[{"data":1,"prerenderedAt":6704},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr31-c":28,"surround-\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr31-c":4938,"sidebar-sei-cert-c-coding-standard":4945},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":4913,"extension":4914,"meta":4915,"navigation":7,"path":4934,"seo":4935,"stem":4936,"__hash__":4937},"content\u002F4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F3.str31-c.md","STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator",{"type":32,"value":33,"toc":4864},"minimark",[34,38,53,71,76,100,280,284,290,418,426,446,454,550,557,564,575,874,890,897,925,1248,1263,1269,1284,1453,1472,1477,1491,1740,1746,1754,1860,1865,1873,1970,1976,1988,2030,2060,2070,2208,2213,2224,2408,2411,2416,2426,2662,2670,2675,2681,2776,2782,2790,2803,2806,2917,2922,2928,3102,3108,3114,3185,3194,3199,3220,3286,3293,3371,3377,3388,3489,3493,3496,3562,3567,3570,4253,4257,4276,4288,4301,4313,4317,4324,4542,4546,4552,4556,4559,4564,4568,4571,4574,4577,4580,4585,4588,4593,4596,4601,4606,4610,4615,4620,4623,4628,4633,4636,4641,4644,4649,4653,4656,4661,4665,4668,4670,4672,4675,4680,4683,4688,4691,4696,4700,4703,4705,4707,4710,4715,4719,4722,4725,4729,4836,4839,4860],[35,36,30],"h1",{"id":37},"str31-c-guarantee-that-storage-for-strings-has-sufficient-space-for-character-data-and-the-null-terminator",[39,40,41,42,47,48,52],"p",{},"Copying data to a buffer that is not large enough to hold that data results in a buffer overflow. Buffer overflows occur frequently when manipulating strings [ ",[43,44,46],"a",{"href":45},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Seacord2013","Seacord 2013b"," ]. To prevent such errors, either limit copies through truncation or, preferably, ensure that the destination is of sufficient size to hold the character data to be copied and the null-termination character. (See ",[43,49,51],{"href":50},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr03-c","STR03-C. Do not inadvertently truncate a string"," .)",[39,54,55,56,60,61,65,66,70],{},"When strings live on the heap, this rule is a specific instance of ",[43,57,59],{"href":58},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem35-c","MEM35-C. Allocate sufficient memory for an object"," . Because strings are represented as arrays of characters, this rule is related to both ",[43,62,64],{"href":63},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr30-c","ARR30-C. Do not form or use out-of-bounds pointers or array subscripts"," and ",[43,67,69],{"href":68},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr38-c","ARR38-C. Guarantee that library functions do not form invalid pointers"," .",[72,73,75],"h2",{"id":74},"noncompliant-code-example-off-by-one-error","Noncompliant Code Example (Off-by-One Error)",[39,77,78,79,83,84,88,89,93,94,97,98,70],{},"This noncompliant code example demonstrates an ",[80,81,82],"em",{},"off-by-one"," error [ ",[43,85,87],{"href":86},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Dowd06","Dowd 2006"," ]. The loop copies data from ",[90,91,92],"code",{},"src"," to ",[90,95,96],{},"dest"," . However, because the loop does not account for the null-termination character, it may be incorrectly written 1 byte past the end of ",[90,99,96],{},[101,102,104],"code-block",{"quality":103},"bad",[105,106,111],"pre",{"className":107,"code":108,"language":109,"meta":110,"style":110},"language-c shiki shiki-themes github-light github-dark monokai","#include \u003Cstddef.h>\n \nvoid copy(size_t n, char src[n], char dest[n]) {\n   size_t i;\n \n   for (i = 0; src[i] && (i \u003C n); ++i) {\n     dest[i] = src[i];\n   }\n   dest[i] = '\\0';\n}\n","c","",[90,112,113,126,133,175,184,190,231,246,252,274],{"__ignoreMap":110},[114,115,118,122],"span",{"class":116,"line":117},"line",1,[114,119,121],{"class":120},"sC2Qs","#include",[114,123,125],{"class":124},"sstjo"," \u003Cstddef.h>\n",[114,127,129],{"class":116,"line":128},2,[114,130,132],{"class":131},"sMOD_"," \n",[114,134,136,140,144,147,150,154,157,160,164,167,169,172],{"class":116,"line":135},3,[114,137,139],{"class":138},"sq6CD","void",[114,141,143],{"class":142},"srTi1"," copy",[114,145,146],{"class":131},"(",[114,148,149],{"class":138},"size_t",[114,151,153],{"class":152},"sTHNf"," n",[114,155,156],{"class":131},", ",[114,158,159],{"class":138},"char",[114,161,163],{"class":162},"sOrwc"," src",[114,165,166],{"class":131},"[n], ",[114,168,159],{"class":138},[114,170,171],{"class":162}," dest",[114,173,174],{"class":131},"[n]) {\n",[114,176,178,181],{"class":116,"line":177},4,[114,179,180],{"class":138},"   size_t",[114,182,183],{"class":131}," i;\n",[114,185,187],{"class":116,"line":186},5,[114,188,189],{"class":131}," \n",[114,191,193,196,199,202,206,209,211,214,217,219,222,225,228],{"class":116,"line":192},6,[114,194,195],{"class":120},"   for",[114,197,198],{"class":131}," (i ",[114,200,201],{"class":120},"=",[114,203,205],{"class":204},"s7F3e"," 0",[114,207,208],{"class":131},"; ",[114,210,92],{"class":162},[114,212,213],{"class":131},"[i] ",[114,215,216],{"class":120},"&&",[114,218,198],{"class":131},[114,220,221],{"class":120},"\u003C",[114,223,224],{"class":131}," n); ",[114,226,227],{"class":120},"++",[114,229,230],{"class":131},"i) {\n",[114,232,234,237,239,241,243],{"class":116,"line":233},7,[114,235,236],{"class":162},"     dest",[114,238,213],{"class":131},[114,240,201],{"class":120},[114,242,163],{"class":162},[114,244,245],{"class":131},"[i];\n",[114,247,249],{"class":116,"line":248},8,[114,250,251],{"class":131},"   }\n",[114,253,255,258,260,262,265,268,271],{"class":116,"line":254},9,[114,256,257],{"class":162},"   dest",[114,259,213],{"class":131},[114,261,201],{"class":120},[114,263,264],{"class":124}," '",[114,266,267],{"class":204},"\\0",[114,269,270],{"class":124},"'",[114,272,273],{"class":131},";\n",[114,275,277],{"class":116,"line":276},10,[114,278,279],{"class":131},"}\n",[72,281,283],{"id":282},"compliant-solution-off-by-one-error","Compliant Solution (Off-by-One Error)",[39,285,286,287,289],{},"In this compliant solution, the loop termination condition is modified to account for the null-termination character that is appended to ",[90,288,96],{}," :",[101,291,293],{"quality":292},"good",[105,294,296],{"className":107,"code":295,"language":109,"meta":110,"style":110},"#include \u003Cstddef.h>\n \nvoid copy(size_t n, char src[n], char dest[n]) {\n   size_t i;\n \n   for (i = 0; src[i] && (i \u003C n - 1); ++i) {\n     dest[i] = src[i];\n   }\n   dest[i] = '\\0';\n}\n",[90,297,298,304,308,334,340,344,382,394,398,414],{"__ignoreMap":110},[114,299,300,302],{"class":116,"line":117},[114,301,121],{"class":120},[114,303,125],{"class":124},[114,305,306],{"class":116,"line":128},[114,307,132],{"class":131},[114,309,310,312,314,316,318,320,322,324,326,328,330,332],{"class":116,"line":135},[114,311,139],{"class":138},[114,313,143],{"class":142},[114,315,146],{"class":131},[114,317,149],{"class":138},[114,319,153],{"class":152},[114,321,156],{"class":131},[114,323,159],{"class":138},[114,325,163],{"class":162},[114,327,166],{"class":131},[114,329,159],{"class":138},[114,331,171],{"class":162},[114,333,174],{"class":131},[114,335,336,338],{"class":116,"line":177},[114,337,180],{"class":138},[114,339,183],{"class":131},[114,341,342],{"class":116,"line":186},[114,343,189],{"class":131},[114,345,346,348,350,352,354,356,358,360,362,364,366,369,372,375,378,380],{"class":116,"line":192},[114,347,195],{"class":120},[114,349,198],{"class":131},[114,351,201],{"class":120},[114,353,205],{"class":204},[114,355,208],{"class":131},[114,357,92],{"class":162},[114,359,213],{"class":131},[114,361,216],{"class":120},[114,363,198],{"class":131},[114,365,221],{"class":120},[114,367,368],{"class":131}," n ",[114,370,371],{"class":120},"-",[114,373,374],{"class":204}," 1",[114,376,377],{"class":131},"); ",[114,379,227],{"class":120},[114,381,230],{"class":131},[114,383,384,386,388,390,392],{"class":116,"line":233},[114,385,236],{"class":162},[114,387,213],{"class":131},[114,389,201],{"class":120},[114,391,163],{"class":162},[114,393,245],{"class":131},[114,395,396],{"class":116,"line":248},[114,397,251],{"class":131},[114,399,400,402,404,406,408,410,412],{"class":116,"line":254},[114,401,257],{"class":162},[114,403,213],{"class":131},[114,405,201],{"class":120},[114,407,264],{"class":124},[114,409,267],{"class":204},[114,411,270],{"class":124},[114,413,273],{"class":131},[114,415,416],{"class":116,"line":276},[114,417,279],{"class":131},[72,419,421,422,425],{"id":420},"noncompliant-code-example-gets","Noncompliant Code Example ( ",[90,423,424],{},"gets()"," )",[39,427,428,429,431,432,435,436,438,439,442,443,445],{},"The ",[90,430,424],{}," function, which was deprecated in the C99 Technical Corrigendum 3 and removed from C11 , is inherently unsafe and should never be used because it provides no way to control how much data is read into a buffer from ",[90,433,434],{},"stdin"," . This