"class":522},[505,843,844,846,848,850,852],{"class":507,"line":526},[505,845,530],{"class":529},[505,847,534],{"class":533},[505,849,537],{"class":522},[505,851,530],{"class":529},[505,853,552],{"class":522},[505,855,856,858,860],{"class":507,"line":555},[505,857,674],{"class":529},[505,859,678],{"class":677},[505,861,681],{"class":522},[505,863,864,867],{"class":507,"line":582},[505,865,866],{"class":529}," int",[505,868,869],{"class":522}," fd;\n",[505,871,872],{"class":507,"line":600},[505,873,695],{"emptyLinePlaceholder":7},[505,875,876,878,880,882,884,886],{"class":507,"line":607},[505,877,585],{"class":511},[505,879,702],{"class":522},[505,881,705],{"class":511},[505,883,537],{"class":522},[505,885,708],{"class":533},[505,887,888],{"class":522},"(file_name))) {\n",[505,890,891],{"class":507,"line":613},[505,892,604],{"class":603},[505,894,895],{"class":507,"line":718},[505,896,610],{"class":522},[505,898,899],{"class":507,"line":723},[505,900,695],{"emptyLinePlaceholder":7},[505,902,903],{"class":507,"line":728},[505,904,731],{"class":603},[505,906,907],{"class":507,"line":734},[505,908,695],{"emptyLinePlaceholder":7},[505,910,911,914,916,919,922,925,928,930,933,935],{"class":507,"line":739},[505,912,913],{"class":522}," fd ",[505,915,567],{"class":511},[505,917,918],{"class":533}," open",[505,920,921],{"class":522},"(file_name, O_WRONLY ",[505,923,924],{"class":511},"|",[505,926,927],{"class":522}," O_CREAT ",[505,929,924],{"class":511},[505,931,932],{"class":522}," O_EXCL ",[505,934,924],{"class":511},[505,936,937],{"class":522}," O_TRUNC,\n",[505,939,940,943,946],{"class":507,"line":755},[505,941,942],{"class":511}," 0",[505,944,945],{"class":594},"600",[505,947,579],{"class":522},[505,949,950,952,955,958,961],{"class":507,"line":768},[505,951,585],{"class":511},[505,953,954],{"class":522}," (fd ",[505,956,957],{"class":511},"\u003C",[505,959,960],{"class":594}," 0",[505,962,552],{"class":522},[505,964,965],{"class":507,"line":774},[505,966,771],{"class":603},[505,968,969],{"class":507,"line":779},[505,970,610],{"class":522},[505,972,974],{"class":507,"line":973},18,[505,975,616],{"class":522},[39,977,978,979,981,982,984,985,987],{},"This call to ",[43,980,797],{}," fails whenever ",[43,983,482],{}," already exists, including when it is a symbolic link, but a temporary file is presumably still required. Additionally, the method used by ",[43,986,475],{}," to generate file names is not guaranteed to be unpredictable, which leaves room for an attacker to guess the file name ahead of time.",[39,989,990,991,993,994,996,997,999,1000,1004,1005,1008,1009,1012,1013,355],{},"Care should be observed when using ",[43,992,809],{}," with remote file systems because it does not work with NFS version 2. NFS version 3 added support for ",[43,995,809],{}," mode in ",[43,998,797],{}," ; see IETF RFC 1813 [ ",[62,1001,1003],{"href":1002},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Callaghan95","Callaghan 1995"," ], particularly the ",[43,1006,1007],{},"EXCLUSIVE"," value to the ",[43,1010,1011],{},"mode"," argument of ",[43,1014,1015],{},"CREATE",[39,1017,1018,1019,1021,1022,1025,1026,1028],{},"Moreover, the ",[43,1020,797],{}," function, as specified by the ",[384,1023,1024],{},"Standard for Information Technology—Portable Operating System Interface (POSIX®), Base Specifications, Issue 7"," [ ",[62,1027,802],{"href":801}," ], does not include support for shared or exclusive locks. However, BSD systems support two additional flags that allow you to obtain these locks:",[91,1030,1031,1037],{},[71,1032,1033,1036],{},[43,1034,1035],{},"O_SHLOCK"," : Atomically obtain a shared lock.",[71,1038,1039,1042],{},[43,1040,1041],{},"O_EXLOCK"," : Atomically obtain an exclusive lock.",[465,1044,468,1046,1049],{"id":1045},"noncompliant-code-example-mktempopen-posix",[43,1047,1048],{},"mktemp()\u002Fopen()"," , POSIX)",[39,1051,1052,1053,1056,1057,1060],{},"The POSIX function ",[43,1054,1055],{},"mktemp()"," takes a given file name template and overwrites a portion of it to create a file name. The template may be any file name with exactly six X's appended to it (for example, ",[43,1058,1059],{},"\u002Ftmp\u002Ftemp.XXXXXX"," ). The six trailing X's are replaced with the current process number and\u002For a unique letter combination.",[492,1062,1063],{"quality":494},[496,1064,1066],{"className":498,"code":1065,"language":500,"meta":501,"style":501},"#include \u003Cstdio.h>\n#include \u003Cstdlib.h>\n \nvoid func(void) {\n char file_name[] = \"tmp-XXXXXX\";\n int fd;\n\n if (!mktemp(file_name)) {\n \u002F* Handle error *\u002F\n }\n\n \u002F* A TOCTOU race condition exists here *\u002F\n\n fd = open(file_name, O_WRONLY | O_CREAT | O_EXCL | O_TRUNC,\n 0600);\n if (fd \u003C 0) {\n \u002F* Handle error *\u002F\n }\n}\n",[43,1067,1068,1074,1081,1085,1097,1115,1121,1125,1138,1142,1146,1150,1154,1158,1180,1188,1200,1204,1208],{"__ignoreMap":501},[505,1069,1070,1072],{"class":507,"line":508},[505,1071,512],{"class":511},[505,1073,516],{"class":515},[505,1075,1076,1078],{"class":507,"line":519},[505,1077,512],{"class":511},[505,1079,1080],{"class":515}," \u003Cstdlib.h>\n",[505,1082,1083],{"class":507,"line":526},[505,1084,523],{"class":522},[505,1086,1087,1089,1091,1093,1095],{"class":507,"line":555},[505,1088,530],{"class":529},[505,1090,534],{"class":533},[505,1092,537],{"class":522},[505,1094,530],{"class":529},[505,1096,552],{"class":522},[505,1098,1099,1101,1103,1106,1109,1112],{"class":507,"line":582},[505,1100,674],{"class":529},[505,1102,678],{"class":522},[505,1104,1105],{"class":511},"[]",[505,1107,1108],{"class":511}," =",[505,1110,1111],{"class":515}," \"tmp-XXXXXX\"",[505,1113,1114],{"class":522},";\n",[505,1116,1117,1119],{"class":507,"line":600},[505,1118,866],{"class":529},[505,1120,869],{"class":522},[505,1122,1123],{"class":507,"line":607},[505,1124,695],{"emptyLinePlaceholder":7},[505,1126,1127,1129,1131,1133,1136],{"class":507,"line":613},[505,1128,585],{"class":511},[505,1130,702],{"class":522},[505,1132,705],{"class":511},[505,1134,1135],{"class":533},"mktemp",[505,1137,711],{"class":522},[505,1139,1140],{"class":507,"line":718},[505,1141,604],{"class":603},[505,1143,1144],{"class":507,"line":723},[505,1145,610],{"class":522},[505,1147,1148],{"class":507,"line":728},[505,1149,695],{"emptyLinePlaceholder":7},[505,1151,1152],{"class":507,"line":734},[505,1153,731],{"class":603},[505,1155,1156],{"class":507,"line":739},[505,1157,695],{"emptyLinePlaceholder":7},[505,1159,1160,1162,1164,1166,1168,1170,1172,1174,1176,1178],{"class":507,"line":755},[505,1161,913],{"class":522},[505,1163,567],{"class":511},[505,1165,918],{"class":533},[505,1167,921],{"class":522},[505,1169,924],{"class":511},[505,1171,927],{"class":522},[505,1173,924],{"class":511},[505,1175,932],{"class":522},[505,1177,924],{"class":511},[505,1179,937],{"class":522},[505,1181,1182,1184,1186],{"class":507,"line":768},[505,1183,942],{"class":511},[505,1185,945],{"class":594},[505,1187,579],{"class":522},[505,1189,1190,1192,1194,1196,1198],{"class":507,"line":774},[505,1191,585],{"class":511},[505,1193,954],{"class":522},[505,1195,957],{"class":511},[505,1197,960],{"class":594},[505,1199,552],{"class":522},[505,1201,1202],{"class":507,"line":779},[505,1203,604],{"class":603},[505,1205,1206],{"class":507,"line":973},[505,1207,610],{"class":522},[505,1209,1211],{"class":507,"line":1210},19,[505,1212,616],{"class":522},[39,1214,1215,1216,1218,1219,1223,1224,1226],{},"The ",[43,1217,1055],{}," function is marked \"LEGACY\" in the Open Group Base Specifications Issue 6 [ ",[62,1220,1222],{"href":1221},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-OpenGroup04","Open Group 2004"," ]. The manual page for ",[43,1225,1055],{}," gives more detail:",[1228,1229,1230],"blockquote",{},[39,1231,1232,1233,1235,1236,1239,1240,1242,1243,355],{},"Never use ",[43,1234,1055],{}," . Some implementations follow BSD 4.3 and replace ",[43,1237,1238],{},"XXXXXX"," by the current process id and a single letter, so that at most 26 different names can be returned. Since on the one hand the names are easy to guess, and on the other hand there is a race between testing whether the name exists and opening the file, every use of ",[43,1241,1055],{}," is a security risk. The race is avoided by ",[43,1244,1245],{},"mkstemp(3)",[465,1247,468,1249,476],{"id":1248},"noncompliant-code-example-tmpfile",[43,1250,1251],{},"tmpfile()",[39,1253,1215,1254,1256],{},[43,1255,1251],{}," function creates a temporary binary file that is different from any other existing file and that is automatically removed when it is closed or at program termination.",[39,1258,1259,1260,1262,1263,1265,1266,1268],{},"It should be possible to open at least ",[43,1261,639],{}," temporary files during the lifetime of the program. (This limit may be shared with ",[43,1264,475],{}," .) Subclause 7.21.4.4, paragraph 6, of the C Standard allows for the value of the macro ",[43,1267,639],{}," to be as small as 25.",[39,1270,1271],{},"Most historic implementations provide only a limited number of possible temporary file names (usually 26) before file names are recycled.",[492,1273,1274],{"quality":494},[496,1275,1277],{"className":498,"code":1276,"language":500,"meta":501,"style":501},"#include \u003Cstdio.h>\n \nvoid func(void) {\n FILE *fp = tmpfile();\n if (fp == NULL) {\n \u002F* Handle error *\u002F\n }\n}\n",[43,1278,1279,1285,1289,1301,1317,1329,1333,1337],{"__ignoreMap":501},[505,1280,1281,1283],{"class":507,"line":508},[505,1282,512],{"class":511},[505,1284,516],{"class":515},[505,1286,1287],{"class":507,"line":519},[505,1288,523],{"class":522},[505,1290,1291,1293,1295,1297,1299],{"class":507,"line":526},[505,1292,530],{"class":529},[505,1294,534],{"class":533},[505,1296,537],{"class":522},[505,1298,530],{"class":529},[505,1300,552],{"class":522},[505,1302,1303,1305,1307,1309,1311,1314],{"class":507,"line":555},[505,1304,558],{"class":522},[505,1306,561],{"class":511},[505,1308,564],{"class":522},[505,1310,567],{"class":511},[505,1312,1313],{"class":533}," tmpfile",[505,1315,1316],{"class":522},"();\n",[505,1318,1319,1321,1323,1325,1327],{"class":507,"line":582},[505,1320,585],{"class":511},[505,1322,588],{"class":522},[505,1324,591],{"class":511},[505,1326,595],{"class":594},[505,1328,552],{"class":522},[505,1330,1331],{"class":507,"line":600},[505,1332,604],{"class":603},[505,1334,1335],{"class":507,"line":607},[505,1336,610],{"class":522},[505,1338,1339],{"class":507,"line":613},[505,1340,616],{"class":522},[465,1342,1344,1345,1049],{"id":1343},"compliant-solution-mkstemp-posix","Compliant Solution ( ",[43,1346,1347],{},"mkstemp()",[39,1349,1215,1350,1352,1353,1355],{},[43,1351,1347],{}," algorithm for selecting file names has shown to be immune to attacks. The ",[43,1354,1347],{}," function is available on systems that support the Open Group Base Specifications Issue 4, version 2 or later.",[39,1357,1358,1359,1361,1362,1365],{},"A call to ",[43,1360,1347],{}," replaces the six ",[43,1363,1364],{},"X"," 's in the template string with six randomly selected characters and returns a file descriptor for the file (opened for reading and writing), as in this compliant solution:",[492,1367,1369],{"quality":1368},"good",[496,1370,1372],{"className":498,"code":1371,"language":500,"meta":501,"style":501},"#include \u003Cstdio.h>\n#include \u003Cstdlib.h>\n#include \u003Cunistd.h>\n \nextern int secure_dir(const char *sdn);\n \nvoid func(void) {\n const char *sdn = \"\u002Fhome\u002Fusr1\u002F\";\n char sfn[] = \"\u002Fhome\u002Fusr1\u002Ftemp-XXXXXX\";\n FILE *sfp;\n\n if (!secure_dir(sdn)) {\n \u002F* Handle error *\u002F\n }\n\n int fd = mkstemp(sfn);\n if (fd == -1) {\n \u002F* Handle error *\u002F\n }\n\n  \u002F* \n * Unlink immediately to hide the file name. The race\n   * condition here is inconsequential if the file is created\n   * with exclusive permissions (glibc >= 2.0.7).