noncompliant code example assumes that ",[90,437,424],{}," will not read more than ",[90,440,441],{},"  BUFFER_SIZE - 1 "," characters from ",[90,444,434],{}," . This is an invalid assumption, and the resulting operation can result in a buffer overflow.",[39,447,428,448,450,451,453],{},[90,449,424],{}," function reads characters from the ",[90,452,434],{}," into a destination array until end-of-file is encountered or a newline character is read. Any newline character is discarded, and a null character is written immediately after the last character read into the array.",[101,455,456],{"quality":103},[105,457,459],{"className":107,"code":458,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \n#define BUFFER_SIZE 1024\n\nvoid func(void) {\n  char buf[BUFFER_SIZE];\n  if (gets(buf) == NULL) {\n    \u002F* Handle error *\u002F\n  }\n}\n",[90,460,461,468,472,483,488,502,513,535,541,546],{"__ignoreMap":110},[114,462,463,465],{"class":116,"line":117},[114,464,121],{"class":120},[114,466,467],{"class":124}," \u003Cstdio.h>\n",[114,469,470],{"class":116,"line":128},[114,471,132],{"class":131},[114,473,474,477,480],{"class":116,"line":135},[114,475,476],{"class":120},"#define",[114,478,479],{"class":142}," BUFFER_SIZE",[114,481,482],{"class":204}," 1024\n",[114,484,485],{"class":116,"line":177},[114,486,487],{"emptyLinePlaceholder":7},"\n",[114,489,490,492,495,497,499],{"class":116,"line":186},[114,491,139],{"class":138},[114,493,494],{"class":142}," func",[114,496,146],{"class":131},[114,498,139],{"class":138},[114,500,501],{"class":131},") {\n",[114,503,504,507,510],{"class":116,"line":192},[114,505,506],{"class":138},"  char",[114,508,509],{"class":162}," buf",[114,511,512],{"class":131},"[BUFFER_SIZE];\n",[114,514,515,518,521,524,527,530,533],{"class":116,"line":233},[114,516,517],{"class":120},"  if",[114,519,520],{"class":131}," (",[114,522,523],{"class":142},"gets",[114,525,526],{"class":131},"(buf) ",[114,528,529],{"class":120},"==",[114,531,532],{"class":204}," NULL",[114,534,501],{"class":131},[114,536,537],{"class":116,"line":248},[114,538,540],{"class":539},"s8-w5","    \u002F* Handle error *\u002F\n",[114,542,543],{"class":116,"line":254},[114,544,545],{"class":131},"  }\n",[114,547,548],{"class":116,"line":276},[114,549,279],{"class":131},[39,551,552,553,70],{},"See also ",[43,554,556],{"href":555},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc24-c","MSC24-C. Do not use deprecated or obsolescent functions",[72,558,560,561,425],{"id":559},"compliant-solution-fgets","Compliant Solution ( ",[90,562,563],{},"fgets()",[39,565,428,566,568,569,93,571,574],{},[90,567,563],{}," function reads, at most, one less than the specified number of characters from a stream into an array. This solution is compliant because the number of characters copied from ",[90,570,434],{},[90,572,573],{},"buf"," cannot exceed the allocated memory:",[101,576,577],{"quality":292},[105,578,580],{"className":107,"code":579,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n#include \u003Cstring.h>\n \nenum { BUFFERSIZE = 32 };\n \nvoid func(void) {\n  char buf[BUFFERSIZE];\n  int ch;\n\n  if (fgets(buf, sizeof(buf), stdin)) {\n    \u002F* fgets() succeeded; scan for newline character *\u002F\n    char *p = strchr(buf, '\\n');\n    if (p) {\n      *p = '\\0';\n    } else {\n      \u002F* Newline not found; flush stdin to end of line *\u002F\n      while ((ch = getchar()) != '\\n' && ch != EOF)\n        ;\n      if (ch == EOF && !feof(stdin) && !ferror(stdin)) {\n          \u002F* Character resembles EOF; handle error *\u002F \n      }\n    }\n  } else {\n    \u002F* fgets() failed; handle error *\u002F\n  }\n}\n",[90,581,582,588,595,599,615,619,631,640,648,652,670,676,705,714,732,744,750,787,793,828,836,842,848,858,864,869],{"__ignoreMap":110},[114,583,584,586],{"class":116,"line":117},[114,585,121],{"class":120},[114,587,467],{"class":124},[114,589,590,592],{"class":116,"line":128},[114,591,121],{"class":120},[114,593,594],{"class":124}," \u003Cstring.h>\n",[114,596,597],{"class":116,"line":135},[114,598,132],{"class":131},[114,600,601,604,607,609,612],{"class":116,"line":177},[114,602,603],{"class":138},"enum",[114,605,606],{"class":131}," { BUFFERSIZE ",[114,608,201],{"class":120},[114,610,611],{"class":204}," 32",[114,613,614],{"class":131}," };\n",[114,616,617],{"class":116,"line":186},[114,618,132],{"class":131},[114,620,621,623,625,627,629],{"class":116,"line":192},[114,622,139],{"class":138},[114,624,494],{"class":142},[114,626,146],{"class":131},[114,628,139],{"class":138},[114,630,501],{"class":131},[114,632,633,635,637],{"class":116,"line":233},[114,634,506],{"class":138},[114,636,509],{"class":162},[114,638,639],{"class":131},"[BUFFERSIZE];\n",[114,641,642,645],{"class":116,"line":248},[114,643,644],{"class":138},"  int",[114,646,647],{"class":131}," ch;\n",[114,649,650],{"class":116,"line":254},[114,651,487],{"emptyLinePlaceholder":7},[114,653,654,656,658,661,664,667],{"class":116,"line":276},[114,655,517],{"class":120},[114,657,520],{"class":131},[114,659,660],{"class":142},"fgets",[114,662,663],{"class":131},"(buf, ",[114,665,666],{"class":120},"sizeof",[114,668,669],{"class":131},"(buf), stdin)) {\n",[114,671,673],{"class":116,"line":672},11,[114,674,675],{"class":539},"    \u002F* fgets() succeeded; scan for newline character *\u002F\n",[114,677,679,682,685,688,690,693,695,697,700,702],{"class":116,"line":678},12,[114,680,681],{"class":138},"    char",[114,683,684],{"class":120}," *",[114,686,687],{"class":131},"p ",[114,689,201],{"class":120},[114,691,692],{"class":142}," strchr",[114,694,663],{"class":131},[114,696,270],{"class":124},[114,698,699],{"class":204},"\\n",[114,701,270],{"class":124},[114,703,704],{"class":131},");\n",[114,706,708,711],{"class":116,"line":707},13,[114,709,710],{"class":120},"    if",[114,712,713],{"class":131}," (p) {\n",[114,715,717,720,722,724,726,728,730],{"class":116,"line":716},14,[114,718,719],{"class":120},"      *",[114,721,687],{"class":131},[114,723,201],{"class":120},[114,725,264],{"class":124},[114,727,267],{"class":204},[114,729,270],{"class":124},[114,731,273],{"class":131},[114,733,735,738,741],{"class":116,"line":734},15,[114,736,737],{"class":131},"    } ",[114,739,740],{"class":120},"else",[114,742,743],{"class":131}," {\n",[114,745,747],{"class":116,"line":746},16,[114,748,749],{"class":539},"      \u002F* Newline not found; flush stdin to end of line *\u002F\n",[114,751,753,756,759,761,764,767,770,772,774,776,779,782,784],{"class":116,"line":752},17,[114,754,755],{"class":120},"      while",[114,757,758],{"class":131}," ((ch ",[114,760,201],{"class":120},[114,762,763],{"class":142}," getchar",[114,765,766],{"class":131},"()) ",[114,768,769],{"class":120},"!=",[114,771,264],{"class":124},[114,773,699],{"class":204},[114,775,270],{"class":124},[114,777,778],{"class":120}," &&",[114,780,781],{"class":131}," ch ",[114,783,769],{"class":120},[114,785,786],{"class":131}," EOF)\n",[114,788,790],{"class":116,"line":789},18,[114,791,792],{"class":131},"        ;\n",[114,794,796,799,802,804,807,809,812,815,818,820,822,825],{"class":116,"line":795},19,[114,797,798],{"class":120},"      if",[114,800,801],{"class":131}," (ch ",[114,803,529],{"class":120},[114,805,806],{"class":131}," EOF ",[114,808,216],{"class":120},[114,810,811],{"class":120}," !",[114,813,814],{"class":142},"feof",[114,816,817],{"class":131},"(stdin) ",[114,819,216],{"class":120},[114,821,811],{"class":120},[114,823,824],{"class":142},"ferror",[114,826,827],{"class":131},"(stdin)) {\n",[114,829,831,834],{"class":116,"line":830},20,[114,832,833],{"class":539},"          \u002F* Character resembles EOF; handle error *\u002F",[114,835,189],{"class":131},[114,837,839],{"class":116,"line":838},21,[114,840,841],{"class":131},"      }\n",[114,843,845],{"class":116,"line":844},22,[114,846,847],{"class":131},"    }\n",[114,849,851,854,856],{"class":116,"line":850},23,[114,852,853],{"class":131},"  } ",[114,855,740],{"class":120},[114,857,743],{"class":131},[114,859,861],{"class":116,"line":860},24,[114,862,863],{"class":539},"    \u002F* fgets() failed; handle error *\u002F\n",[114,865,867],{"class":116,"line":866},25,[114,868,545],{"class":131},[114,870,872],{"class":116,"line":871},26,[114,873,279],{"class":131},[39,875,428,876,878,879,881,882,884,885,887,888,70],{},[90,877,563],{}," function is not a strict replacement for the ",[90,880,424],{}," function because ",[90,883,563],{}," retains the newline character (if read) and may also return a partial line. It is possible to use ",[90,886,563],{}," to safely process input lines too long to store in the destination array, but this is not recommended for performance reasons. Consider using one of the following compliant solutions when replacing ",[90,889,424],{},[72,891,560,893,896],{"id":892},"compliant-solution-getline-posix",[90,894,895],{},"getline()"," , POSIX)",[39,898,428,899,901,902,904,905,907,908,910,911,914,915,917,918,920,921,52],{},[90,900,895],{}," function