\n  *\u002F\n if (unlink(sfn) == -1) {\n \u002F* Handle error *\u002F\n }\n\n sfp = fdopen(fd, \"w+\");\n if (sfp == NULL) {\n close(fd);\n \u002F* Handle error *\u002F\n }\n\n \u002F* Use temporary file *\u002F\n\n fclose(sfp); \u002F* Also closes fd *\u002F\n}\n",[43,1373,1374,1380,1386,1393,1397,1421,1425,1437,1456,1472,1481,1485,1499,1503,1507,1511,1526,1542,1546,1550,1555,1561,1567,1573,1579,1585,1606,1611,1616,1621,1640,1654,1663,1668,1673,1678,1684,1689,1701],{"__ignoreMap":501},[505,1375,1376,1378],{"class":507,"line":508},[505,1377,512],{"class":511},[505,1379,516],{"class":515},[505,1381,1382,1384],{"class":507,"line":519},[505,1383,512],{"class":511},[505,1385,1080],{"class":515},[505,1387,1388,1390],{"class":507,"line":526},[505,1389,512],{"class":511},[505,1391,1392],{"class":515}," \u003Cunistd.h>\n",[505,1394,1395],{"class":507,"line":555},[505,1396,523],{"class":522},[505,1398,1399,1402,1405,1408,1410,1412,1414,1416,1419],{"class":507,"line":582},[505,1400,1401],{"class":511},"extern",[505,1403,1404],{"class":529}," int",[505,1406,1407],{"class":533}," secure_dir",[505,1409,537],{"class":522},[505,1411,540],{"class":511},[505,1413,543],{"class":529},[505,1415,546],{"class":511},[505,1417,1418],{"class":549},"sdn",[505,1420,579],{"class":522},[505,1422,1423],{"class":507,"line":600},[505,1424,523],{"class":522},[505,1426,1427,1429,1431,1433,1435],{"class":507,"line":607},[505,1428,530],{"class":529},[505,1430,534],{"class":533},[505,1432,537],{"class":522},[505,1434,530],{"class":529},[505,1436,552],{"class":522},[505,1438,1439,1442,1444,1446,1449,1451,1454],{"class":507,"line":613},[505,1440,1441],{"class":511}," const",[505,1443,543],{"class":529},[505,1445,546],{"class":511},[505,1447,1448],{"class":522},"sdn ",[505,1450,567],{"class":511},[505,1452,1453],{"class":515}," \"\u002Fhome\u002Fusr1\u002F\"",[505,1455,1114],{"class":522},[505,1457,1458,1460,1463,1465,1467,1470],{"class":507,"line":718},[505,1459,674],{"class":529},[505,1461,1462],{"class":522}," sfn",[505,1464,1105],{"class":511},[505,1466,1108],{"class":511},[505,1468,1469],{"class":515}," \"\u002Fhome\u002Fusr1\u002Ftemp-XXXXXX\"",[505,1471,1114],{"class":522},[505,1473,1474,1476,1478],{"class":507,"line":723},[505,1475,558],{"class":522},[505,1477,561],{"class":511},[505,1479,1480],{"class":522},"sfp;\n",[505,1482,1483],{"class":507,"line":728},[505,1484,695],{"emptyLinePlaceholder":7},[505,1486,1487,1489,1491,1493,1496],{"class":507,"line":734},[505,1488,585],{"class":511},[505,1490,702],{"class":522},[505,1492,705],{"class":511},[505,1494,1495],{"class":533},"secure_dir",[505,1497,1498],{"class":522},"(sdn)) {\n",[505,1500,1501],{"class":507,"line":739},[505,1502,604],{"class":603},[505,1504,1505],{"class":507,"line":755},[505,1506,610],{"class":522},[505,1508,1509],{"class":507,"line":768},[505,1510,695],{"emptyLinePlaceholder":7},[505,1512,1513,1515,1518,1520,1523],{"class":507,"line":774},[505,1514,866],{"class":529},[505,1516,1517],{"class":522}," fd ",[505,1519,567],{"class":511},[505,1521,1522],{"class":533}," mkstemp",[505,1524,1525],{"class":522},"(sfn);\n",[505,1527,1528,1530,1532,1534,1537,1540],{"class":507,"line":779},[505,1529,585],{"class":511},[505,1531,954],{"class":522},[505,1533,591],{"class":511},[505,1535,1536],{"class":511}," -",[505,1538,1539],{"class":594},"1",[505,1541,552],{"class":522},[505,1543,1544],{"class":507,"line":973},[505,1545,604],{"class":603},[505,1547,1548],{"class":507,"line":1210},[505,1549,610],{"class":522},[505,1551,1553],{"class":507,"line":1552},20,[505,1554,695],{"emptyLinePlaceholder":7},[505,1556,1558],{"class":507,"line":1557},21,[505,1559,1560],{"class":603},"  \u002F* \n",[505,1562,1564],{"class":507,"line":1563},22,[505,1565,1566],{"class":603}," * Unlink immediately to hide the file name. The race\n",[505,1568,1570],{"class":507,"line":1569},23,[505,1571,1572],{"class":603},"   * condition here is inconsequential if the file is created\n",[505,1574,1576],{"class":507,"line":1575},24,[505,1577,1578],{"class":603},"   * with exclusive permissions (glibc >= 2.0.7).\n",[505,1580,1582],{"class":507,"line":1581},25,[505,1583,1584],{"class":603},"  *\u002F\n",[505,1586,1588,1590,1592,1595,1598,1600,1602,1604],{"class":507,"line":1587},26,[505,1589,585],{"class":511},[505,1591,702],{"class":522},[505,1593,1594],{"class":533},"unlink",[505,1596,1597],{"class":522},"(sfn) ",[505,1599,591],{"class":511},[505,1601,1536],{"class":511},[505,1603,1539],{"class":594},[505,1605,552],{"class":522},[505,1607,1609],{"class":507,"line":1608},27,[505,1610,604],{"class":603},[505,1612,1614],{"class":507,"line":1613},28,[505,1615,610],{"class":522},[505,1617,1619],{"class":507,"line":1618},29,[505,1620,695],{"emptyLinePlaceholder":7},[505,1622,1624,1627,1629,1632,1635,1638],{"class":507,"line":1623},30,[505,1625,1626],{"class":522}," sfp ",[505,1628,567],{"class":511},[505,1630,1631],{"class":533}," fdopen",[505,1633,1634],{"class":522},"(fd, ",[505,1636,1637],{"class":515},"\"w+\"",[505,1639,579],{"class":522},[505,1641,1643,1645,1648,1650,1652],{"class":507,"line":1642},31,[505,1644,585],{"class":511},[505,1646,1647],{"class":522}," (sfp ",[505,1649,591],{"class":511},[505,1651,595],{"class":594},[505,1653,552],{"class":522},[505,1655,1657,1660],{"class":507,"line":1656},32,[505,1658,1659],{"class":533}," close",[505,1661,1662],{"class":522},"(fd);\n",[505,1664,1666],{"class":507,"line":1665},33,[505,1667,604],{"class":603},[505,1669,1671],{"class":507,"line":1670},34,[505,1672,610],{"class":522},[505,1674,1676],{"class":507,"line":1675},35,[505,1677,695],{"emptyLinePlaceholder":7},[505,1679,1681],{"class":507,"line":1680},36,[505,1682,1683],{"class":603}," \u002F* Use temporary file *\u002F\n",[505,1685,1687],{"class":507,"line":1686},37,[505,1688,695],{"emptyLinePlaceholder":7},[505,1690,1692,1695,1698],{"class":507,"line":1691},38,[505,1693,1694],{"class":533}," fclose",[505,1696,1697],{"class":522},"(sfp);",[505,1699,1700],{"class":603}," \u002F* Also closes fd *\u002F\n",[505,1702,1704],{"class":507,"line":1703},39,[505,1705,616],{"class":522},[39,1707,1708,1709,1711,1712,1715,1716,1719,1720,1722,1723,1725,1726,1728,1729,1731,1732,1735,1736,1738,1739,1741,1742,1744],{},"This solution is not serially reusable, however, because the ",[43,1710,1347],{}," function replaces the ",[43,1713,1714],{},"\"XXXXXX\""," in ",[43,1717,1718],{},"template"," the first time it is invoked. This is not a problem as long as ",[43,1721,1718],{}," is reinitialized before calling ",[43,1724,1347],{}," again. If ",[43,1727,1718],{}," is not reinitialized, the ",[43,1730,1347],{}," function will return ",[43,1733,1734],{},"-1"," and leave ",[43,1737,1718],{}," unmodified because ",[43,1740,1718],{}," did not contain six ",[43,1743,1364],{}," 's.",[39,1746,1747,1748,1750,1751,1753,1754,1756,1757,1760],{},"The Open Group Base Specification Issue 6 [ ",[62,1749,1222],{"href":1221}," ] does not specify the permissions the file is created with, so these are ",[62,1752,354],{"href":353}," . However, IEEE Std 1003.1, 2013 Edition [ ",[62,1755,802],{"href":801}," ] specifies them as ",[43,1758,1759],{},"S_IRUSR|S_IWUSR"," (0600).",[39,1762,1763,1764,1767,1768,1772],{},"This compliant solution invokes the user-defined function ",[43,1765,1766],{},"secure_dir()"," (such as the one defined in ",[62,1769,1771],{"href":1770},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio15-c","FIO15-C. Ensure that file operations are performed in a secure directory"," ) to ensure the temporary file resides in a secure directory.",[360,1774,1776],{"id":1775},"implementation-details","Implementation Details",[39,1778,1779,1780,1782],{},"For GLIBC, versions 2.0.6 and earlier, the file is created with permissions 0666; for GLIBC, versions 2.0.7 and later, the file is created with permissions 0600. On NetBSD, the file is created with permissions 0600. This creates a security risk in that an attacker will have write access to the file immediately after creation. Consequently, programs need a private version of the ",[43,1781,1347],{}," function in which this issue is known to be fixed.",[39,1784,1785,1786,1789,1790,1793,1794,1796,1797,1799,1800,1802,1803,1807],{},"In many older ",[62,1787,1788],{"href":634},"implementations"," , the name is a function of process ID and time, so it is possible for the attacker to predict the name and create a decoy in advance. FreeBSD changed the ",[43,1791,1792],{},"mk*temp()"," family to eliminate the process ID component of the file name and replace the entire field with base-62 encoded randomness. This raises the number of possible temporary files for the typical use of six ",[43,1795,1364],{}," 's significantly, meaning that even ",[43,1798,1055],{}," with six ",[43,1801,1364],{}," 's is reasonably (probabilistically) secure against guessing except under frequent usage [ ",[62,1804,1806],{"href":1805},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Kennaway00","Kennaway 2000"," ].",[465,1809,1811],{"id":1810},"risk-assessment","Risk Assessment",[39,1813,1814],{},"Insecure temporary file creation can lead to a program accessing unintended files and permission escalation on local systems.",[120,1816,1817,1818,1817,1846],{},"\n ",[1819,1820,1821,1822,1817],"thead",{},"\n ",[128,1823,1824,1825,1824,1828,1824,1831,1824,1834,1824,1837,1824,1840,1824,1843,1821],{},"\n ",[133,1826,1827],{},"Recommendation",[133,1829,1830],{},"Severity",[133,1832,1833],{},"Likelihood",[133,1835,1836],{},"Detectable",[133,1838,1839],{},"Repairable",[133,1841,1842],{},"Priority",[133,1844,1845],{},"Level",[125,1847,1821,1848,1817],{},[128,1849,1824,1850,1824,1853,1824,1856,1824,1859,1824,1861,1824,1863,1824,1870,1821],{},[184,1851,1852],{},"FIO21-C",[184,1854,1855],{},"Medium",[184,1857,1858],{},"Probable",[184,1860,253],{},[184,1862,253],{},[184,1864,1866],{"style":1865},"color: #27ae60;",[1867,1868,1869],"b",{},"P4",[184,1871,1872],{"style":1865},[1867,1873,1874],{},"L3",[360,1876,1878],{"id":1877},"automated-detection","Automated Detection",[120,1880,1882],{"className":1881},[123],[125,1883,1884,1907,1952,1992,2012,2038,2065,2089,2119],{},[128,1885,1887,1892,1897,1902],{"className":1886},[131],[133,1888,1889],{},[39,1890,1891],{},"Tool",[133,1893,1894],{},[39,1895,1896],{},"Version",[133,1898,1899],{},[39,1900,1901],{},"Checker",[133,1903,1904],{},[39,1905,1906],{},"Description",[128,1908,1910,1916,1924,1941],{"className":1909},[182],[184,1911,1912],{},[62,1913,1915],{"href":1914},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodesonar","CodeSonar",[184,1917,1918],{},[1919,1920,1923],"div",{"className":1921},[1922],"content-wrapper","9.1p0",[184,1925,1926,1931,1936],{},[39,1927,1928],{},[189,1929,1930],{},"BADFUNC.TEMP.*",[39,1932,1933],{},[189,1934,1935],{},"BADFUNC.TMPFILE_S",[39,1937,1938],{},[189,1939,1940],{},"BADFUNC.TMPNAM_S",[184,1942,1943,1946,1949],{},[39,1944,1945],{},"A collection of checks that report uses of library functions associated with temporary file vulnerabilities",[39,1947,1948],{},"Use of tmpfile_s",[39,1950,1951],{},"Use of tmpnam_s",[128,1953,1955,1961,1967,1973],{"className":1954},[212],[184,1956,1957],{},[62,1958,1960],{"href":1959},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frose","Compass\u002FROSE",[184,1962,1963],{},[39,1964,1965],{},[138,1966],{},[184,1968,1969],{},[39,1970,1971],{},[138,1972],{},[184,1974,1975],{},[39,1976,1977,1978,1981,1982,1981,1985,1988,1989],{},"Can detect violations of this recommendation. Specifically, Rose reports use of ",[43,1979,1980],{}," tmpnam() "," , ",[43,1983,1984],{}," tmpnam_s() ",[43,1986,1987],{}," tmpfile() "," , and ",[43,1990,1991],{}," mktemp() ",[128,1993,1995,2001,2004,2009],{"className":1994},[182],[184,1996,1997],{},[62,1998,2000],{"href":1999},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcoverity","Coverity",[184,2002,2003],{},"6.5",[184,2005,2006],{},[189,2007,2008],{},"SECURE_TEMP",[184,2010,2011],{},"Fully implemented",[128,2013,2015,2021,2029,2034],{"className":2014},[212],[184,2016,2017],{},[62,2018,2020],{"href":2019},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fhelix-qac","Helix QAC",[184,2022,2023],{},[1919,2024,2026],{"className":2025},[1922],[39,2027,2028],{},"2025.2",[184,2030,2031],{},[189,2032,2033],{},"C5016",[184,2035,2036],{},[138,2037],{},[128,2039,2041,2047,2053,2060],{"className":2040},[182],[184,2042,2043],{},[62,2044,2046],{"href":2045},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fldra","LDRA tool suite",[184,2048,2049],{},[1919,2050,2052],{"className":2051},[1922],"9.7.1",[184,2054,2055],{},[39,2056,2057],{},[189,2058,2059],{},"44 S",[184,2061,2062],{},[39,2063,2064],{},"Enhanced enforcement",[128,2066,2068,2074,2079,2086],{"className":2067},[212],[184,2069,2070],{},[62,2071,2073],{"href":2072},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fparasoft","Parasoft C\u002FC++test",[184,2075,2076],{},[1919,2077,2028],{"className":2078},[1922],[184,2080,2081],{},[189,2082,2083,2084],{},"CERT_C-FIO21-b",[138,2085],{},[184,2087,2088],{},"Use secure temporary file name functions",[128,2090,2092,2098,2106,2112],{"className":2091},[182],[184,2093,2094],{},[62,2095,2097],{"href":2096},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpolyspace-bug-finder","Polyspace Bug Finder",[184,2099,2100],{},[1919,2101,2103],{"className":2102},[1922],[39,2104,2105],{},"R2025b",[184,2107,2108],{},[62,2109,2111],{"href":2110},"https:\u002F\u002Fwww.mathworks.com\u002Fhelp\u002Fbugfinder\u002Fref\u002Fcertcrec.fio21c.html","CERT C: Rec. FIO21-C",[184,2113,2114,2115],{},"Checks for non-secure temporary file (rec. partially covered)",[39,2116,2117],{},[138,2118],{},[128,2120,2122,2128,2136,2141],{"className":2121},[212],[184,2123,2124],{},[62,2125,2127],{"href":2126},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsecurity-reviewer-static-reviewer","Security Reviewer - Static Reviewer",[184,2129,2130],{},[1919,2131,2133],{"className":2132},[1922],[39,2134,2135],{},"6.02",[184,2137,2138],{},[189,2139,2140],{},"C76",[184,2142,2011],{},[360,2144,2146],{"id":2145},"related-vulnerabilities","Related Vulnerabilities",[39,2148,2149,2150,2154,2155,355],{},"Search for ",[62,2151,2153],{"href":2152},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-vulnerability","vulnerabilities"," resulting from the violation of this rule on the ",[62,2156,2160],{"href":2157,"rel":2158},"https:\u002F\u002Fwww.kb.cert.org\u002Fvulnotes\u002Fbymetric?searchview&query=FIELD+KEYWORDS+contains+FIO21-C",[2159],"nofollow","CERT website",[465,2162,2164],{"id":2163},"related-guidelines","Related Guidelines",[120,2166,2167,2175],{},[1819,2168,2169],{},[128,2170,2171,2173],{},[133,2172],{},[133,2174],{},[125,2176,2177,2190,2203,2216,2227],{},[128,2178,2179,2186],{},[184,2180,2181],{},[62,2182,2185],{"href":2183,"rel":2184},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FCERT+C+Secure+Coding+Standard",[2159],"CERT C Secure Coding Standard",[184,2187,2188],{},[62,2189,1771],{"href":1770},[128,2191,2192,2197],{},[184,2193,2194],{},[62,2195,2196],{"href":20},"SEI CERT C++ Coding Standard",[184,2198,2199],{},[62,2200,2202],{"href":2201},"\u002Fsei-cert-cpp-coding-standard\u002Fthe-void\u002Fvoid-3-recommendations\u002Fvoid-rec-07-input-output-fio\u002Fvoid-fio19-cpp-do-not-create-temporary-files-in-shared-directories","VOID FIO19-CPP. Do not create temporary files in shared directories",[128,2204,2205,2210],{},[184,2206,2207],{},[62,2208,2209],{"href":23},"CERT Oracle Secure Coding Standard for Java",[184,2211,2212],{},[62,2213,2215],{"href":2214},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio03-j","FIO03-J. Remove temporary files before termination",[128,2217,2218,2224],{},[184,2219,2220],{},[62,2221,2223],{"href":2222},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO-IECTR24772-2013","ISO\u002FIEC TR 24772:2013",[184,2225,2226],{},"Path Traversal [EWR]",[128,2228,2229,2236],{},[184,2230,2231],{},[62,2232,2235],{"href":2233,"rel":2234},"http:\u002F\u002Fcwe.mitre.org\u002F",[2159],"MITRE CWE",[184,2237,2238,2243],{},[62,2239,2242],{"href":2240,"rel":2241},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F379.html",[2159],"CWE-379"," , Creation of temporary file in directory with insecure permissions",[465,2245,2247],{"id":2246},"bibliography","Bibliography",[120,2249,2251,2260],{"className":2250},[123],[2252,2253,2254,2258],"colgroup",{},[2255,2256],"col",{"style":2257},"width: 50%",[2255,2259],{"style":2257},[125,2261,2262,2275,2297,2313,2324,2347,2360,2372],{},[128,2263,2265,2271],{"className":2264},[182],[184,2266,2267,2268,2270],{},"[ ",[62,2269,375],{"href":374}," ]",[184,2272,2273],{},[138,2274],{},[128,2276,2278,2282],{"className":2277},[212],[184,2279,2267,2280,2270],{},[62,2281,802],{"href":801},[184,2283,2284,2285,2288,2290,2291,1981,2294],{},"XSH, System Interfaces: ",[43,2286,2287],{}," open ",[138,2289],{},"\nXSH, System Interfaces: ",[43,2292,2293],{}," mkdopen ",[43,2295,2296],{}," mksopen ",[128,2298,2300,2306],{"className":2299},[182],[184,2301,2267,2302,2270],{},[62,2303,2305],{"href":2304},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FAA.+Bibliography#AA.Bibliography-ISO-IEC9899-2011","ISO\u002FIEC 9899:2011",[184,2307,2308,2309,2312],{},"Subclause 7.21.4.4, \"The ",[43,2310,2311],{}," tmpnam "," Function\"",[128,2314,2316,2320],{"className":2315},[212],[184,2317,2267,2318,2270],{},[62,2319,1806],{"href":1805},[184,2321,2322],{},[138,2323],{},[128,2325,2327,2331],{"className":2326},[182],[184,2328,2267,2329,2270],{},[62,2330,1222],{"href":1221},[184,2332,2333,2336,2338,2339,2341],{},[43,2334,2335],{}," mkstemp() ",[138,2337],{},"\nmktemp()",[138,2340],{},[62,2342,2344],{"href":2343},"http:\u002F\u002Fwww.opengroup.org\u002Fonlinepubs\u002F009695399\u002Ffunctions\u002Fopen.html",[43,2345,2346],{}," open() ",[128,2348,2350,2354],{"className":2349},[212],[184,2351,2267,2352,2270],{},[62,2353,391],{"href":390},[184,2355,2356,2357,2359],{},"Chapter 3, \"Pointer Subterfuge\"",[138,2358],{},"\nChapter 8, \"File I\u002FO\"",[128,2361,2363,2369],{"className":2362},[182],[184,2364,2267,2365,2270],{},[62,2366,2368],{"href":2367},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Viega03","Viega 2003",[184,2370,2371],{},"Section 2.1, \"Creating Files for Temporary Use\"",[128,2373,2375,2381],{"className":2374},[212],[184,2376,2267,2377,2270],{},[62,2378,2380],{"href":2379},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Wheeler03","Wheeler 2003",[184,2382,2383],{},[62,2384,2386],{"href":2385},"http:\u002F\u002Fwww.dwheeler.com\u002Fsecure-programs\u002FSecure-Programs-HOWTO\u002Favoid-race.html#TEMPORARY-FILES","Chapter 7, \"Structure Program Internals and Approach\"",[2388,2389],"hr",{},[39,2391,2392,2399,2400,2399,2406],{},[62,2393,2395],{"href":2394},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio20-c",[2396,2397],"img",{"src":2398},"\u002Fattachments\u002F87152044\u002F88034188.png"," ",[62,2401,2403],{"href":2402},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002F",[2396,2404],{"src":2405},"\u002Fattachments\u002F87152044\u002F88034190.png",[62,2407,2409],{"href":2408},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio22-c",[2396,2410],{"src":2411},"\u002Fattachments\u002F87152044\u002F88034189.png",[2413,2414,2415],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .sTHNf, html code.shiki .sTHNf{--shiki-default:#E36209;--shiki-default-font-style:inherit;--shiki-dark:#FFAB70;--shiki-dark-font-style:inherit;--shiki-sepia:#FD971F;--shiki-sepia-font-style:italic}html pre.shiki code .s7F3e, html code.shiki .s7F3e{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#AE81FF}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .sOrwc, html code.shiki .sOrwc{--shiki-default:#E36209;--shiki-dark:#FFAB70;--shiki-sepia:#F8F8F2}",{"title":501,"searchDepth":519,"depth":519,"links":2417},[2418,2419,2420,2421,2423,2425,2427,2431,2435,2436],{"id":362,"depth":526,"text":363},{"id":379,"depth":526,"text":275},{"id":446,"depth":526,"text":447},{"id":467,"depth":519,"text":2422},"Noncompliant Code Example ( fopen()\u002Fopen() with tmpnam() )",{"id":1045,"depth":519,"text":2424},"Noncompliant Code Example ( mktemp()\u002Fopen() , POSIX)",{"id":1248,"depth":519,"text":2426},"Noncompliant Code Example ( tmpfile() )",{"id":1343,"depth":519,"text":2428,"children":2429},"Compliant Solution ( mkstemp() , POSIX)",[2430],{"id":1775,"depth":526,"text":1776},{"id":1810,"depth":519,"text":1811,"children":2432},[2433,2434],{"id":1877,"depth":526,"text":1878},{"id":2145,"depth":526,"text":2146},{"id":2163,"depth":519,"text":2164},{"id":2246,"depth":519,"text":2247},"Programmers frequently create temporary files in directories that are writable by everyone (examples are \u002Ftmp and \u002Fvar\u002Ftmp on UNIX and %TEMP% on Windows) and may be purged regularly (for example, every night or during reboot).","md",{"tags":2440},[2441,2442,2443,2444,2445,2446,2447,2448,2449,2450],"recommendation","cwe-379","compass\u002Frose","android-unknown","sidebar","review","fio","rose-complete","tr24731","exceptions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio21-c",{"title":30,"description":2437},"4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F18.fio21-c","dAyFLsh3t_r08WqUQDXukhBBZr8umO4RyiHBHlIORiU",[2456,2459],{"title":2457,"path":2394,"stem":2458,"children":-1},"FIO20-C. Avoid unintentional truncation when using fgets() or fgetws()","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F17.fio20-c",{"title":2460,"path":2408,"stem":2461,"children":-1},"FIO22-C. Close files before spawning processes","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F19.fio22-c",[2463],{"title":2464,"path":2465,"stem":2466,"children":2467},"SEI CERT C Coding Standard","\u002Fsei-cert-c-coding-standard","4.sei-cert-c-coding-standard\u002F01.index",[2468,2469,2541,3131,3414,3428,3432,3436,3440,4244],{"title":2464,"path":2465,"stem":2466},{"title":2470,"path":2471,"stem":2472,"children":2473},"Front Matter","\u002Fsei-cert-c-coding-standard\u002Ffront-matter","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F1.index",[2474,2475],{"title":2470,"path":2471,"stem":2472},{"title":2476,"path":2477,"stem":2478,"children":2479},"Introduction","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F01.index",[2480,2481,2485,2489,2493,2497,2501,2505,2509,2513,2517,2521,2525,2529,2533,2537],{"title":2476,"path":2477,"stem":2478},{"title":2482,"path":2483,"stem":2484},"Scope","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F01.scope",{"title":2486,"path":2487,"stem":2488},"Audience","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Faudience","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F02.audience",{"title":2490,"path":2491,"stem":2492},"How this Coding Standard is Organized","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhow-this-coding-standard-is-organized","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F03.how-this-coding-standard-is-organized",{"title":2494,"path":2495,"stem":2496},"History","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhistory","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F04.history",{"title":2498,"path":2499,"stem":2500},"ISO\u002FIEC TS 17961 C Secure Coding Rules","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fisoiec-ts-17961-c-secure-coding-rules","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F05.isoiec-ts-17961-c-secure-coding-rules",{"title":2502,"path":2503,"stem":2504},"Tool Selection and Validation","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F06.tool-selection-and-validation",{"title":2506,"path":2507,"stem":2508},"Taint Analysis","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftaint-analysis","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F07.taint-analysis",{"title":2510,"path":2511,"stem":2512},"Rules versus Recommendations","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F08.rules-versus-recommendations",{"title":2514,"path":2515,"stem":2516},"Conformance Testing","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fconformance-testing","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F09.conformance-testing",{"title":2518,"path":2519,"stem":2520},"Development Process","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F10.development-process",{"title":2522,"path":2523,"stem":2524},"Usage","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F11.usage",{"title":2526,"path":2527,"stem":2528},"System Qualities","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F12.system-qualities",{"title":2530,"path":2531,"stem":2532},"Automatically Generated Code","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F13.automatically-generated-code",{"title":2534,"path":2535,"stem":2536},"Government Regulations","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fgovernment-regulations","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F14.government-regulations",{"title":2538,"path":2539,"stem":2540},"Acknowledgments","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgments","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F15.acknowledgments",{"title":2542,"path":2543,"stem":2544,"children":2545},"Rules","\u002Fsei-cert-c-coding-standard\u002Frules","4.sei-cert-c-coding-standard\u002F03.rules\u002F01.index",[2546,2547,2551,2581,2611,2673,2711,2737,2759,2825,2851,2909,2943,2973,2983,3021,3091,3109],{"title":2542,"path":2543,"stem":2544},{"title":2548,"path":2549,"stem":2550},"Application Programming Interfaces (API)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fapplication-programming-interfaces-api","4.sei-cert-c-coding-standard\u002F03.rules\u002F02.application-programming-interfaces-api",{"title":2552,"path":2553,"stem":2554,"children":2555},"Arrays (ARR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F1.index",[2556,2557,2561,2565,2569,2573,2577],{"title":2552,"path":2553,"stem":2554},{"title":2558,"path":2559,"stem":2560},"ARR30-C. Do not form or use out-of-bounds pointers or array subscripts","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F2.arr30-c",{"title":2562,"path":2563,"stem":2564},"ARR32-C. Ensure size arguments for variable length arrays are in a valid range","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F3.arr32-c",{"title":2566,"path":2567,"stem":2568},"ARR36-C. Do not subtract or compare two pointers that do not refer to the same array","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F4.arr36-c",{"title":2570,"path":2571,"stem":2572},"ARR37-C. Do not add or subtract an integer to a pointer to a non-array object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F5.arr37-c",{"title":2574,"path":2575,"stem":2576},"ARR38-C. Guarantee that library functions do not form invalid pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F6.arr38-c",{"title":2578,"path":2579,"stem":2580},"ARR39-C. Do not add or subtract a scaled integer to a pointer","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F7.arr39-c",{"title":2582,"path":2583,"stem":2584,"children":2585},"Characters and Strings (STR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F1.index",[2586,2587,2591,2595,2599,2603,2607],{"title":2582,"path":2583,"stem":2584},{"title":2588,"path":2589,"stem":2590},"STR30-C. Do not attempt to modify string literals","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F2.str30-c",{"title":2592,"path":2593,"stem":2594},"STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F3.str31-c",{"title":2596,"path":2597,"stem":2598},"STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F4.str32-c",{"title":2600,"path":2601,"stem":2602},"STR34-C. Cast characters to unsigned char before converting to larger integer sizes","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F5.str34-c",{"title":2604,"path":2605,"stem":2606},"STR37-C. Arguments to character-handling functions must be representable as an unsigned char","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F6.str37-c",{"title":2608,"path":2609,"stem":2610},"STR38-C. Do not confuse narrow and wide character strings and functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F7.str38-c",{"title":2612,"path":2613,"stem":2614,"children":2615},"Concurrency (CON)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F01.index",[2616,2617,2621,2625,2629,2633,2637,2641,2645,2649,2653,2657,2661,2665,2669],{"title":2612,"path":2613,"stem":2614},{"title":2618,"path":2619,"stem":2620},"CON30-C. Clean up thread-specific storage","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F02.con30-c",{"title":2622,"path":2623,"stem":2624},"CON31-C. Do not destroy a mutex while it is locked","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F03.con31-c",{"title":2626,"path":2627,"stem":2628},"CON32-C. Prevent data races when accessing bit-fields from multiple threads","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F04.con32-c",{"title":2630,"path":2631,"stem":2632},"CON33-C. Avoid race conditions when using library functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F05.con33-c",{"title":2634,"path":2635,"stem":2636},"CON34-C. Declare objects shared between threads with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F06.con34-c",{"title":2638,"path":2639,"stem":2640},"CON35-C. Avoid deadlock by locking in a predefined