is similar to the ",[90,903,563],{}," function but can dynamically allocate memory for the input buffer. If passed a null pointer, ",[90,906,895],{}," dynamically allocates a buffer of sufficient size to hold the input. If passed a pointer to dynamically allocated storage that is too small to hold the contents of the string, the ",[90,909,895],{}," function resizes the buffer, using ",[90,912,913],{},"realloc()"," , rather than truncating the input. If successful, the ",[90,916,895],{}," function returns the number of characters read, which can be used to determine if the input has any null characters before the newline. The ",[90,919,895],{}," function works only with dynamically allocated buffers. Allocated memory must be explicitly deallocated by the caller to avoid memory leaks. (See ",[43,922,924],{"href":923},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem31-c","MEM31-C. Free dynamically allocated memory when no longer needed",[101,926,927],{"quality":292},[105,928,930],{"className":107,"code":929,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n#include \u003Cstdlib.h>\n#include \u003Cstring.h>\n \nvoid func(void) {\n  int ch;\n  size_t buffer_size = 32;\n  char *buffer = malloc(buffer_size);\n \n  if (!buffer) {\n    \u002F* Handle error *\u002F\n    return;\n  }\n\n  if ((ssize_t size = getline(&buffer, &buffer_size, stdin))\n        == -1) {\n    \u002F* Handle error *\u002F\n  } else {\n    char *p = strchr(buffer, '\\n');\n    if (p) {\n      *p = '\\0';\n    } else {\n      \u002F* Newline not found; flush stdin to end of line *\u002F\n      while ((ch = getchar()) != '\\n' && ch != EOF)\n        ;\n      if (ch == EOF && !feof(stdin) && !ferror(stdin)) {\n         \u002F* Character resembles EOF; handle error *\u002F\n      }\n    }\n  }\n  free (buffer);\n}\n",[90,931,932,938,945,951,955,967,973,987,1004,1008,1020,1024,1031,1035,1039,1070,1083,1087,1096,1119,1125,1141,1149,1153,1181,1185,1211,1217,1223,1229,1234,1243],{"__ignoreMap":110},[114,933,934,936],{"class":116,"line":117},[114,935,121],{"class":120},[114,937,467],{"class":124},[114,939,940,942],{"class":116,"line":128},[114,941,121],{"class":120},[114,943,944],{"class":124}," \u003Cstdlib.h>\n",[114,946,947,949],{"class":116,"line":135},[114,948,121],{"class":120},[114,950,594],{"class":124},[114,952,953],{"class":116,"line":177},[114,954,132],{"class":131},[114,956,957,959,961,963,965],{"class":116,"line":186},[114,958,139],{"class":138},[114,960,494],{"class":142},[114,962,146],{"class":131},[114,964,139],{"class":138},[114,966,501],{"class":131},[114,968,969,971],{"class":116,"line":192},[114,970,644],{"class":138},[114,972,647],{"class":131},[114,974,975,978,981,983,985],{"class":116,"line":233},[114,976,977],{"class":138},"  size_t",[114,979,980],{"class":131}," buffer_size ",[114,982,201],{"class":120},[114,984,611],{"class":204},[114,986,273],{"class":131},[114,988,989,991,993,996,998,1001],{"class":116,"line":248},[114,990,506],{"class":138},[114,992,684],{"class":120},[114,994,995],{"class":131},"buffer ",[114,997,201],{"class":120},[114,999,1000],{"class":142}," malloc",[114,1002,1003],{"class":131},"(buffer_size);\n",[114,1005,1006],{"class":116,"line":254},[114,1007,132],{"class":131},[114,1009,1010,1012,1014,1017],{"class":116,"line":276},[114,1011,517],{"class":120},[114,1013,520],{"class":131},[114,1015,1016],{"class":120},"!",[114,1018,1019],{"class":131},"buffer) {\n",[114,1021,1022],{"class":116,"line":672},[114,1023,540],{"class":539},[114,1025,1026,1029],{"class":116,"line":678},[114,1027,1028],{"class":120},"    return",[114,1030,273],{"class":131},[114,1032,1033],{"class":116,"line":707},[114,1034,545],{"class":131},[114,1036,1037],{"class":116,"line":716},[114,1038,487],{"emptyLinePlaceholder":7},[114,1040,1041,1043,1046,1049,1052,1054,1057,1059,1062,1065,1067],{"class":116,"line":734},[114,1042,517],{"class":120},[114,1044,1045],{"class":131}," ((",[114,1047,1048],{"class":138},"ssize_t",[114,1050,1051],{"class":131}," size ",[114,1053,201],{"class":120},[114,1055,1056],{"class":142}," getline",[114,1058,146],{"class":131},[114,1060,1061],{"class":120},"&",[114,1063,1064],{"class":131},"buffer, ",[114,1066,1061],{"class":120},[114,1068,1069],{"class":131},"buffer_size, stdin))\n",[114,1071,1072,1075,1078,1081],{"class":116,"line":746},[114,1073,1074],{"class":120},"        ==",[114,1076,1077],{"class":120}," -",[114,1079,1080],{"class":204},"1",[114,1082,501],{"class":131},[114,1084,1085],{"class":116,"line":752},[114,1086,540],{"class":539},[114,1088,1089,1092,1094],{"class":116,"line":789},[114,1090,1091],{"class":131},"  } ",[114,1093,740],{"class":120},[114,1095,743],{"class":131},[114,1097,1098,1100,1102,1104,1106,1108,1111,1113,1115,1117],{"class":116,"line":795},[114,1099,681],{"class":138},[114,1101,684],{"class":120},[114,1103,687],{"class":131},[114,1105,201],{"class":120},[114,1107,692],{"class":142},[114,1109,1110],{"class":131},"(buffer, ",[114,1112,270],{"class":124},[114,1114,699],{"class":204},[114,1116,270],{"class":124},[114,1118,704],{"class":131},[114,1120,1121,1123],{"class":116,"line":830},[114,1122,710],{"class":120},[114,1124,713],{"class":131},[114,1126,1127,1129,1131,1133,1135,1137,1139],{"class":116,"line":838},[114,1128,719],{"class":120},[114,1130,687],{"class":131},[114,1132,201],{"class":120},[114,1134,264],{"class":124},[114,1136,267],{"class":204},[114,1138,270],{"class":124},[114,1140,273],{"class":131},[114,1142,1143,1145,1147],{"class":116,"line":844},[114,1144,737],{"class":131},[114,1146,740],{"class":120},[114,1148,743],{"class":131},[114,1150,1151],{"class":116,"line":850},[114,1152,749],{"class":539},[114,1154,1155,1157,1159,1161,1163,1165,1167,1169,1171,1173,1175,1177,1179],{"class":116,"line":860},[114,1156,755],{"class":120},[114,1158,758],{"class":131},[114,1160,201],{"class":120},[114,1162,763],{"class":142},[114,1164,766],{"class":131},[114,1166,769],{"class":120},[114,1168,264],{"class":124},[114,1170,699],{"class":204},[114,1172,270],{"class":124},[114,1174,778],{"class":120},[114,1176,781],{"class":131},[114,1178,769],{"class":120},[114,1180,786],{"class":131},[114,1182,1183],{"class":116,"line":866},[114,1184,792],{"class":131},[114,1186,1187,1189,1191,1193,1195,1197,1199,1201,1203,1205,1207,1209],{"class":116,"line":871},[114,1188,798],{"class":120},[114,1190,801],{"class":131},[114,1192,529],{"class":120},[114,1194,806],{"class":131},[114,1196,216],{"class":120},[114,1198,811],{"class":120},[114,1200,814],{"class":142},[114,1202,817],{"class":131},[114,1204,216],{"class":120},[114,1206,811],{"class":120},[114,1208,824],{"class":142},[114,1210,827],{"class":131},[114,1212,1214],{"class":116,"line":1213},27,[114,1215,1216],{"class":539},"         \u002F* Character resembles EOF; handle error *\u002F\n",[114,1218,1220],{"class":116,"line":1219},28,[114,1221,1222],{"class":131},"      }\n",[114,1224,1226],{"class":116,"line":1225},29,[114,1227,1228],{"class":131},"    }\n",[114,1230,1232],{"class":116,"line":1231},30,[114,1233,545],{"class":131},[114,1235,1237,1240],{"class":116,"line":1236},31,[114,1238,1239],{"class":142},"  free",[114,1241,1242],{"class":131}," (buffer);\n",[114,1244,1246],{"class":116,"line":1245},32,[114,1247,279],{"class":131},[39,1249,1250,1251,1253,1254,1258,1259,70],{},"Note that the ",[90,1252,895],{}," function uses an ",[43,1255,1257],{"href":1256},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-in-banderrorindicator","in-band error indicator"," , in violation of ",[43,1260,1262],{"href":1261},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr02-c","ERR02-C. Avoid in-band error indicators",[72,1264,421,1266,425],{"id":1265},"noncompliant-code-example-getchar",[90,1267,1268],{},"getchar()",[39,1270,1271,1272,1274,1275,1277,1278,1280,1281,1283],{},"Reading one character at a time provides more flexibility in controlling behavior, though with additional performance overhead. This noncompliant code example uses the ",[90,1273,1268],{}," function to read one character at a time from ",[90,1276,434],{}," instead of reading the entire line at once. The ",[90,1279,434],{}," stream is read until end-of-file is encountered or a newline character is read. Any newline character is discarded, and a null character is written immediately after the last character read into the array. Similar to the noncompliant code example that invokes ",[90,1282,424],{}," , there are no guarantees that this code will not result in a buffer overflow.",[101,1285,1286],{"quality":103},[105,1287,1289],{"className":107,"code":1288,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nenum { BUFFERSIZE = 32 };\n \nvoid func(void) {\n  char buf[BUFFERSIZE];\n  char *p;\n  int ch;\n  p = buf;\n  while ((ch = getchar()) != '\\n' && ch != EOF) {\n    *p++ = (char)ch;\n  }\n  *p++ = 0;\n  if (ch == EOF) {\n      \u002F* Handle EOF or error *\u002F\n  }\n}\n",[90,1290,1291,1297,1301,1313,1317,1329,1337,1346,1352,1362,1392,1411,1415,1430,1440,1445,1449],{"__ignoreMap":110},[114,1292,1293,1295],{"class":116,"line":117},[114,1294,121],{"class":120},[114,1296,467],{"class":124},[114,1298,1299],{"class":116,"line":128},[114,1300,132],{"class":131},[114,1302,1303,1305,1307,1309,1311],{"class":116,"line":135},[114,1304,603],{"class":138},[114,1306,606],{"class":131},[114,1308,201],{"class":120},[114,1310,611],{"class":204},[114,1312,614],{"class":131},[114,1314,1315],{"class":116,"line":177},[114,1316,132],{"class":131},[114,1318,1319,1321,1323,1325,1327],{"class":116,"line":186},[114,1320,139],{"class":138},[114,1322,494],{"class":142},[114,1324,146],{"class":131},[114,1326,139],{"class":138},[114,1328,501],{"class":131},[114,1330,1331,1333,1335],{"class":116,"line":192},[114,1332,506],{"class":138},[114,1334,509],{"class":162},[114,1336,639],{"class":131},[114,1338,1339,1341,1343],{"class":116,"line":233},[114,1340,506],{"class":138},[114,1342,684],{"class":120},[114,1344,1345],{"class":131},"p;\n",[114,1347,1348,1350],{"class":116,"line":248},[114,1349,644],{"class":138},[114,1351,647],{"class":131},[114,1353,1354,1357,1359],{"class":116,"line":254},[114,1355,1356],{"class":131},"  p ",[114,1358,201],{"class":120},[114,1360,1361],{"class":131}," buf;\n",[114,1363,1364,1367,1369,1371,1373,1375,1377,1379,1381,1383,1385,1387,1389],{"class":116,"line":276},[114,1365,1366],{"class":120},"  while",[114,1368,758],{"class":131},[114,1370,201],{"class":120},[114,1372,763],{"class":142},[114,1374,766],{"class":131},[114,1376,769],{"class":120},[114,1378,264],{"class":124},[114,1380,699],{"class":204},[114,1382,270],{"class":124},[114,1384,778],{"class":120},[114,1386,781],{"class":131},[114,1388,769],{"class":120},[114,1390,1391],{"class":131}," EOF) {\n",[114,1393,1394,1397,1399,1401,1404,1406,1408],{"class":116,"line":672},[114,1395,1396],{"class":120},"    *",[114,1398,39],{"class":131},[114,1400,227],{"class":120},[114,1402,1403],{"class":120}," =",[114,1405,520],{"class":131},[114,1407,159],{"class":138},[114,1409,1410],{"class":131},")ch;\n",[114,1412,1413],{"class":116,"line":678},[114,1414,545],{"class":131},[114,1416,1417,1420,1422,1424,1426,1428],{"class":116,"line":707},[114,1418,1419],{"class":120},"  *",[114,1421,39],{"class":131},[114,1423,227],{"class":120},[114,1425,1403],{"class":120},[114,1427,205],{"class":204},[114,1429,273],{"class":131},[114,1431,1432,1434,1436,1438],{"class":116,"line":716},[114,1433,517],{"class":120},[114,1435,801],{"class":131},[114,1437,529],{"class":120},[114,1439,1391],{"class":131},[114,1441,1442],{"class":116,"line":734},[114,1443,1444],{"class":539},"      \u002F* Handle EOF or error *\u002F\n",[114,1446,1447],{"class":116,"line":746},[114,1448,545],{"class":131},[114,1450,1451],{"class":116,"line":752},[114,1452,279],{"class":131},[39,1454,1455,1456,1459,1460,1464,1465,1468,1469,70],{},"After the loop ends, if ",[90,1457,1458],{},"  ch == EOF "," , the loop has read through to the end of the stream without encountering a newline character, or a read error occurred before the loop encountered a newline character. To conform to ",[43,1461,1463],{"href":1462},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio34-c","FIO34-C. Distinguish between characters read from a file and EOF or WEOF"," , the error-handling code must verify that an end-of-file or error has occurred by calling ",[90,1466,1467],{},"feof()"," or ",[90,1470,1471],{},"ferror()",[72,1473,560,1475,425],{"id":1474},"compliant-solution-getchar",[90,1476,1268],{},[39,1478,1479,1480,1482,1483,1486,1487,1490],{},"In this compliant solution, characters are no longer copied to ",[90,1481,573],{}," once ",[90,1484,1485],{},"  index == BUFFERSIZE - 1 "," , leaving room to null-terminate the string. The loop continues to read characters until the end of the line, the end of the file, or an error is encountered. When ",[90,1488,1489],{},"  truncated == true "," , the input string has been truncated.",[101,1492,1493],{"quality":292},[105,1494,1496],{"className":107,"code":1495,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nenum { BUFFERSIZE = 32 };\n\nvoid func(void) {\n  char buf[BUFFERSIZE];\n  int ch;\n  size_t index = 0;\n  bool truncated = false;\n\n  while ((ch = getchar()) != '\\n' && ch != EOF) {\n    if (index \u003C sizeof(buf) - 1) {\n      buf[index++] = (char)ch;\n    } else {\n      truncated = true;\n    }\n  }\n  buf[index] = '\\0';  \u002F* Terminate string *\u002F\n  if (ch == EOF) {\n    \u002F* Handle EOF or error *\u002F\n  }\n  if (truncated) {\n    \u002F* Handle truncation *\u002F\n  }\n}\n",[90,1497,1498,1504,1508,1520,1524,1536,1544,1550,1563,1578,1582,1610,1630,1651,1659,1671,1675,1679,1701,1711,1716,1720,1727,1732,1736],{"__ignoreMap":110},[114,1499,1500,1502],{"class":116,"line":117},[114,1501,121],{"class":120},[114,1503,467],{"class":124},[114,1505,1506],{"class":116,"line":128},[114,1507,132],{"class":131},[114,1509,1510,1512,1514,1516,1518],{"class":116,"line":135},[114,1511,603],{"class":138},[114,1513,606],{"class":131},[114,1515,201],{"class":120},[114,1517,611],{"class":204},[114,1519,614],{"class":131},[114,1521,1522],{"class":116,"line":177},[114,1523,487],{"emptyLinePlaceholder":7},[114,1525,1526,1528,1530,1532,1534],{"class":116,"line":186},[114,1527,139],{"class":138},[114,1529,494],{"class":142},[114,1531,146],{"class":131},[114,1533,139],{"class":138},[114,1535,501],{"class":131},[114,1537,1538,1540,1542],{"class":116,"line":192},[114,1539,506],{"class":138},[114,1541,509],{"class":162},[114,1543,639],{"class":131},[114,1545,1546,1548],{"class":116,"line":233},[114,1547,644],{"class":138},[114,1549,647],{"class":131},[114,1551,1552,1554,1557,1559,1561],{"class":116,"line":248},[114,1553,977],{"class":138},[114,1555,1556],{"class":131}," index ",[114,1558,201],{"class":120},[114,1560,205],{"class":204},[114,1562,273],{"class":131},[114,1564,1565,1568,1571,1573,1576],{"class":116,"line":254},[114,1566,1567],{"class":138},"  bool",[114,1569,1570],{"class":131}," truncated ",[114,1572,201],{"class":120},[114,1574,1575],{"class":204}," false",[114,1577,273],{"class":131},[114,1579,1580],{"class":116,"line":276},[114,1581,487],{"emptyLinePlaceholder":7},[114,1583,1584,1586,1588,1590,1592,1594,1596,1598,1600,1602,1604,1606,1608],{"class":116,"line":672},[114,1585,1366],{"class":120},[114,1587,758],{"class":131},[114,1589,201],{"class":120},[114,1591,763],{"class":142},[114,1593,766],{"class":131},[114,1595,769],{"class":120},[114,1597,264],{"class":124},[114,1599,699],{"class":204},[114,1601,270],{"class":124},[114,1603,778],{"class":120},[114,1605,781],{"class":131},[114,1607,769],{"class":120},[114,1609,1391],{"class":131},[114,1611,1612,1614,1617,1619,1622,1624,1626,1628],{"class":116,"line":678},[114,1613,710],{"class":120},[114,1615,1616],{"class":131}," (index ",[114,1618,221],{"class":120},[114,1620,1621],{"class":120}," sizeof",[114,1623,526],{"class":131},[114,1625,371],{"class":120},[114,1627,374],{"class":204},[114,1629,501],{"class":131},[114,1631,1632,1635,1638,1640,1643,1645,1647,1649],{"class":116,"line":707},[114,1633,1634],{"class":162},"      buf",[114,1636,1637],{"class":131},"[index",[114,1639,227],{"class":120},[114,1641,1642],{"class":131},"] ",[114,1644,201],{"class":120},[114,1646,520],{"class":131},[114,1648,159],{"class":138},[114,1650,1410],{"class":131},[114,1652,1653,1655,1657],{"class":116,"line":716},[114,1654,737],{"class":131},[114,1656,740],{"class":120},[114,1658,743],{"class":131},[114,1660,1661,1664,1666,1669],{"class":116,"line":734},[114,1662,1663],{"class":131},"      truncated ",[114,1665,201],{"class":120},[114,1667,1668],{"class":204}," true",[114,1670,273],{"class":131},[114,1672,1673],{"class":116,"line":746},[114,1674,847],{"class":131},[114,1676,1677],{"class":116,"line":752},[114,1678,545],{"class":131},[114,1680,1681,1684,1687,1689,1691,1693,1695,1698],{"class":116,"line":789},[114,1682,1683],{"class":162},"  buf",[114,1685,1686],{"class":131},"[index] ",[114,1688,201],{"class":120},[114,1690,264],{"class":124},[114,1692,267],{"class":204},[114,1694,270],{"class":124},[114,1696,1697],{"class":131},";",[114,1699,1700],{"class":539},"  \u002F* Terminate string *\u002F\n",[114,1702,1703,1705,1707,1709],{"class":116,"line":795},[114,1704,517],{"class":120},[114,1706,801],{"class":131},[114,1708,529],{"class":120},[114,1710,1391],{"class":131},[114,1712,1713],{"class":116,"line":830},[114,1714,1715],{"class":539},"    \u002F* Handle EOF or error *\u002F\n",[114,1717,1718],{"class":116,"line":838},[114,1719,545],{"class":131},[114,1721,1722,1724],{"class":116,"line":844},[114,1723,517],{"class":120},[114,1725,1726],{"class":131}," (truncated) {\n",[114,1728,1729],{"class":116,"line":850},[114,1730,1731],{"class":539},"    \u002F* Handle truncation *\u002F\n",[114,1733,1734],{"class":116,"line":860},[114,1735,545],{"class":131},[114,1737,1738],{"class":116,"line":866},[114,1739,279],{"class":131},[72,1741,421,1743,425],{"id":1742},"noncompliant-code-example-fscanf",[90,1744,1745],{},"fscanf()",[39,1747,1748,1749,1751,1752,289],{},"In