order","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F07.con35-c",{"title":2642,"path":2643,"stem":2644},"CON36-C. Wrap functions that can spuriously wake up in a loop","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F08.con36-c",{"title":2646,"path":2647,"stem":2648},"CON37-C. Do not call signal() in a multithreaded program","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F09.con37-c",{"title":2650,"path":2651,"stem":2652},"CON38-C. Preserve thread safety and liveness when using condition variables","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F10.con38-c",{"title":2654,"path":2655,"stem":2656},"CON39-C. Do not join or detach a thread that was previously joined or detached","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F11.con39-c",{"title":2658,"path":2659,"stem":2660},"CON40-C. Do not refer to an atomic variable twice in an expression","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F12.con40-c",{"title":2662,"path":2663,"stem":2664},"CON41-C. Wrap functions that can fail spuriously in a loop","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F13.con41-c",{"title":2666,"path":2667,"stem":2668},"CON42-C. Don't allow attackers to influence environment variables that control concurrency parameters","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F14.con42-c",{"title":2670,"path":2671,"stem":2672},"CON43-C. Do not allow data races in multithreaded code","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon43-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F15.con43-c",{"title":2674,"path":2675,"stem":2676,"children":2677},"Declarations and Initialization (DCL)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F1.index",[2678,2679,2683,2687,2691,2695,2699,2703,2707],{"title":2674,"path":2675,"stem":2676},{"title":2680,"path":2681,"stem":2682},"DCL30-C. Declare objects with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F2.dcl30-c",{"title":2684,"path":2685,"stem":2686},"DCL31-C. Declare identifiers before using them","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F3.dcl31-c",{"title":2688,"path":2689,"stem":2690},"DCL36-C. Do not declare an identifier with conflicting linkage classifications","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F4.dcl36-c",{"title":2692,"path":2693,"stem":2694},"DCL37-C. Do not declare or define a reserved identifier","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F5.dcl37-c",{"title":2696,"path":2697,"stem":2698},"DCL38-C. Use the correct syntax when declaring a flexible array member","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F6.dcl38-c",{"title":2700,"path":2701,"stem":2702},"DCL39-C. Avoid information leakage when passing a structure across a trust boundary","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F7.dcl39-c",{"title":2704,"path":2705,"stem":2706},"DCL40-C. Do not create incompatible declarations of the same function or object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F8.dcl40-c",{"title":2708,"path":2709,"stem":2710},"DCL41-C. Do not declare variables inside a switch statement before the first case label","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F9.dcl41-c",{"title":2712,"path":2713,"stem":2714,"children":2715},"Environment (ENV)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F1.index",[2716,2717,2721,2725,2729,2733],{"title":2712,"path":2713,"stem":2714},{"title":2718,"path":2719,"stem":2720},"ENV30-C. Do not modify the object referenced by the return value of certain functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F2.env30-c",{"title":2722,"path":2723,"stem":2724},"ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F3.env31-c",{"title":2726,"path":2727,"stem":2728},"ENV32-C. All exit handlers must return normally","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F4.env32-c",{"title":2730,"path":2731,"stem":2732},"ENV33-C. Do not call system()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F5.env33-c",{"title":2734,"path":2735,"stem":2736},"ENV34-C. Do not store pointers returned by certain functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F6.env34-c",{"title":2738,"path":2739,"stem":2740,"children":2741},"Error Handling (ERR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F1.index",[2742,2743,2747,2751,2755],{"title":2738,"path":2739,"stem":2740},{"title":2744,"path":2745,"stem":2746},"ERR30-C. Take care when reading errno","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F2.err30-c",{"title":2748,"path":2749,"stem":2750},"ERR32-C. Do not rely on indeterminate values of errno","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F3.err32-c",{"title":2752,"path":2753,"stem":2754},"ERR33-C. Detect and handle standard library errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F4.err33-c",{"title":2756,"path":2757,"stem":2758},"ERR34-C. Detect errors when converting a string to a number","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F5.err34-c",{"title":2760,"path":2761,"stem":2762,"children":2763},"Expressions (EXP)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F01.index",[2764,2765,2769,2773,2777,2781,2785,2789,2793,2797,2801,2805,2809,2813,2817,2821],{"title":2760,"path":2761,"stem":2762},{"title":2766,"path":2767,"stem":2768},"EXP30-C. Do not depend on the order of evaluation for side effects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F02.exp30-c",{"title":2770,"path":2771,"stem":2772},"EXP32-C. Do not access a volatile object through a nonvolatile reference","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F03.exp32-c",{"title":2774,"path":2775,"stem":2776},"EXP33-C. Do not read uninitialized memory","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F04.exp33-c",{"title":2778,"path":2779,"stem":2780},"EXP34-C. Do not dereference null pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F05.exp34-c",{"title":2782,"path":2783,"stem":2784},"EXP35-C. Do not modify objects with temporary lifetime","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F06.exp35-c",{"title":2786,"path":2787,"stem":2788},"EXP36-C. Do not cast pointers into more strictly aligned pointer types","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F07.exp36-c",{"title":2790,"path":2791,"stem":2792},"EXP37-C. Call functions with the correct number and type of arguments","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F08.exp37-c",{"title":2794,"path":2795,"stem":2796},"EXP39-C. Do not access a variable through a pointer of an incompatible type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F09.exp39-c",{"title":2798,"path":2799,"stem":2800},"EXP40-C. Do not modify constant objects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F10.exp40-c",{"title":2802,"path":2803,"stem":2804},"EXP42-C. Do not compare padding data","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F11.exp42-c",{"title":2806,"path":2807,"stem":2808},"EXP43-C. Avoid undefined behavior when using restrict-qualified pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp43-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F12.exp43-c",{"title":2810,"path":2811,"stem":2812},"EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F13.exp44-c",{"title":2814,"path":2815,"stem":2816},"EXP45-C. Do not perform assignments in selection statements","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp45-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F14.exp45-c",{"title":2818,"path":2819,"stem":2820},"EXP46-C. Do not use a bitwise operator with a Boolean-like operand","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp46-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F15.exp46-c",{"title":2822,"path":2823,"stem":2824},"EXP47-C. Do not call va_arg with an argument of the incorrect type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F16.exp47-c",{"title":2826,"path":2827,"stem":2828,"children":2829},"Floating Point (FLP)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F1.index",[2830,2831,2835,2839,2843,2847],{"title":2826,"path":2827,"stem":2828},{"title":2832,"path":2833,"stem":2834},"FLP30-C. Do not use floating-point variables as loop counters","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F2.flp30-c",{"title":2836,"path":2837,"stem":2838},"FLP32-C. Prevent or detect domain and range errors in math functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F3.flp32-c",{"title":2840,"path":2841,"stem":2842},"FLP34-C. Ensure that floating-point conversions are within range of the new type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F4.flp34-c",{"title":2844,"path":2845,"stem":2846},"FLP36-C. Preserve precision when converting integral values to floating-point type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F5.flp36-c",{"title":2848,"path":2849,"stem":2850},"FLP37-C. Do not use object representations to compare floating-point values","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F6.flp37-c",{"title":2852,"path":2853,"stem":2854,"children":2855},"Input Output (FIO)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F01.index",[2856,2857,2861,2865,2869,2873,2877,2881,2885,2889,2893,2897,2901,2905],{"title":2852,"path":2853,"stem":2854},{"title":2858,"path":2859,"stem":2860},"FIO30-C. Exclude user input from format strings","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F02.fio30-c",{"title":2862,"path":2863,"stem":2864},"FIO32-C. Do not perform operations on devices that are only appropriate for files","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F03.fio32-c",{"title":2866,"path":2867,"stem":2868},"FIO34-C. Distinguish between characters read from a file and EOF or WEOF","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F04.fio34-c",{"title":2870,"path":2871,"stem":2872},"FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F05.fio37-c",{"title":2874,"path":2875,"stem":2876},"FIO38-C. Do not copy a FILE object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F06.fio38-c",{"title":2878,"path":2879,"stem":2880},"FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F07.fio39-c",{"title":2882,"path":2883,"stem":2884},"FIO40-C. Reset strings on fgets() or fgetws() failure","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F08.fio40-c",{"title":2886,"path":2887,"stem":2888},"FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F09.fio41-c",{"title":2890,"path":2891,"stem":2892},"FIO42-C. Close files when they are no longer needed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F10.fio42-c",{"title":2894,"path":2895,"stem":2896},"FIO44-C. Only use values for fsetpos() that are returned from fgetpos()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F11.fio44-c",{"title":2898,"path":2899,"stem":2900},"FIO45-C. Avoid TOCTOU race conditions while accessing files","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio45-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F12.fio45-c",{"title":2902,"path":2903,"stem":2904},"FIO46-C. Do not access a closed file","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio46-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F13.fio46-c",{"title":2906,"path":2907,"stem":2908},"FIO47-C. Use valid format strings","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F14.fio47-c",{"title":2910,"path":2911,"stem":2912,"children":2913},"Integers (INT)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F1.index",[2914,2915,2919,2923,2927,2931,2935,2939],{"title":2910,"path":2911,"stem":2912},{"title":2916,"path":2917,"stem":2918},"INT30-C. Ensure that unsigned integer operations do not wrap","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F2.int30-c",{"title":2920,"path":2921,"stem":2922},"INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F3.int31-c",{"title":2924,"path":2925,"stem":2926},"INT32-C. Ensure that operations on signed integers do not result in overflow","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F4.int32-c",{"title":2928,"path":2929,"stem":2930},"INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F5.int33-c",{"title":2932,"path":2933,"stem":2934},"INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F6.int34-c",{"title":2936,"path":2937,"stem":2938},"INT35-C. Use correct integer precisions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F7.int35-c",{"title":2940,"path":2941,"stem":2942},"INT36-C. Converting a pointer to integer or integer to pointer","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F8.int36-c",{"title":2944,"path":2945,"stem":2946,"children":2947},"Memory Management (MEM)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F1.index",[2948,2949,2953,2957,2961,2965,2969],{"title":2944,"path":2945,"stem":2946},{"title":2950,"path":2951,"stem":2952},"MEM30-C. Do not access freed memory","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F2.mem30-c",{"title":2954,"path":2955,"stem":2956},"MEM31-C. Free dynamically allocated memory when no longer needed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F3.mem31-c",{"title":2958,"path":2959,"stem":2960},"MEM33-C. Allocate and copy structures containing a flexible array member dynamically","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F4.mem33-c",{"title":2962,"path":2963,"stem":2964},"MEM34-C. Only free memory allocated dynamically","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F5.mem34-c",{"title":2966,"path":2967,"stem":2968},"MEM35-C. Allocate sufficient memory for an object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F6.mem35-c",{"title":2970,"path":2971,"stem":2972},"MEM36-C. Do not modify the alignment of objects by calling realloc()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F7.mem36-c",{"title":2974,"path":2975,"stem":2976,"children":2977},"Microsoft Windows (WIN)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmicrosoft-windows-win","4.sei-cert-c-coding-standard\u002F03.rules\u002F14.microsoft-windows-win\u002F1.index",[2978,2979],{"title":2974,"path":2975,"stem":2976},{"title":2980,"path":2981,"stem":2982},"WIN30-C. Properly pair allocation and deallocation functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmicrosoft-windows-win\u002Fwin30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F14.microsoft-windows-win\u002F2.win30-c",{"title":2984,"path":2985,"stem":2986,"children":2987},"Miscellaneous (MSC)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F1.index",[2988,2989,2993,2997,3001,3005,3009,3013,3017],{"title":2984,"path":2985,"stem":2986},{"title":2990,"path":2991,"stem":2992},"MSC30-C. Do not use the rand() function for generating pseudorandom numbers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F2.msc30-c",{"title":2994,"path":2995,"stem":2996},"MSC32-C. Properly seed pseudorandom number generators","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F3.msc32-c",{"title":2998,"path":2999,"stem":3000},"MSC33-C. Do not pass invalid data to the asctime() function","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F4.msc33-c",{"title":3002,"path":3003,"stem":3004},"MSC37-C. Ensure that control never reaches the end of a non-void function","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F5.msc37-c",{"title":3006,"path":3007,"stem":3008},"MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F6.msc38-c",{"title":3010,"path":3011,"stem":3012},"MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F7.msc39-c",{"title":3014,"path":3015,"stem":3016},"MSC40-C. Do not violate constraints","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F8.msc40-c",{"title":3018,"path":3019,"stem":3020},"MSC41-C. Never hard code sensitive information","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F9.msc41-c",{"title":3022,"path":3023,"stem":3024,"children":3025},"POSIX (POS)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F01.index",[3026,3027,3031,3035,3039,3043,3047,3051,3055,3059,3063,3067,3071,3075,3079,3083,3087],{"title":3022,"path":3023,"stem":3024},{"title":3028,"path":3029,"stem":3030},"POS30-C. Use the readlink() function properly","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F02.pos30-c",{"title":3032,"path":3033,"stem":3034},"POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F03.pos34-c",{"title":3036,"path":3037,"stem":3038},"POS35-C. Avoid race conditions while checking for the existence of a symbolic link","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F04.pos35-c",{"title":3040,"path":3041,"stem":3042},"POS36-C. Observe correct revocation order while relinquishing privileges","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F05.pos36-c",{"title":3044,"path":3045,"stem":3046},"POS37-C. Ensure that privilege relinquishment is successful","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F06.pos37-c",{"title":3048,"path":3049,"stem":3050},"POS38-C. Beware of race conditions when using fork and file descriptors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F07.pos38-c",{"title":3052,"path":3053,"stem":3054},"POS39-C. Use the correct byte ordering when transferring data between systems","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F08.pos39-c",{"title":3056,"path":3057,"stem":3058},"POS44-C. Do not use signals to terminate threads","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F09.pos44-c",{"title":3060,"path":3061,"stem":3062},"POS47-C. Do not use threads that can be canceled asynchronously","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F10.pos47-c",{"title":3064,"path":3065,"stem":3066},"POS48-C. Do not unlock or destroy another POSIX thread's mutex","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos48-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F11.pos48-c",{"title":3068,"path":3069,"stem":3070},"POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos49-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F12.pos49-c",{"title":3072,"path":3073,"stem":3074},"POS50-C. Declare objects shared between POSIX threads with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos50-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F13.pos50-c",{"title":3076,"path":3077,"stem":3078},"POS51-C. Avoid deadlock with POSIX threads by locking in predefined order","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos51-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F14.pos51-c",{"title":3080,"path":3081,"stem":3082},"POS52-C. Do not perform operations that can block while holding a POSIX lock","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos52-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F15.pos52-c",{"title":3084,"path":3085,"stem":3086},"POS53-C. Do not use more than one mutex for concurrent waiting operations on a condition variable","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos53-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F16.pos53-c",{"title":3088,"path":3089,"stem":3090},"POS54-C. Detect and handle POSIX library errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos54-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F17.pos54-c",{"title":3092,"path":3093,"stem":3094,"children":3095},"Preprocessor (PRE)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F1.index",[3096,3097,3101,3105],{"title":3092,"path":3093,"stem":3094},{"title":3098,"path":3099,"stem":3100},"PRE30-C. Do not create a universal character name through concatenation","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F2.pre30-c",{"title":3102,"path":3103,"stem":3104},"PRE31-C. Avoid side effects in arguments to unsafe macros","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F3.pre31-c",{"title":3106,"path":3107,"stem":3108},"PRE32-C. Do not use preprocessor directives in invocations of function-like macros","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F4.pre32-c",{"title":3110,"path":3111,"stem":3112,"children":3113},"Signals (SIG)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F1.index",[3114,3115,3119,3123,3127],{"title":3110,"path":3111,"stem":3112},{"title":3116,"path":3117,"stem":3118},"SIG30-C. Call only asynchronous-safe functions within signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F2.sig30-c",{"title":3120,"path":3121,"stem":3122},"SIG31-C. Do not access shared objects in signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F3.sig31-c",{"title":3124,"path":3125,"stem":3126},"SIG34-C. Do not call signal() from within interruptible signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F4.sig34-c",{"title":3128,"path":3129,"stem":3130},"SIG35-C. Do not return from a computational exception signal handler","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F5.sig35-c",{"title":3132,"path":3133,"stem":3134,"children":3135},"Back Matter","\u002Fsei-cert-c-coding-standard\u002Fback-matter","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F1.index",[3136,3137,3141,3145,3149,3153,3354,3410],{"title":3132,"path":3133,"stem":3134},{"title":3138,"path":3139,"stem":3140},"AA. Bibliography","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F2.aa-bibliography",{"title":3142,"path":3143,"stem":3144},"BB. Definitions","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F3.bb-definitions",{"title":3146,"path":3147,"stem":3148},"CC. Undefined Behavior","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fcc-undefined-behavior","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F4.cc-undefined-behavior",{"title":3150,"path":3151,"stem":3152},"DD. Unspecified Behavior","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fdd-unspecified-behavior","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F5.dd-unspecified-behavior",{"title":3154,"path":3155,"stem":3156,"children":3157},"EE. Analyzers","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F01.index",[3158,3159,3163,3167,3171,3175,3179,3183,3187,3191,3195,3199,3203,3205,3209,3211,3215,3219,3223,3227,3231,3235,3239,3243,3247,3251,3255,3257,3261,3265,3269,3272,3276,3279,3283,3287,3291,3293,3297,3301,3305,3308,3312,3316,3320,3324,3326,3330,3334,3338,3342,3346,3350],{"title":3154,"path":3155,"stem":3156},{"title":3160,"path":3161,"stem":3162},"Astrée","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fastree","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F02.astree",{"title":3164,"path":3165,"stem":3166},"Astrée_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fastree_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F03.astree_v",{"title":3168,"path":3169,"stem":3170},"Axivion Bauhaus Suite","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Faxivion-bauhaus-suite","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F04.axivion-bauhaus-suite",{"title":3172,"path":3173,"stem":3174},"Axivion Bauhaus Suite_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Faxivion-bauhaus-suite_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F05.axivion-bauhaus-suite_v",{"title":3176,"path":3177,"stem":3178},"Clang","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F06.clang",{"title":3180,"path":3181,"stem":3182},"Clang_38_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_38_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F07.clang_38_v",{"title":3184,"path":3185,"stem":3186},"Clang_39_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_39_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F08.clang_39_v",{"title":3188,"path":3189,"stem":3190},"Clang_40_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_40_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F09.clang_40_v",{"title":3192,"path":3193,"stem":3194},"Clang_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F10.clang_v",{"title":3196,"path":3197,"stem":3198},"Codee","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodee","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F11.codee",{"title":3200,"path":3201,"stem":3202},"Codee_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodee_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F12.codee_v",{"title":1915,"path":1914,"stem":3204},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F13.codesonar",{"title":3206,"path":3207,"stem":3208},"CodeSonar_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodesonar_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F14.codesonar_v",{"title":2000,"path":1999,"stem":3210},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F15.coverity",{"title":3212,"path":3213,"stem":3214},"Coverity_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcoverity_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F16.coverity_v",{"title":3216,"path":3217,"stem":3218},"Cppcheck","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F17.cppcheck",{"title":3220,"path":3221,"stem":3222},"Cppcheck Premium","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck-premium","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F18.cppcheck-premium",{"title":3224,"path":3225,"stem":3226},"Cppcheck Premium_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck-premium_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F19.cppcheck-premium_v",{"title":3228,"path":3229,"stem":3230},"Cppcheck_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F20.cppcheck_v",{"title":3232,"path":3233,"stem":3234},"ECLAIR","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Feclair","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F21.eclair",{"title":3236,"path":3237,"stem":3238},"ECLAIR_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Feclair_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F22.eclair_v",{"title":3240,"path":3241,"stem":3242},"EDG","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fedg","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F23.edg",{"title":3244,"path":3245,"stem":3246},"EDG_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fedg_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F24.edg_v",{"title":3248,"path":3249,"stem":3250},"GCC","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fgcc","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F25.gcc",{"title":3252,"path":3253,"stem":3254},"GCC_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fgcc_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F26.gcc_v",{"title":2020,"path":2019,"stem":3256},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F27.helix-qac",{"title":3258,"path":3259,"stem":3260},"Helix QAC_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fhelix-qac_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F28.helix-qac_v",{"title":3262,"path":3263,"stem":3264},"Klocwork","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fklocwork","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F29.klocwork",{"title":3266,"path":3267,"stem":3268},"Klocwork_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fklocwork_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F30.klocwork_v",{"title":3270,"path":2045,"stem":3271},"LDRA","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F31.ldra",{"title":3273,"path":3274,"stem":3275},"LDRA_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fldra_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F32.ldra_v",{"title":3277,"path":2072,"stem":3278},"Parasoft","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F33.parasoft",{"title":3280,"path":3281,"stem":3282},"Parasoft_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fparasoft_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F34.parasoft_v",{"title":3284,"path":3285,"stem":3286},"PC-lint