this noncompliant example, the call to ",[90,1750,1745],{}," can result in a write outside the character array ",[90,1753,573],{},[101,1755,1756],{"quality":103},[105,1757,1759],{"className":107,"code":1758,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nenum { BUF_LENGTH = 1024 };\n \nvoid get_data(void) {\n  char buf[BUF_LENGTH];\n  if (1 != fscanf(stdin, \"%s\", buf)) {\n    \u002F* Handle error *\u002F\n  }\n\n  \u002F* Rest of function *\u002F\n}\n",[90,1760,1761,1767,1771,1785,1789,1802,1811,1839,1843,1847,1851,1856],{"__ignoreMap":110},[114,1762,1763,1765],{"class":116,"line":117},[114,1764,121],{"class":120},[114,1766,467],{"class":124},[114,1768,1769],{"class":116,"line":128},[114,1770,132],{"class":131},[114,1772,1773,1775,1778,1780,1783],{"class":116,"line":135},[114,1774,603],{"class":138},[114,1776,1777],{"class":131}," { BUF_LENGTH ",[114,1779,201],{"class":120},[114,1781,1782],{"class":204}," 1024",[114,1784,614],{"class":131},[114,1786,1787],{"class":116,"line":177},[114,1788,132],{"class":131},[114,1790,1791,1793,1796,1798,1800],{"class":116,"line":186},[114,1792,139],{"class":138},[114,1794,1795],{"class":142}," get_data",[114,1797,146],{"class":131},[114,1799,139],{"class":138},[114,1801,501],{"class":131},[114,1803,1804,1806,1808],{"class":116,"line":192},[114,1805,506],{"class":138},[114,1807,509],{"class":162},[114,1809,1810],{"class":131},"[BUF_LENGTH];\n",[114,1812,1813,1815,1817,1819,1822,1825,1828,1831,1834,1836],{"class":116,"line":233},[114,1814,517],{"class":120},[114,1816,520],{"class":131},[114,1818,1080],{"class":204},[114,1820,1821],{"class":120}," !=",[114,1823,1824],{"class":142}," fscanf",[114,1826,1827],{"class":131},"(stdin, ",[114,1829,1830],{"class":124},"\"",[114,1832,1833],{"class":204},"%s",[114,1835,1830],{"class":124},[114,1837,1838],{"class":131},", buf)) {\n",[114,1840,1841],{"class":116,"line":248},[114,1842,540],{"class":539},[114,1844,1845],{"class":116,"line":254},[114,1846,545],{"class":131},[114,1848,1849],{"class":116,"line":276},[114,1850,487],{"emptyLinePlaceholder":7},[114,1852,1853],{"class":116,"line":672},[114,1854,1855],{"class":539},"  \u002F* Rest of function *\u002F\n",[114,1857,1858],{"class":116,"line":678},[114,1859,279],{"class":131},[72,1861,560,1863,425],{"id":1862},"compliant-solution-fscanf",[90,1864,1745],{},[39,1866,1867,1868,1870,1871,289],{},"In this compliant solution, the call to ",[90,1869,1745],{}," is constrained not to overflow ",[90,1872,573],{},[101,1874,1875],{"quality":292},[105,1876,1878],{"className":107,"code":1877,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nenum { BUF_LENGTH = 1024 };\n \nvoid get_data(void) {\n  char buf[BUF_LENGTH];\n  if (1 != fscanf(stdin, \"%1023s\", buf)) {\n    \u002F* Handle error *\u002F\n  }\n\n  \u002F* Rest of function *\u002F\n}\n",[90,1879,1880,1886,1890,1902,1906,1918,1926,1949,1953,1957,1961,1966],{"__ignoreMap":110},[114,1881,1882,1884],{"class":116,"line":117},[114,1883,121],{"class":120},[114,1885,467],{"class":124},[114,1887,1888],{"class":116,"line":128},[114,1889,132],{"class":131},[114,1891,1892,1894,1896,1898,1900],{"class":116,"line":135},[114,1893,603],{"class":138},[114,1895,1777],{"class":131},[114,1897,201],{"class":120},[114,1899,1782],{"class":204},[114,1901,614],{"class":131},[114,1903,1904],{"class":116,"line":177},[114,1905,132],{"class":131},[114,1907,1908,1910,1912,1914,1916],{"class":116,"line":186},[114,1909,139],{"class":138},[114,1911,1795],{"class":142},[114,1913,146],{"class":131},[114,1915,139],{"class":138},[114,1917,501],{"class":131},[114,1919,1920,1922,1924],{"class":116,"line":192},[114,1921,506],{"class":138},[114,1923,509],{"class":162},[114,1925,1810],{"class":131},[114,1927,1928,1930,1932,1934,1936,1938,1940,1942,1945,1947],{"class":116,"line":233},[114,1929,517],{"class":120},[114,1931,520],{"class":131},[114,1933,1080],{"class":204},[114,1935,1821],{"class":120},[114,1937,1824],{"class":142},[114,1939,1827],{"class":131},[114,1941,1830],{"class":124},[114,1943,1944],{"class":204},"%1023s",[114,1946,1830],{"class":124},[114,1948,1838],{"class":131},[114,1950,1951],{"class":116,"line":248},[114,1952,540],{"class":539},[114,1954,1955],{"class":116,"line":254},[114,1956,545],{"class":131},[114,1958,1959],{"class":116,"line":276},[114,1960,487],{"emptyLinePlaceholder":7},[114,1962,1963],{"class":116,"line":672},[114,1964,1965],{"class":539},"  \u002F* Rest of function *\u002F\n",[114,1967,1968],{"class":116,"line":678},[114,1969,279],{"class":131},[72,1971,421,1973,425],{"id":1972},"noncompliant-code-example-argv",[90,1974,1975],{},"argv",[39,1977,1978,1979,1983,1984,1987],{},"In a ",[43,1980,1982],{"href":1981},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-hostedenvironment","hosted environment"," , arguments read from the command line are stored in process memory. The function ",[90,1985,1986],{},"main()"," , called at program startup, is typically declared as follows when the program accepts command-line arguments:",[101,1989,1990],{"quality":103},[105,1991,1993],{"className":107,"code":1992,"language":109,"meta":110,"style":110},"int main(int argc, char *argv[]) { \u002F* ... *\u002F }\n",[90,1994,1995],{"__ignoreMap":110},[114,1996,1997,2000,2003,2005,2007,2010,2012,2014,2016,2018,2021,2024,2027],{"class":116,"line":117},[114,1998,1999],{"class":138},"int",[114,2001,2002],{"class":142}," main",[114,2004,146],{"class":131},[114,2006,1999],{"class":138},[114,2008,2009],{"class":152}," argc",[114,2011,156],{"class":131},[114,2013,159],{"class":138},[114,2015,684],{"class":120},[114,2017,1975],{"class":152},[114,2019,2020],{"class":120},"[]",[114,2022,2023],{"class":131},") {",[114,2025,2026],{"class":539}," \u002F* ... *\u002F",[114,2028,2029],{"class":131}," }\n",[39,2031,2032,2033,2035,2036,2039,2040,2043,2044,2047,2048,2050,2051,2053,2054,2039,2057,2059],{},"Command-line arguments are passed to ",[90,2034,1986],{}," as pointers to strings in the array members ",[90,2037,2038],{},"argv[0]"," through ",[90,2041,2042],{},"  argv[argc - 1] "," . If the value of ",[90,2045,2046],{},"argc"," is greater than 0, the string pointed to by ",[90,2049,2038],{}," is, by convention, the program name. If the value of ",[90,2052,2046],{}," is greater than 1, the strings referenced by ",[90,2055,2056],{},"argv[1]",[90,2058,2042],{}," are the program arguments.",[39,2061,2062,2066,2067,2069],{},[43,2063,2065],{"href":2064},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions#BB.Definitions-vulnerability","Vulnerabilities"," can occur when inadequate space is allocated to copy a command-line argument or other program input. In this noncompliant code example, an attacker can manipulate the contents of ",[90,2068,2038],{}," to cause a buffer overflow:",[101,2071,2072],{"quality":103},[105,2073,2075],{"className":107,"code":2074,"language":109,"meta":110,"style":110},"#include \u003Cstring.h>\n \nint main(int argc, char *argv[]) {\n  \u002F* Ensure argv[0] is not null *\u002F\n  const char *const name = (argc && argv[0]) ? argv[0] : \"\";\n  char prog_name[128];\n  strcpy(prog_name, name);\n \n  return 0;\n}\n",[90,2076,2077,2083,2087,2111,2116,2168,2183,2191,2195,2204],{"__ignoreMap":110},[114,2078,2079,2081],{"class":116,"line":117},[114,2080,121],{"class":120},[114,2082,594],{"class":124},[114,2084,2085],{"class":116,"line":128},[114,2086,132],{"class":131},[114,2088,2089,2091,2093,2095,2097,2099,2101,2103,2105,2107,2109],{"class":116,"line":135},[114,2090,1999],{"class":138},[114,2092,2002],{"class":142},[114,2094,146],{"class":131},[114,2096,1999],{"class":138},[114,2098,2009],{"class":152},[114,2100,156],{"class":131},[114,2102,159],{"class":138},[114,2104,684],{"class":120},[114,2106,1975],{"class":152},[114,2108,2020],{"class":120},[114,2110,501],{"class":131},[114,2112,2113],{"class":116,"line":177},[114,2114,2115],{"class":539},"  \u002F* Ensure argv[0] is not null *\u002F\n",[114,2117,2118,2121,2124,2127,2130,2132,2135,2137,2140,2143,2146,2149,2152,2154,2156,2158,2160,2163,2166],{"class":116,"line":186},[114,2119,2120],{"class":120},"  const",[114,2122,2123],{"class":138}," char",[114,2125,2126],{"class":120}," *const",[114,2128,2129],{"class":131}," name ",[114,2131,201],{"class":120},[114,2133,2134],{"class":131}," (argc ",[114,2136,216],{"class":120},[114,2138,2139],{"class":162}," argv",[114,2141,2142],{"class":131},"[",[114,2144,2145],{"class":204},"0",[114,2147,2148],{"class":131},"]) ",[114,2150,2151],{"class":120},"?",[114,2153,2139],{"class":162},[114,2155,2142],{"class":131},[114,2157,2145],{"class":204},[114,2159,1642],{"class":131},[114,2161,2162],{"class":120},":",[114,2164,2165],{"class":124}," \"\"",[114,2167,273],{"class":131},[114,2169,2170,2172,2175,2177,2180],{"class":116,"line":192},[114,2171,506],{"class":138},[114,2173,2174],{"class":162}," prog_name",[114,2176,2142],{"class":131},[114,2178,2179],{"class":204},"128",[114,2181,2182],{"class":131},"];\n",[114,2184,2185,2188],{"class":116,"line":233},[114,2186,2187],{"class":142},"  