Plus","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpc-lint-plus","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F35.pc-lint-plus",{"title":3288,"path":3289,"stem":3290},"PC-lint Plus_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpc-lint-plus_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F36.pc-lint-plus_v",{"title":2097,"path":2096,"stem":3292},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F37.polyspace-bug-finder",{"title":3294,"path":3295,"stem":3296},"Polyspace Bug Finder_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpolyspace-bug-finder_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F38.polyspace-bug-finder_v",{"title":3298,"path":3299,"stem":3300},"PVS-Studio","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpvs-studio","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F39.pvs-studio",{"title":3302,"path":3303,"stem":3304},"PVS-Studio_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpvs-studio_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F40.pvs-studio_v",{"title":3306,"path":1959,"stem":3307},"Rose","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F41.rose",{"title":3309,"path":3310,"stem":3311},"Rose_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frose_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F42.rose_v",{"title":3313,"path":3314,"stem":3315},"Rosecheckers Code","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frosecheckers-code","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F43.rosecheckers-code",{"title":3317,"path":3318,"stem":3319},"RuleChecker","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frulechecker","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F44.rulechecker",{"title":3321,"path":3322,"stem":3323},"RuleChecker_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frulechecker_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F45.rulechecker_v",{"title":2127,"path":2126,"stem":3325},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F46.security-reviewer-static-reviewer",{"title":3327,"path":3328,"stem":3329},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsecurity-reviewer-static-reviewer_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F47.security-reviewer-static-reviewer_v",{"title":3331,"path":3332,"stem":3333},"SonarQube C\u002FC++ Plugin","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsonarqube-ccpp-plugin","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F48.sonarqube-ccpp-plugin",{"title":3335,"path":3336,"stem":3337},"SonarQube C\u002FC++ Plugin_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsonarqube-ccpp-plugin_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F49.sonarqube-ccpp-plugin_v",{"title":3339,"path":3340,"stem":3341},"Splint","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsplint","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F50.splint",{"title":3343,"path":3344,"stem":3345},"Splint_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsplint_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F51.splint_v",{"title":3347,"path":3348,"stem":3349},"TrustInSoft Analyzer","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Ftrustinsoft-analyzer","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F52.trustinsoft-analyzer",{"title":3351,"path":3352,"stem":3353},"TrustInSoft Analyzer_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Ftrustinsoft-analyzer_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F53.trustinsoft-analyzer_v",{"title":3355,"path":3356,"stem":3357,"children":3358},"FF. Related Guidelines","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F01.index",[3359,3360,3364,3368,3372,3376,3380,3384,3388,3392,3395,3398,3402,3406],{"title":3355,"path":3356,"stem":3357},{"title":3361,"path":3362,"stem":3363},"2003","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F02.2003","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F02.2003",{"title":3365,"path":3366,"stem":3367},"2006","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F03.2006","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F03.2006",{"title":3369,"path":3370,"stem":3371},"2007","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F04.2007","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F04.2007",{"title":3373,"path":3374,"stem":3375},"2008","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F05.2008","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F05.2008",{"title":3377,"path":3378,"stem":3379},"2010","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F06.2010","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F06.2010",{"title":3381,"path":3382,"stem":3383},"2011","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F07.2011","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F07.2011",{"title":3385,"path":3386,"stem":3387},"2012","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F08.2012","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F08.2012",{"title":3389,"path":3390,"stem":3391},"2013","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F09.2013","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F09.2013",{"title":3389,"path":3393,"stem":3394},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F10.2013","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F10.2013",{"title":2235,"path":3396,"stem":3397},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F11.mitre-cwe",{"title":3399,"path":3400,"stem":3401},"MITRE CWE 2.11","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-211","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F12.mitre-cwe-211",{"title":3403,"path":3404,"stem":3405},"MITRE CWE 3.1","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-31","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F13.mitre-cwe-31",{"title":3407,"path":3408,"stem":3409},"MITRE CWE 3.11","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-311","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F14.mitre-cwe-311",{"title":3411,"path":3412,"stem":3413},"GG. Risk Assessments","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fgg-risk-assessments","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F8.gg-risk-assessments",{"title":3415,"path":3416,"stem":3417,"children":3418},"Admin","\u002Fsei-cert-c-coding-standard\u002Fadmin","4.sei-cert-c-coding-standard\u002F05.admin\u002F1.index",[3419,3420,3424],{"title":3415,"path":3416,"stem":3417},{"title":3421,"path":3422,"stem":3423},"TODO List","\u002Fsei-cert-c-coding-standard\u002Fadmin\u002Ftodo-list","4.sei-cert-c-coding-standard\u002F05.admin\u002F2.todo-list",{"title":3425,"path":3426,"stem":3427},"Undefined and implementation-defined behaviors not deemed ruleworthy","\u002Fsei-cert-c-coding-standard\u002Fadmin\u002Fundefined-and-implementation-defined-behaviors-not-deemed-ruleworthy","4.sei-cert-c-coding-standard\u002F05.admin\u002F3.undefined-and-implementation-defined-behaviors-not-deemed-ruleworthy",{"title":3429,"path":3430,"stem":3431},"Coding Style Guidelines","\u002Fsei-cert-c-coding-standard\u002Fcoding-style-guidelines","4.sei-cert-c-coding-standard\u002F05.coding-style-guidelines",{"title":3433,"path":3434,"stem":3435},"Errata for SEI CERT C Coding Standard (2016 Edition)","\u002Fsei-cert-c-coding-standard\u002Ferrata-for-sei-cert-c-coding-standard-2016-edition","4.sei-cert-c-coding-standard\u002F06.errata-for-sei-cert-c-coding-standard-2016-edition",{"title":3437,"path":3438,"stem":3439},"Wiki Contents","\u002Fsei-cert-c-coding-standard\u002Fwiki-contents","4.sei-cert-c-coding-standard\u002F06.wiki-contents",{"title":3441,"path":3442,"stem":3443,"children":3444},"Recommendations","\u002Fsei-cert-c-coding-standard\u002Frecommendations","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F01.index",[3445,3446,3487,3504,3549,3590,3687,3704,3737,3806,3843,3917,3982,4031,4056,4149,4170,4227],{"title":3441,"path":3442,"stem":3443},{"title":2548,"path":3447,"stem":3448,"children":3449},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F01.index",[3450,3451,3455,3459,3463,3467,3471,3475,3479,3483],{"title":2548,"path":3447,"stem":3448},{"title":3452,"path":3453,"stem":3454},"API00-C. Functions should validate their parameters","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F02.api00-c",{"title":3456,"path":3457,"stem":3458},"API01-C. Avoid laying out strings in memory directly before sensitive data","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F03.api01-c",{"title":3460,"path":3461,"stem":3462},"API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F04.api02-c",{"title":3464,"path":3465,"stem":3466},"API03-C. Create consistent interfaces and capabilities across related functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F05.api03-c",{"title":3468,"path":3469,"stem":3470},"API04-C. Provide a consistent and usable error-checking mechanism","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F06.api04-c",{"title":3472,"path":3473,"stem":3474},"API05-C. Use conformant array parameters","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F07.api05-c",{"title":3476,"path":3477,"stem":3478},"API07-C. Enforce type safety","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F08.api07-c",{"title":3480,"path":3481,"stem":3482},"API09-C. Compatible values should have the same type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F09.api09-c",{"title":3484,"path":3485,"stem":3486},"API10-C. APIs should have security options enabled by default","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F10.api10-c",{"title":2552,"path":3488,"stem":3489,"children":3490},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F1.index",[3491,3492,3496,3500],{"title":2552,"path":3488,"stem":3489},{"title":3493,"path":3494,"stem":3495},"ARR00-C. Understand how arrays work","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F2.arr00-c",{"title":3497,"path":3498,"stem":3499},"ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F3.arr01-c",{"title":3501,"path":3502,"stem":3503},"ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F4.arr02-c",{"title":2582,"path":3505,"stem":3506,"children":3507},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F01.index",[3508,3509,3513,3517,3521,3525,3529,3533,3537,3541,3545],{"title":2582,"path":3505,"stem":3506},{"title":3510,"path":3511,"stem":3512},"STR00-C. Represent characters using an appropriate type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F02.str00-c",{"title":3514,"path":3515,"stem":3516},"STR01-C. Adopt and implement a consistent plan for managing strings","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F03.str01-c",{"title":3518,"path":3519,"stem":3520},"STR02-C. Sanitize data passed to complex subsystems","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F04.str02-c",{"title":3522,"path":3523,"stem":3524},"STR03-C. Do not inadvertently truncate a string","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F05.str03-c",{"title":3526,"path":3527,"stem":3528},"STR04-C. Use plain char for characters in the basic character set","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F06.str04-c",{"title":3530,"path":3531,"stem":3532},"STR05-C. Use pointers to const when referring to string literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F07.str05-c",{"title":3534,"path":3535,"stem":3536},"STR06-C. Do not assume that strtok() leaves the parse string unchanged","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F08.str06-c",{"title":3538,"path":3539,"stem":3540},"STR09-C. Don't assume numeric values for expressions with type plain character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F09.str09-c",{"title":3542,"path":3543,"stem":3544},"STR10-C. Do not concatenate different type of string literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F10.str10-c",{"title":3546,"path":3547,"stem":3548},"STR11-C. Do not specify the bound of a character array initialized with a string literal","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F11.str11-c",{"title":2612,"path":3550,"stem":3551,"children":3552},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F01.index",[3553,3554,3558,3562,3566,3570,3574,3578,3582,3586],{"title":2612,"path":3550,"stem":3551},{"title":3555,"path":3556,"stem":3557},"CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F02.con01-c",{"title":3559,"path":3560,"stem":3561},"CON02-C. Do not use volatile as a synchronization primitive","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F03.con02-c",{"title":3563,"path":3564,"stem":3565},"CON03-C. Ensure visibility when accessing shared variables","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F04.con03-c",{"title":3567,"path":3568,"stem":3569},"CON04-C. Join or detach threads even if their exit status is unimportant","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F05.con04-c",{"title":3571,"path":3572,"stem":3573},"CON05-C. Do not perform operations that can block while holding a lock","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F06.con05-c",{"title":3575,"path":3576,"stem":3577},"CON06-C. Ensure that every mutex outlives the data it protects","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F07.con06-c",{"title":3579,"path":3580,"stem":3581},"CON07-C. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F08.con07-c",{"title":3583,"path":3584,"stem":3585},"CON08-C. Do not assume that a group of calls to independently atomic methods is atomic","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F09.con08-c",{"title":3587,"path":3588,"stem":3589},"CON09-C. Avoid the ABA problem when using lock-free algorithms","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F10.con09-c",{"title":2674,"path":3591,"stem":3592,"children":3593},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F01.index",[3594,3595,3599,3603,3607,3611,3615,3619,3623,3627,3631,3635,3639,3643,3647,3651,3655,3659,3663,3667,3671,3675,3679,3683],{"title":2674,"path":3591,"stem":3592},{"title":3596,"path":3597,"stem":3598},"DCL00-C. Const-qualify immutable objects","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F02.dcl00-c",{"title":3600,"path":3601,"stem":3602},"DCL01-C. Do not reuse variable names in subscopes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F03.dcl01-c",{"title":3604,"path":3605,"stem":3606},"DCL02-C. Use visually distinct identifiers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F04.dcl02-c",{"title":3608,"path":3609,"stem":3610},"DCL03-C. Use a static assertion to test the value of a constant expression","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F05.dcl03-c",{"title":3612,"path":3613,"stem":3614},"DCL04-C. Do not declare more than one variable per declaration","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F06.dcl04-c",{"title":3616,"path":3617,"stem":3618},"DCL05-C. Use typedefs of non-pointer types only","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F07.dcl05-c",{"title":3620,"path":3621,"stem":3622},"DCL06-C. Use meaningful symbolic constants to represent literal values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F08.dcl06-c",{"title":3624,"path":3625,"stem":3626},"DCL07-C. Include the appropriate type information in function declarators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F09.dcl07-c",{"title":3628,"path":3629,"stem":3630},"DCL08-C. Properly encode relationships in constant definitions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F10.dcl08-c",{"title":3632,"path":3633,"stem":3634},"DCL09-C. Declare functions that return errno with a return type of errno_t","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F11.dcl09-c",{"title":3636,"path":3637,"stem":3638},"DCL10-C. Maintain the contract between the writer and caller of variadic functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F12.dcl10-c",{"title":3640,"path":3641,"stem":3642},"DCL11-C. Understand the type issues associated with variadic functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F13.dcl11-c",{"title":3644,"path":3645,"stem":3646},"DCL12-C. Implement abstract data types using opaque types","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F14.dcl12-c",{"title":3648,"path":3649,"stem":3650},"DCL13-C. Declare function parameters that are pointers to values not changed by the function as const","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F15.dcl13-c",{"title":3652,"path":3653,"stem":3654},"DCL15-C. Declare file-scope objects or functions that do not need external linkage as static","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F16.dcl15-c",{"title":3656,"path":3657,"stem":3658},"DCL16-C. Use \"L,\" not \"l,\" to indicate a long value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F17.dcl16-c",{"title":3660,"path":3661,"stem":3662},"DCL17-C. Beware of miscompiled volatile-qualified variables","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F18.dcl17-c",{"title":3664,"path":3665,"stem":3666},"DCL18-C. Do not begin integer constants with 0 when specifying a decimal value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F19.dcl18-c",{"title":3668,"path":3669,"stem":3670},"DCL19-C. Minimize the scope of variables and functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F20.dcl19-c",{"title":3672,"path":3673,"stem":3674},"DCL20-C. Explicitly specify void when a function accepts no arguments","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F21.dcl20-c",{"title":3676,"path":3677,"stem":3678},"DCL21-C. Understand the storage of compound literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F22.dcl21-c",{"title":3680,"path":3681,"stem":3682},"DCL22-C. Use volatile for data that cannot be cached","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F23.dcl22-c",{"title":3684,"path":3685,"stem":3686},"DCL23-C. Guarantee that mutually visible identifiers are unique","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F24.dcl23-c",{"title":2712,"path":3688,"stem":3689,"children":3690},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F1.index",[3691,3692,3696,3700],{"title":2712,"path":3688,"stem":3689},{"title":3693,"path":3694,"stem":3695},"ENV01-C. Do not make assumptions about the size of an environment variable","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F2.env01-c",{"title":3697,"path":3698,"stem":3699},"ENV02-C. Beware of multiple environment variables with the same effective name","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F3.env02-c",{"title":3701,"path":3702,"stem":3703},"ENV03-C. Sanitize the environment when invoking external programs","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F4.env03-c",{"title":2738,"path":3705,"stem":3706,"children":3707},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F1.index",[3708,3709,3713,3717,3721,3725,3729,3733],{"title":2738,"path":3705,"stem":3706},{"title":3710,"path":3711,"stem":3712},"ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F2.err00-c",{"title":3714,"path":3715,"stem":3716},"ERR01-C. Use ferror() rather than errno to check for FILE stream errors","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F3.err01-c",{"title":3718,"path":3719,"stem":3720},"ERR02-C. Avoid in-band error indicators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F4.err02-c",{"title":3722,"path":3723,"stem":3724},"ERR04-C. Choose an appropriate termination strategy","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F5.err04-c",{"title":3726,"path":3727,"stem":3728},"ERR05-C. Application-independent code should provide error detection without dictating error handling","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F6.err05-c",{"title":3730,"path":3731,"stem":3732},"ERR06-C. Understand the termination behavior of assert() and abort()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F7.err06-c",{"title":3734,"path":3735,"stem":3736},"ERR07-C. Prefer functions that support error checking over equivalent functions that don't","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F8.err07-c",{"title":2760,"path":3738,"stem":3739,"children":3740},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F01.index",[3741,3742,3746,3750,3754,3758,3762,3766,3770,3774,3778,3782,3786,3790,3794,3798,3802],{"title":2760,"path":3738,"stem":3739},{"title":3743,"path":3744,"stem":3745},"EXP00-C. Use parentheses for precedence of operation","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F02.exp00-c",{"title":3747,"path":3748,"stem":3749},"EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F03.exp02-c",{"title":3751,"path":3752,"stem":3753},"EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F04.exp03-c",{"title":3755,"path":3756,"stem":3757},"EXP05-C. Do not cast away a const qualification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F05.exp05-c",{"title":3759,"path":3760,"stem":3761},"EXP07-C. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F06.exp07-c",{"title":3763,"path":3764,"stem":3765},"EXP08-C. Ensure pointer arithmetic is used correctly","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F07.exp08-c",{"title":3767,"path":3768,"stem":3769},"EXP09-C. Use sizeof to determine the size of a type or variable","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F08.exp09-c",{"title":3771,"path":3772,"stem":3773},"EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F09.exp10-c",{"title":3775,"path":3776,"stem":3777},"EXP11-C. Do not make assumptions regarding the layout of structures with bit-fields","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F10.exp11-c",{"title":3779,"path":3780,"stem":3781},"EXP12-C. Do not ignore values returned by functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F11.exp12-c",{"title":3783,"path":3784,"stem":3785},"EXP13-C. Treat relational and equality operators as if they were nonassociative","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F12.exp13-c",{"title":3787,"path":3788,"stem":3789},"EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F13.exp14-c",{"title":3791,"path":3792,"stem":3793},"EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F14.exp15-c",{"title":3795,"path":3796,"stem":3797},"EXP16-C. Do not compare function pointers to constant values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F15.exp16-c",{"title":3799,"path":3800,"stem":3801},"EXP19-C. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F16.exp19-c",{"title":3803,"path":3804,"stem":3805},"EXP20-C. Perform explicit tests to determine success, true and false, and equality","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F17.exp20-c",{"title":2826,"path":3807,"stem":3808,"children":3809},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F1.index",[3810,3811,3815,3819,3823,3827,3831,3835,3839],{"title":2826,"path":3807,"stem":3808},{"title":3812,"path":3813,"stem":3814},"FLP00-C. Understand the limitations of floating-point numbers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F2.flp00-c",{"title":3816,"path":3817,"stem":3818},"FLP01-C. Take care in rearranging floating-point expressions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F3.flp01-c",{"title":3820,"path":3821,"stem":3822},"FLP02-C. Avoid using floating-point numbers when precise computation is needed","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F4.flp02-c",{"title":3824,"path":3825,"stem":3826},"FLP03-C. Detect and handle floating-point errors","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F5.flp03-c",{"title":3828,"path":3829,"stem":3830},"FLP04-C. Check floating-point inputs for exceptional values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F6.flp04-c",{"title":3832,"path":3833,"stem":3834},"FLP05-C. Do not use denormalized numbers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F7.flp05-c",{"title":3836,"path":3837,"stem":3838},"FLP06-C. Convert integers to floating point for floating-point operations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F8.flp06-c",{"title":3840,"path":3841,"stem":3842},"FLP07-C. Cast the return value of a function that returns a floating-point type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F9.flp07-c",{"title":2852,"path":3844,"stem":3845,"children":3846},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F01.index",[3847,3848,3852,3856,3860,3864,3868,3872,3876,3880,3884,3888,3892,3894,3898,3902,3906,3907,3908,3909,3913],{"title":2852,"path":3844,"stem":3845},{"title":3849,"path":3850,"stem":3851},"FIO01-C. Be careful using functions that use file names for identification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F02.fio01-c",{"title":3853,"path":3854,"stem":3855},"FIO02-C. Canonicalize path names originating from tainted sources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F03.fio02-c",{"title":3857,"path":3858,"stem":3859},"FIO03-C. Do not make assumptions about fopen() and file creation","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F04.fio03-c",{"title":3861,"path":3862,"stem":3863},"FIO05-C. Identify files using multiple file attributes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F05.fio05-c",{"title":3865,"path":3866,"stem":3867},"FIO06-C. Create files with appropriate access permissions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F06.fio06-c",{"title":3869,"path":3870,"stem":3871},"FIO08-C. Take care when calling remove() on an open file","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F07.fio08-c",{"title":3873,"path":3874,"stem":3875},"FIO09-C. Be careful with binary data when transferring data across systems","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F08.fio09-c",{"title":3877,"path":3878,"stem":3879},"FIO10-C. Take care when using the rename() function","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F09.fio10-c",{"title":3881,"path":3882,"stem":3883},"FIO11-C. Take care when specifying the mode parameter of fopen()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F10.fio11-c",{"title":3885,"path":3886,"stem":3887},"FIO13-C. Never push back anything other than one read character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F11.fio13-c",{"title":3889,"path":3890,"stem":3891},"FIO14-C. Understand the difference between text mode and binary mode with file streams","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F12.fio14-c",{"title":1771,"path":1770,"stem":3893},"4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F13.fio15-c",{"title":3895,"path":3896,"stem":3897},"FIO17-C. Do not rely on an ending null character when using fread()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F14.fio17-c",{"title":3899,"path":3900,"stem":3901},"FIO18-C. Never expect fwrite() to terminate the writing process at a null character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F15.fio18-c",{"title":3903,"path":3904,"stem":3905},"FIO19-C. Do not use fseek() and ftell() to compute the size of a regular file","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F16.fio19-c",{"title":2457,"path":2394,"stem":2458},{"title":30,"path":2451,"stem":2453},{"title":2460,"path":2408,"stem":2461},{"title":3910,"path":3911,"stem":3912},"FIO23-C. Do not exit with unflushed data in stdout or stderr","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F20.fio23-c",{"title":3914,"path":3915,"stem":3916},"FIO24-C. Do not open a file that is already open","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio24-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F21.fio24-c",{"title":2910,"path":3918,"stem":3919,"children":3920},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F01.index",[3921,3922,3926,3930,3934,3938,3942,3946,3950,3954,3958,3962,3966,3970,3974,3978],{"title":2910,"path":3918,"stem":3919},{"title":3923,"path":3924,"stem":3925},"INT00-C. Understand