strcpy",[114,2189,2190],{"class":131},"(prog_name, name);\n",[114,2192,2193],{"class":116,"line":248},[114,2194,132],{"class":131},[114,2196,2197,2200,2202],{"class":116,"line":254},[114,2198,2199],{"class":120},"  return",[114,2201,205],{"class":204},[114,2203,273],{"class":131},[114,2205,2206],{"class":116,"line":276},[114,2207,279],{"class":131},[72,2209,560,2211,425],{"id":2210},"compliant-solution-argv",[90,2212,1975],{},[39,2214,428,2215,2218,2219,2039,2221,2223],{},[90,2216,2217],{},"strlen()"," function can be used to determine the length of the strings referenced by ",[90,2220,2038],{},[90,2222,2042],{}," so that adequate memory can be dynamically allocated.",[101,2225,2226],{"quality":292},[105,2227,2229],{"className":107,"code":2228,"language":109,"meta":110,"style":110},"#include \u003Cstdlib.h>\n#include \u003Cstring.h>\n \nint main(int argc, char *argv[]) {\n  \u002F* Ensure argv[0] is not null *\u002F\n  const char *const name = (argc && argv[0]) ? argv[0] : \"\";\n  char *prog_name = (char *)malloc(strlen(name) + 1);\n  if (prog_name != NULL) {\n    strcpy(prog_name, name);\n  } else {\n    \u002F* Handle error *\u002F\n  }\n  free(prog_name);\n  return 0;\n}\n",[90,2230,2231,2237,2243,2247,2271,2275,2315,2353,2366,2373,2381,2385,2389,2396,2404],{"__ignoreMap":110},[114,2232,2233,2235],{"class":116,"line":117},[114,2234,121],{"class":120},[114,2236,944],{"class":124},[114,2238,2239,2241],{"class":116,"line":128},[114,2240,121],{"class":120},[114,2242,594],{"class":124},[114,2244,2245],{"class":116,"line":135},[114,2246,132],{"class":131},[114,2248,2249,2251,2253,2255,2257,2259,2261,2263,2265,2267,2269],{"class":116,"line":177},[114,2250,1999],{"class":138},[114,2252,2002],{"class":142},[114,2254,146],{"class":131},[114,2256,1999],{"class":138},[114,2258,2009],{"class":152},[114,2260,156],{"class":131},[114,2262,159],{"class":138},[114,2264,684],{"class":120},[114,2266,1975],{"class":152},[114,2268,2020],{"class":120},[114,2270,501],{"class":131},[114,2272,2273],{"class":116,"line":186},[114,2274,2115],{"class":539},[114,2276,2277,2279,2281,2283,2285,2287,2289,2291,2293,2295,2297,2299,2301,2303,2305,2307,2309,2311,2313],{"class":116,"line":192},[114,2278,2120],{"class":120},[114,2280,2123],{"class":138},[114,2282,2126],{"class":120},[114,2284,2129],{"class":131},[114,2286,201],{"class":120},[114,2288,2134],{"class":131},[114,2290,216],{"class":120},[114,2292,2139],{"class":162},[114,2294,2142],{"class":131},[114,2296,2145],{"class":204},[114,2298,2148],{"class":131},[114,2300,2151],{"class":120},[114,2302,2139],{"class":162},[114,2304,2142],{"class":131},[114,2306,2145],{"class":204},[114,2308,1642],{"class":131},[114,2310,2162],{"class":120},[114,2312,2165],{"class":124},[114,2314,273],{"class":131},[114,2316,2317,2319,2321,2324,2326,2328,2330,2332,2335,2338,2340,2343,2346,2349,2351],{"class":116,"line":233},[114,2318,506],{"class":138},[114,2320,684],{"class":120},[114,2322,2323],{"class":131},"prog_name ",[114,2325,201],{"class":120},[114,2327,520],{"class":131},[114,2329,159],{"class":138},[114,2331,684],{"class":120},[114,2333,2334],{"class":131},")",[114,2336,2337],{"class":142},"malloc",[114,2339,146],{"class":131},[114,2341,2342],{"class":142},"strlen",[114,2344,2345],{"class":131},"(name) ",[114,2347,2348],{"class":120},"+",[114,2350,374],{"class":204},[114,2352,704],{"class":131},[114,2354,2355,2357,2360,2362,2364],{"class":116,"line":248},[114,2356,517],{"class":120},[114,2358,2359],{"class":131}," (prog_name ",[114,2361,769],{"class":120},[114,2363,532],{"class":204},[114,2365,501],{"class":131},[114,2367,2368,2371],{"class":116,"line":254},[114,2369,2370],{"class":142},"    strcpy",[114,2372,2190],{"class":131},[114,2374,2375,2377,2379],{"class":116,"line":276},[114,2376,1091],{"class":131},[114,2378,740],{"class":120},[114,2380,743],{"class":131},[114,2382,2383],{"class":116,"line":672},[114,2384,540],{"class":539},[114,2386,2387],{"class":116,"line":678},[114,2388,545],{"class":131},[114,2390,2391,2393],{"class":116,"line":707},[114,2392,1239],{"class":142},[114,2394,2395],{"class":131},"(prog_name);\n",[114,2397,2398,2400,2402],{"class":116,"line":716},[114,2399,2199],{"class":120},[114,2401,205],{"class":204},[114,2403,273],{"class":131},[114,2405,2406],{"class":116,"line":734},[114,2407,279],{"class":131},[39,2409,2410],{},"Remember to add a byte to the destination string size to accommodate the null-termination character.",[72,2412,560,2414,425],{"id":2413},"compliant-solution-argv-1",[90,2415,1975],{},[39,2417,428,2418,2421,2422,52],{},[90,2419,2420],{},"strcpy_s()"," function provides additional safeguards, including accepting the size of the destination buffer as an additional argument. (See ",[43,2423,2425],{"href":2424},"\u002Fsei-cert-c-coding-standard\u002Fthe-void\u002Fvoid-str07-c-use-the-bounds-checking-interfaces-for-string-manipulation","VOID STR07-C. Use the bounds-checking interfaces for string manipulation",[101,2427,2428],{"quality":292},[105,2429,2431],{"className":107,"code":2430,"language":109,"meta":110,"style":110},"#define __STDC_WANT_LIB_EXT1__ 1\n#include \u003Cstdlib.h>\n#include \u003Cstring.h>\n \nint main(int argc, char *argv[]) {\n  \u002F* Ensure argv[0] is not null *\u002F\n  const char *const name = (argc && argv[0]) ? argv[0] : \"\";\n  char *prog_name;\n  size_t prog_size;\n\n  prog_size = strlen(name) + 1;\n  prog_name = (char *)malloc(prog_size);\n\n  if (prog_name != NULL) {\n    if (strcpy_s(prog_name, prog_size, name)) {\n      \u002F* Handle  error *\u002F\n    }\n  } else {\n    \u002F* Handle error *\u002F\n  }\n  \u002F* ... *\u002F\n  free(prog_name);\n  return 0;\n}\n",[90,2432,2433,2443,2449,2455,2459,2483,2487,2527,2536,2543,2547,2565,2585,2589,2601,2613,2618,2622,2630,2634,2638,2643,2650,2658],{"__ignoreMap":110},[114,2434,2435,2437,2440],{"class":116,"line":117},[114,2436,476],{"class":120},[114,2438,2439],{"class":142}," __STDC_WANT_LIB_EXT1__",[114,2441,2442],{"class":204}," 1\n",[114,2444,2445,2447],{"class":116,"line":128},[114,2446,121],{"class":120},[114,2448,944],{"class":124},[114,2450,2451,2453],{"class":116,"line":135},[114,2452,121],{"class":120},[114,2454,594],{"class":124},[114,2456,2457],{"class":116,"line":177},[114,2458,132],{"class":131},[114,2460,2461,2463,2465,2467,2469,2471,2473,2475,2477,2479,2481],{"class":116,"line":186},[114,2462,1999],{"class":138},[114,2464,2002],{"class":142},[114,2466,146],{"class":131},[114,2468,1999],{"class":138},[114,2470,2009],{"class":152},[114,2472,156],{"class":131},[114,2474,159],{"class":138},[114,2476,684],{"class":120},[114,2478,1975],{"class":152},[114,2480,2020],{"class":120},[114,2482,501],{"class":131},[114,2484,2485],{"class":116,"line":192},[114,2486,2115],{"class":539},[114,2488,2489,2491,2493,2495,2497,2499,2501,2503,2505,2507,2509,2511,2513,2515,2517,2519,2521,2523,2525],{"class":116,"line":233},[114,2490,2120],{"class":120},[114,2492,2123],{"class":138},[114,2494,2126],{"class":120},[114,2496,2129],{"class":131},[114,2498,201],{"class":120},[114,2500,2134],{"class":131},[114,2502,216],{"class":120},[114,2504,2139],{"class":162},[114,2506,2142],{"class":131},[114,2508,2145],{"class":204},[114,2510,2148],{"class":131},[114,2512,2151],{"class":120},[114,2514,2139],{"class":162},[114,2516,2142],{"class":131},[114,2518,2145],{"class":204},[114,2520,1642],{"class":131},[114,2522,2162],{"class":120},[114,2524,2165],{"class":124},[114,2526,273],{"class":131},[114,2528,2529,2531,2533],{"class":116,"line":248},[114,2530,506],{"class":138},[114,2532,684],{"class":120},[114,2534,2535],{"class":131},"prog_name;\n",[114,2537,2538,2540],{"class":116,"line":254},[114,2539,977],{"class":138},[114,2541,2542],{"class":131}," prog_size;\n",[114,2544,2545],{"class":116,"line":276},[114,2546,487],{"emptyLinePlaceholder":7},[114,2548,2549,2552,2554,2557,2559,2561,2563],{"class":116,"line":672},[114,2550,2551],{"class":131},"  prog_size ",[114,2553,201],{"class":120},[114,2555,2556],{"class":142}," strlen",[114,2558,2345],{"class":131},[114,2560,2348],{"class":120},[114,2562,374],{"class":204},[114,2564,273],{"class":131},[114,2566,2567,2570,2572,2574,2576,2578,2580,2582],{"class":116,"line":678},[114,2568,2569],{"class":131},"  prog_name ",[114,2571,201],{"class":120},[114,2573,520],{"class":131},[114,2575,159],{"class":138},[114,2577,684],{"class":120},[114,2579,2334],{"class":131},[114,2581,2337],{"class":142},[114,2583,2584],{"class":131},"(prog_size);\n",[114,2586,2587],{"class":116,"line":707},[114,2588,487],{"emptyLinePlaceholder":7},[114,2590,2591,2593,2595,2597,2599],{"class":116,"line":716},[114,2592,517],{"class":120},[114,2594,2359],{"class":131},[114,2596,769],{"class":120},[114,2598,532],{"class":204},[114,2600,501],{"class":131},[114,2602,2603,2605,2607,2610],{"class":116,"line":734},[114,2604,710],{"class":120},[114,2606,520],{"class":131},[114,2608,2609],{"class":142},"strcpy_s",[114,2611,2612],{"class":131},"(prog_name, prog_size, name)) {\n",[114,2614,2615],{"class":116,"line":746},[114,2616,2617],{"class":539},"      \u002F* Handle  error *\u002F\n",[114,2619,2620],{"class":116,"line":752},[114,2621,847],{"class":131},[114,2623,2624,2626,2628],{"class":116,"line":789},[114,2625,1091],{"class":131},[114,2627,740],{"class":120},[114,2629,743],{"class":131},[114,2631,2632],{"class":116,"line":795},[114,2633,540],{"class":539},[114,2635,2636],{"class":116,"line":830},[114,2637,545],{"class":131},[114,2639,2640],{"class":116,"line":838},[114,2641,2642],{"class":539},"  \u002F* ... *\u002F\n",[114,2644,2645,2648],{"class":116,"line":844},[114,2646,2647],{"class":142},"  free",[114,2649,2395],{"class":131},[114,2651,2652,2654,2656],{"class":116,"line":850},[114,2653,2199],{"class":120},[114,2655,205],{"class":204},[114,2657,273],{"class":131},[114,2659,2660],{"class":116,"line":860},[114,2661,279],{"class":131},[39,2663,428,2664,2666,2667,2669],{},[90,2665,2420],{}," function can be used to copy data to or from dynamically allocated memory or a statically allocated array. If insufficient space is available, ",[90,2668,2420],{}," returns an error.",[72,2671,560,2673,425],{"id":2672},"compliant-solution-argv-2",[90,2674,1975],{},[39,2676,2677,2678,2680],{},"If an argument will not be modified or concatenated, there is no reason to make a copy of the string. Not copying a string is the best way to prevent a buffer overflow and is also the most efficient solution. Care must be taken to avoid assuming that ",[90,2679,2038],{}," is non-null.",[101,2682,2683],{"quality":292},[105,2684,2686],{"className":107,"code":2685,"language":109,"meta":110,"style":110},"int main(int argc, char *argv[]) {\n  \u002F* Ensure argv[0] is not null *\u002F\n  const char * const prog_name = (argc && argv[0]) ? argv[0] : \"\";\n  \u002F* ... *\u002F\n  return 0;\n}\n",[90,2687,2688,2712,2716,2760,2764,2772],{"__ignoreMap":110},[114,2689,2690,2692,2694,2696,2698,2700,2702,2704,2706,2708,2710],{"class":116,"line":117},[114,2691,1999],{"class":138},[114,2693,2002],{"class":142},[114,2695,146],{"class":131},[114,2697,1999],{"class":138},[114,2699,2009],{"class":152},[114,2701,156],{"class":131},[114,2703,159],{"class":138},[114,2705,684],{"class":120},[114,2707,1975],{"class":152},[114,2709,2020],{"class":120},[114,2711,501],{"class":131},[114,2713,2714],{"class":116,"line":128},[114,2715,2115],{"class":539},[114,2717,2718,2720,2722,2724,2727,2730,2732,2734,2736,2738,2740,2742,2744,2746,2748,2750,2752,2754,2756,2758],{"class":116,"line":135},[114,2719,2120],{"class":120},[114,2721,2123],{"class":138},[114,2723,684],{"class":120},[114,2725,2726],{"class":120}," const",[114,2728,2729],{"class":131}," prog_name ",[114,2731,201],{"class":120},[114,2733,2134],{"class":131},[114,2735,216],{"class":120},[114,2737,2139],{"class":162},[114,2739,2142],{"class":131},[114,2741,2145],{"class":204},[114,2743,2148],{"class":131},[114,2745,2151],{"class":120},[114,2747,2139],{"class":162},[114,2749,2142],{"class":131},[114,2751,2145],{"class":204},[114,2753,1642],{"class":131},[114,2755,2162],{"class":120},[114,2757,2165],{"class":124},[114,2759,273],{"class":131},[114,2761,2762],{"class":116,"line":177},[114,2763,2642],{"class":539},[114,2765,2766,2768,2770],{"class":116,"line":186},[114,2767,2199],{"class":120},[114,2769,205],{"class":204},[114,2771,273],{"class":131},[114,2773,2774],{"class":116,"line":192},[114,2775,279],{"class":131},[72,2777,421,2779,425],{"id":2778},"noncompliant-code-example-getenv",[90,2780,2781],{},"getenv()",[39,2783,2784,2785,2789],{},"According to the C Standard, 7.22.4.6 [ ",[43,2786,2788],{"href":2787},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO-IEC9899-2011","ISO\u002FIEC 9899:2011"," ]",[2791,2792,2793],"blockquote",{},[39,2794,428,2795,2798,2799,2802],{},[90,2796,2797],{},"getenv"," function searches an environment list, provided by the host environment, for a string that matches the string pointed to by ",[90,2800,2801],{},"name"," . The set of environment names and the method for altering the environment list are implementation defined.",[39,2804,2805],{},"Environment variables can be arbitrarily large, and copying them into fixed-length arrays without first determining the size and allocating adequate storage can result in a buffer overflow.",[101,2807,2808],{"quality":103},[105,2809,2811],{"className":107,"code":2810,"language":109,"meta":110,"style":110},"#include \u003Cstdlib.h>\n#include \u003Cstring.h>\n \nvoid func(void) {\n  char buff[256];\n  char *editor = getenv(\"EDITOR\");\n  if (editor == NULL) {\n    \u002F* EDITOR environment variable not set *\u002F\n  } else {\n    strcpy(buff, editor);\n  }\n}\n",[90,2812,2813,2819,2825,2829,2841,2855,2876,2889,2894,2902,2909,2913],{"__ignoreMap":110},[114,2814,2815,2817],{"class":116,"line":117},[114,2816,121],{"class":120},[114,2818,944],{"class":124},[114,2820,2821,2823],{"class":116,"line":128},[114,2822,121],{"class":120},[114,2824,594],{"class":124},[114,2826,2827],{"class":116,"line":135},[114,2828,132],{"class":131},[114,2830,2831,2833,2835,2837,2839],{"class":116,"line":177},[114,2832,139],{"class":138},[114,2834,494],{"class":142},[114,2836,146],{"class":131},[114,2838,139],{"class":138},[114,2840,501],{"class":131},[114,2842,2843,2845,2848,2850,2853],{"class":116,"line":186},[114,2844,506],{"class":138},[114,2846,2847],{"class":162}," buff",[114,2849,2142],{"class":131},[114,2851,2852],{"class":204},"256",[114,2854,2182],{"class":131},[114,2856,2857,2859,2861,2864,2866,2869,2871,2874],{"class":116,"line":192},[114,2858,506],{"class":138},[114,2860,684],{"class":120},[114,2862,2863],{"class":131},"editor ",[114,2865,201],{"class":120},[114,2867,2868],{"class":142}," getenv",[114,2870,146],{"class":131},[114,2872,2873],{"class":124},"\"EDITOR\"",[114,2875,704],{"class":131},[114,2877,2878,2880,2883,2885,2887],{"class":116,"line":233},[114,2879,517],{"class":120},[114,2881,2882],{"class":131}," (editor ",[114,2884,529],{"class":120},[114,2886,532],{"class":204},[114,2888,501],{"class":131},[114,2890,2891],{"class":116,"line":248},[114,2892,2893],{"class":539},"    \u002F* EDITOR environment variable not set *\u002F\n",[114,2895,2896,2898,2900],{"class":116,"line":254},[114,2897,1091],{"class":131},[114,2899,740],{"class":120},[114,2901,743],{"class":131},[114,2903,2904,2906],{"class":116,"line":276},[114,2905,2370],{"class":142},[114,2907,2908],{"class":131},"(buff, editor);\n",[114,2910,2911],{"class":116,"line":672},[114,2912,545],{"class":131},[114,2914,2915],{"class":116,"line":678},[114,2916,279],{"class":131},[72,2918,560,2920,425],{"id":2919},"compliant-solution-getenv",[90,2921,2781],{},[39,2923,2924,2925,2927],{},"Environmental variables are loaded into process memory when the program is loaded. As a result, the length of these strings can be determined by calling the ",[90,2926,2217],{}," function, and the resulting length can be used to allocate adequate dynamic memory:",[101,2929,2930],{"quality":292},[105,2931,2933],{"className":107,"code":2932,"language":109,"meta":110,"style":110},"#include \u003Cstdlib.h>\n#include \u003Cstring.h>\n \nvoid func(void) {\n  char *buff;\n  char *editor = getenv(\"EDITOR\");\n  if (editor == NULL) {\n    \u002F* EDITOR environment variable not set *\u002F\n  } else {\n    size_t len = strlen(editor) + 1;\n    buff = (char *)malloc(len);\n    if (buff == NULL) {\n      \u002F* Handle error *\u002F\n    }  \n    memcpy(buff, editor, len);\n    free(buff);\n  }\n}\n",[90,2934,2935,2941,2947,2951,2963,2972,2990,3002,3006,3014,3035,3055,3068,3073,3078,3086,3094,3098],{"__ignoreMap":110},[114,2936,2937,2939],{"class":116,"line":117},[114,2938,121],{"class":120},[114,2940,944],{"class":124},[114,2942,2943,2945],{"class":116,"line":128},[114,2944,121],{"class":120},[114,2946,594],{"class":124},[114,2948,2949],{"class":116,"line":135},[114,2950,132],{"class":131},[114,2952,2953,2955,2957,2959,2961],{"class":116,"line":177},[114,2954,139],{"class":138},[114,2956,494],{"class":142},[114,2958,146],{"class":131},[114,2960,139],{"class":138},[114,2962,501],{"class":131},[114,2964,2965,2967,2969],{"class":116,"line":186},[114,2966,506],{"class":138},[114,2968,684],{"class":120},[114,2970,2971],{"class":131},"buff;\n",[114,2973,2974,2976,2978,2980,2982,2984,2986,2988],{"class":116,"line":192},[114,2975,506],{"class":138},[114,2977,684],{"class":120},[114,2979,2863],{"class":131},[114,2981,201],{"class":120},[114,2983,2868],{"class":142},[114,2985,146],{"class":131},[114,2987,2873],{"class":124},[114,2989,704],{"class":131},[114,2991,2992,2994,2996,2998,3000],{"class":116,"line":233},[114,2993,517],{"class":120},[114,2995,2882],{"class":131},[114,2997,529],{"class":120},[114,2999,532],{"class":204},[114,3001,501],{"class":131},[114,3003,3004],{"class":116,"line":248},[114,3005,2893],{"class":539},[114,3007,3008,3010,3012],{"class":116,"line":254},[114,3009,1091],{"class":131},[114,3011,740],{"class":120},[114,3013,743],{"class":131},[114,3015,3016,3019,3022,3024,3026,3029,3031,3033],{"class":116,"line":276},[114,3017,3018],{"class":138},"    