the data model used by your implementation(s)","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F02.int00-c",{"title":3927,"path":3928,"stem":3929},"INT01-C. Use size_t or rsize_t for all integer values representing the size of an object","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F03.int01-c",{"title":3931,"path":3932,"stem":3933},"INT04-C. Enforce limits on integer values originating from tainted sources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F05.int04-c",{"title":3935,"path":3936,"stem":3937},"INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F06.int05-c",{"title":3939,"path":3940,"stem":3941},"INT07-C. Use only explicitly signed or unsigned char type for numeric values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F07.int07-c",{"title":3943,"path":3944,"stem":3945},"INT08-C. Verify that all integer values are in range","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F08.int08-c",{"title":3947,"path":3948,"stem":3949},"INT09-C. Ensure enumeration constants map to unique values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F09.int09-c",{"title":3951,"path":3952,"stem":3953},"INT10-C. Do not assume a positive remainder when using the % operator","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F10.int10-c",{"title":3955,"path":3956,"stem":3957},"INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F11.int12-c",{"title":3959,"path":3960,"stem":3961},"INT13-C. Use bitwise operators only on unsigned operands","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F12.int13-c",{"title":3963,"path":3964,"stem":3965},"INT14-C. Avoid performing bitwise and arithmetic operations on the same data","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F13.int14-c",{"title":3967,"path":3968,"stem":3969},"INT15-C. Use intmax_t or uintmax_t for formatted IO on programmer-defined integer types","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F14.int15-c",{"title":3971,"path":3972,"stem":3973},"INT16-C. Do not make assumptions about representation of signed integers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F15.int16-c",{"title":3975,"path":3976,"stem":3977},"INT17-C. Define integer constants in an implementation-independent manner","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F16.int17-c",{"title":3979,"path":3980,"stem":3981},"INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F17.int18-c",{"title":2944,"path":3983,"stem":3984,"children":3985},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F01.index",[3986,3987,3991,3995,3999,4003,4007,4011,4015,4019,4023,4027],{"title":2944,"path":3983,"stem":3984},{"title":3988,"path":3989,"stem":3990},"MEM00-C. Allocate and free memory in the same module, at the same level of abstraction","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F02.mem00-c",{"title":3992,"path":3993,"stem":3994},"MEM01-C. Store a new value in pointers immediately after free()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F03.mem01-c",{"title":3996,"path":3997,"stem":3998},"MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F04.mem02-c",{"title":4000,"path":4001,"stem":4002},"MEM03-C. Clear sensitive information stored in reusable resources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F05.mem03-c",{"title":4004,"path":4005,"stem":4006},"MEM04-C. Beware of zero-length allocations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F06.mem04-c",{"title":4008,"path":4009,"stem":4010},"MEM05-C. Avoid large stack allocations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F07.mem05-c",{"title":4012,"path":4013,"stem":4014},"MEM06-C. Ensure that sensitive data is not written out to disk","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F08.mem06-c",{"title":4016,"path":4017,"stem":4018},"MEM07-C. Ensure that the arguments to calloc(), when multiplied, do not wrap","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F09.mem07-c",{"title":4020,"path":4021,"stem":4022},"MEM10-C. Define and use a pointer validation function","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F10.mem10-c",{"title":4024,"path":4025,"stem":4026},"MEM11-C. Do not assume infinite heap space","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F11.mem11-c",{"title":4028,"path":4029,"stem":4030},"MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F12.mem12-c",{"title":2974,"path":4032,"stem":4033,"children":4034},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F1.index",[4035,4036,4040,4044,4048,4052],{"title":2974,"path":4032,"stem":4033},{"title":4037,"path":4038,"stem":4039},"WIN00-C. Be specific when dynamically loading libraries","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F2.win00-c",{"title":4041,"path":4042,"stem":4043},"WIN01-C. Do not forcibly terminate execution","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F3.win01-c",{"title":4045,"path":4046,"stem":4047},"WIN02-C. Restrict privileges when spawning child processes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F4.win02-c",{"title":4049,"path":4050,"stem":4051},"WIN03-C. Understand HANDLE inheritance","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F5.win03-c",{"title":4053,"path":4054,"stem":4055},"WIN04-C. Consider encrypting function pointers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F6.win04-c",{"title":2984,"path":4057,"stem":4058,"children":4059},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F01.index",[4060,4061,4065,4069,4073,4077,4081,4085,4089,4093,4097,4101,4105,4109,4113,4117,4121,4125,4129,4133,4137,4141,4145],{"title":2984,"path":4057,"stem":4058},{"title":4062,"path":4063,"stem":4064},"MSC00-C. Compile cleanly at high warning levels","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F02.msc00-c",{"title":4066,"path":4067,"stem":4068},"MSC01-C. Strive for logical completeness","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F03.msc01-c",{"title":4070,"path":4071,"stem":4072},"MSC04-C. Use comments consistently and in a readable fashion","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F04.msc04-c",{"title":4074,"path":4075,"stem":4076},"MSC05-C. Do not manipulate time_t typed values directly","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F05.msc05-c",{"title":4078,"path":4079,"stem":4080},"MSC06-C. Beware of compiler optimizations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F06.msc06-c",{"title":4082,"path":4083,"stem":4084},"MSC07-C. Detect and remove dead code","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F07.msc07-c",{"title":4086,"path":4087,"stem":4088},"UTF8-related issues","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Futf8-related-issues","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F08.utf8-related-issues",{"title":4090,"path":4091,"stem":4092},"MSC11-C. Incorporate diagnostic tests using assertions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F09.msc11-c",{"title":4094,"path":4095,"stem":4096},"MSC12-C. Detect and remove code that has no effect or is never executed","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F10.msc12-c",{"title":4098,"path":4099,"stem":4100},"MSC13-C. Detect and remove unused values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F11.msc13-c",{"title":4102,"path":4103,"stem":4104},"MSC14-C. Do not introduce unnecessary platform dependencies","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F12.msc14-c",{"title":4106,"path":4107,"stem":4108},"MSC15-C. Do not depend on undefined behavior","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F13.msc15-c",{"title":4110,"path":4111,"stem":4112},"MSC17-C. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F14.msc17-c",{"title":4114,"path":4115,"stem":4116},"MSC18-C. Be careful while handling sensitive data, such as passwords, in program code","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F15.msc18-c",{"title":4118,"path":4119,"stem":4120},"MSC19-C. For functions that return an array, prefer returning an empty array over a null value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F16.msc19-c",{"title":4122,"path":4123,"stem":4124},"MSC20-C. Do not use a switch statement to transfer control into a complex block","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F17.msc20-c",{"title":4126,"path":4127,"stem":4128},"MSC21-C. Use robust loop termination conditions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F18.msc21-c",{"title":4130,"path":4131,"stem":4132},"MSC22-C. Use the setjmp(), longjmp() facility securely","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F19.msc22-c",{"title":4134,"path":4135,"stem":4136},"MSC23-C. Beware of vendor-specific library and language differences","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F20.msc23-c",{"title":4138,"path":4139,"stem":4140},"MSC24-C. Do not use deprecated or obsolescent functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc24-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F21.msc24-c",{"title":4142,"path":4143,"stem":4144},"MSC25-C. Do not use insecure or weak cryptographic algorithms","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc25-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F22.msc25-c",{"title":4146,"path":4147,"stem":4148},"Use subset of ASCII for safety","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fuse-subset-of-ascii-for-safety","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F23.use-subset-of-ascii-for-safety",{"title":3022,"path":4150,"stem":4151,"children":4152},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F1.index",[4153,4154,4158,4162,4166],{"title":3022,"path":4150,"stem":4151},{"title":4155,"path":4156,"stem":4157},"POS01-C. Check for the existence of links when dealing with files","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F2.pos01-c",{"title":4159,"path":4160,"stem":4161},"POS02-C. Follow the principle of least privilege","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F3.pos02-c",{"title":4163,"path":4164,"stem":4165},"POS04-C. Avoid using PTHREAD_MUTEX_NORMAL type mutex locks","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F4.pos04-c",{"title":4167,"path":4168,"stem":4169},"POS05-C. Limit access to files by creating a jail","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F5.pos05-c",{"title":3092,"path":4171,"stem":4172,"children":4173},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F01.index",[4174,4175,4179,4183,4187,4191,4195,4199,4203,4207,4211,4215,4219,4223],{"title":3092,"path":4171,"stem":4172},{"title":4176,"path":4177,"stem":4178},"PRE00-C. Prefer inline or static functions to function-like macros","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F02.pre00-c",{"title":4180,"path":4181,"stem":4182},"PRE01-C. Use parentheses within macros around parameter names","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F03.pre01-c",{"title":4184,"path":4185,"stem":4186},"PRE02-C. Macro replacement lists should be parenthesized","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F04.pre02-c",{"title":4188,"path":4189,"stem":4190},"PRE04-C. Do not reuse a standard header file name","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F05.pre04-c",{"title":4192,"path":4193,"stem":4194},"PRE05-C. Understand macro replacement when concatenating tokens or performing stringification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F06.pre05-c",{"title":4196,"path":4197,"stem":4198},"PRE06-C. Enclose header files in an include guard","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F07.pre06-c",{"title":4200,"path":4201,"stem":4202},"PRE07-C. Avoid using repeated question marks","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F08.pre07-c",{"title":4204,"path":4205,"stem":4206},"PRE08-C. Guarantee that header file names are unique","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F09.pre08-c",{"title":4208,"path":4209,"stem":4210},"PRE09-C. Do not replace secure functions with deprecated or obsolescent functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F10.pre09-c",{"title":4212,"path":4213,"stem":4214},"PRE10-C. Wrap multistatement macros in a do-while loop","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F11.pre10-c",{"title":4216,"path":4217,"stem":4218},"PRE11-C. Do not conclude macro definitions with a semicolon","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F12.pre11-c",{"title":4220,"path":4221,"stem":4222},"PRE12-C. Do not define unsafe macros","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F13.pre12-c",{"title":4224,"path":4225,"stem":4226},"PRE13-C. Use the Standard predefined macros to test for versions and features.","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F14.pre13-c",{"title":3110,"path":4228,"stem":4229,"children":4230},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F1.index",[4231,4232,4236,4240],{"title":3110,"path":4228,"stem":4229},{"title":4233,"path":4234,"stem":4235},"SIG00-C. Mask signals handled by noninterruptible signal handlers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F2.sig00-c",{"title":4237,"path":4238,"stem":4239},"SIG01-C. Understand implementation-specific details regarding signal handler persistence","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F3.sig01-c",{"title":4241,"path":4242,"stem":4243},"SIG02-C. Avoid using signals to implement normal functionality","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F4.sig02-c",{"title":4245,"path":4246,"stem":4247},"CERT manifest files","\u002Fsei-cert-c-coding-standard\u002Fcert-manifest-files","4.sei-cert-c-coding-standard\u002F09.cert-manifest-files",1775657831559]