size_t",[114,3020,3021],{"class":131}," len ",[114,3023,201],{"class":120},[114,3025,2556],{"class":142},[114,3027,3028],{"class":131},"(editor) ",[114,3030,2348],{"class":120},[114,3032,374],{"class":204},[114,3034,273],{"class":131},[114,3036,3037,3040,3042,3044,3046,3048,3050,3052],{"class":116,"line":672},[114,3038,3039],{"class":131},"    buff ",[114,3041,201],{"class":120},[114,3043,520],{"class":131},[114,3045,159],{"class":138},[114,3047,684],{"class":120},[114,3049,2334],{"class":131},[114,3051,2337],{"class":142},[114,3053,3054],{"class":131},"(len);\n",[114,3056,3057,3059,3062,3064,3066],{"class":116,"line":678},[114,3058,710],{"class":120},[114,3060,3061],{"class":131}," (buff ",[114,3063,529],{"class":120},[114,3065,532],{"class":204},[114,3067,501],{"class":131},[114,3069,3070],{"class":116,"line":707},[114,3071,3072],{"class":539},"      \u002F* Handle error *\u002F\n",[114,3074,3075],{"class":116,"line":716},[114,3076,3077],{"class":131},"    }  \n",[114,3079,3080,3083],{"class":116,"line":734},[114,3081,3082],{"class":142},"    memcpy",[114,3084,3085],{"class":131},"(buff, editor, len);\n",[114,3087,3088,3091],{"class":116,"line":746},[114,3089,3090],{"class":142},"    free",[114,3092,3093],{"class":131},"(buff);\n",[114,3095,3096],{"class":116,"line":752},[114,3097,545],{"class":131},[114,3099,3100],{"class":116,"line":789},[114,3101,279],{"class":131},[72,3103,421,3105,425],{"id":3104},"noncompliant-code-example-sprintf",[90,3106,3107],{},"sprintf()",[39,3109,3110,3111,3113],{},"In this noncompliant code example, ",[90,3112,2801],{}," refers to an external string; it could have originated from user input, the file system, or the network. The program constructs a file name from the string in preparation for opening the file.",[101,3115,3116],{"quality":103},[105,3117,3119],{"className":107,"code":3118,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nvoid func(const char *name) {\n  char filename[128];\n  sprintf(filename, \"%s.txt\", name);\n}\n",[90,3120,3121,3127,3131,3150,3163,3181],{"__ignoreMap":110},[114,3122,3123,3125],{"class":116,"line":117},[114,3124,121],{"class":120},[114,3126,467],{"class":124},[114,3128,3129],{"class":116,"line":128},[114,3130,132],{"class":131},[114,3132,3133,3135,3137,3139,3142,3144,3146,3148],{"class":116,"line":135},[114,3134,139],{"class":138},[114,3136,494],{"class":142},[114,3138,146],{"class":131},[114,3140,3141],{"class":120},"const",[114,3143,2123],{"class":138},[114,3145,684],{"class":120},[114,3147,2801],{"class":152},[114,3149,501],{"class":131},[114,3151,3152,3154,3157,3159,3161],{"class":116,"line":177},[114,3153,506],{"class":138},[114,3155,3156],{"class":162}," filename",[114,3158,2142],{"class":131},[114,3160,2179],{"class":204},[114,3162,2182],{"class":131},[114,3164,3165,3168,3171,3173,3175,3178],{"class":116,"line":186},[114,3166,3167],{"class":142},"  sprintf",[114,3169,3170],{"class":131},"(filename, ",[114,3172,1830],{"class":124},[114,3174,1833],{"class":204},[114,3176,3177],{"class":124},".txt\"",[114,3179,3180],{"class":131},", name);\n",[114,3182,3183],{"class":116,"line":192},[114,3184,279],{"class":131},[39,3186,3187,3188,3190,3191,3193],{},"Because the ",[90,3189,3107],{}," function makes no guarantees regarding the length of the generated string, a sufficiently long string in ",[90,3192,2801],{}," could generate a buffer overflow.",[72,3195,560,3197,425],{"id":3196},"compliant-solution-sprintf",[90,3198,3107],{},[39,3200,3201,3202,3204,3205,3208,3209,3212,3213,3215,3216,3219],{},"The buffer overflow in the preceding noncompliant example can be prevented by adding a precision to the ",[90,3203,1833],{}," conversion specification. If the precision is specified, no more than that many bytes are written. The precision ",[90,3206,3207],{},"123"," in this compliant solution ensures that ",[90,3210,3211],{},"filename"," can contain the first 123 characters of ",[90,3214,2801],{}," , the ",[90,3217,3218],{},".txt"," extension, and the null terminator.",[101,3221,3222],{"quality":292},[105,3223,3225],{"className":107,"code":3224,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nvoid func(const char *name) {\n  char filename[128];\n  sprintf(filename, \"%.123s.txt\", name);\n}\n",[90,3226,3227,3233,3237,3255,3267,3282],{"__ignoreMap":110},[114,3228,3229,3231],{"class":116,"line":117},[114,3230,121],{"class":120},[114,3232,467],{"class":124},[114,3234,3235],{"class":116,"line":128},[114,3236,132],{"class":131},[114,3238,3239,3241,3243,3245,3247,3249,3251,3253],{"class":116,"line":135},[114,3240,139],{"class":138},[114,3242,494],{"class":142},[114,3244,146],{"class":131},[114,3246,3141],{"class":120},[114,3248,2123],{"class":138},[114,3250,684],{"class":120},[114,3252,2801],{"class":152},[114,3254,501],{"class":131},[114,3256,3257,3259,3261,3263,3265],{"class":116,"line":177},[114,3258,506],{"class":138},[114,3260,3156],{"class":162},[114,3262,2142],{"class":131},[114,3264,2179],{"class":204},[114,3266,2182],{"class":131},[114,3268,3269,3271,3273,3275,3278,3280],{"class":116,"line":186},[114,3270,3167],{"class":142},[114,3272,3170],{"class":131},[114,3274,1830],{"class":124},[114,3276,3277],{"class":204},"%.123s",[114,3279,3177],{"class":124},[114,3281,3180],{"class":131},[114,3283,3284],{"class":116,"line":192},[114,3285,279],{"class":131},[39,3287,3288,3289,3292],{},"You can also use ",[90,3290,3291],{},"*"," to indicate that the precision should be provided as a variadic argument:",[101,3294,3295],{"quality":292},[105,3296,3298],{"className":107,"code":3297,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nvoid func(const char *name) {\n  char filename[128];\n  sprintf(filename, \"%.*s.txt\", sizeof(filename) - 5, name);\n}\n",[90,3299,3300,3306,3310,3328,3340,3367],{"__ignoreMap":110},[114,3301,3302,3304],{"class":116,"line":117},[114,3303,121],{"class":120},[114,3305,467],{"class":124},[114,3307,3308],{"class":116,"line":128},[114,3309,132],{"class":131},[114,3311,3312,3314,3316,3318,3320,3322,3324,3326],{"class":116,"line":135},[114,3313,139],{"class":138},[114,3315,494],{"class":142},[114,3317,146],{"class":131},[114,3319,3141],{"class":120},[114,3321,2123],{"class":138},[114,3323,684],{"class":120},[114,3325,2801],{"class":152},[114,3327,501],{"class":131},[114,3329,3330,3332,3334,3336,3338],{"class":116,"line":177},[114,3331,506],{"class":138},[114,3333,3156],{"class":162},[114,3335,2142],{"class":131},[114,3337,2179],{"class":204},[114,3339,2182],{"class":131},[114,3341,3342,3344,3346,3348,3351,3353,3355,3357,3360,3362,3365],{"class":116,"line":186},[114,3343,3167],{"class":142},[114,3345,3170],{"class":131},[114,3347,1830],{"class":124},[114,3349,3350],{"class":204},"%.*s",[114,3352,3177],{"class":124},[114,3354,156],{"class":131},[114,3356,666],{"class":120},[114,3358,3359],{"class":131},"(filename) ",[114,3361,371],{"class":120},[114,3363,3364],{"class":204}," 5",[114,3366,3180],{"class":131},[114,3368,3369],{"class":116,"line":192},[114,3370,279],{"class":131},[72,3372,560,3374,425],{"id":3373},"compliant-solution-snprintf",[90,3375,3376],{},"snprintf()",[39,3378,3379,3380,3382,3383,3385,3386,70],{},"A more general solution is to use the ",[90,3381,3376],{}," function, which also truncates ",[90,3384,2801],{}," if it will not fit in the ",[90,3387,3211],{},[101,3389,3390],{"quality":292},[105,3391,3393],{"className":107,"code":3392,"language":109,"meta":110,"style":110},"#include \u003Cstdio.h>\n \nvoid func(const char *name) {\n  char filename[128];\n  int result = snprintf(filename, sizeof(filename), \"%s.txt\", name);\n  if (result != strlen(filename) {\n    \u002F* truncation occurred *\u002F\n  }\n}\n",[90,3394,3395,3401,3405,3423,3435,3462,3476,3481,3485],{"__ignoreMap":110},[114,3396,3397,3399],{"class":116,"line":117},[114,3398,121],{"class":120},[114,3400,467],{"class":124},[114,3402,3403],{"class":116,"line":128},[114,3404,132],{"class":131},[114,3406,3407,3409,3411,3413,3415,3417,3419,3421],{"class":116,"line":135},[114,3408,139],{"class":138},[114,3410,494],{"class":142},[114,3412,146],{"class":131},[114,3414,3141],{"class":120},[114,3416,2123],{"class":138},[114,3418,684],{"class":120},[114,3420,2801],{"class":152},[114,3422,501],{"class":131},[114,3424,3425,3427,3429,3431,3433],{"class":116,"line":177},[114,3426,506],{"class":138},[114,3428,3156],{"class":162},[114,3430,2142],{"class":131},[114,3432,2179],{"class":204},[114,3434,2182],{"class":131},[114,3436,3437,3439,3442,3444,3447,3449,3451,3454,3456,3458,3460],{"class":116,"line":186},[114,3438,644],{"class":138},[114,3440,3441],{"class":131}," result ",[114,3443,201],{"class":120},[114,3445,3446],{"class":142}," snprintf",[114,3448,3170],{"class":131},[114,3450,666],{"class":120},[114,3452,3453],{"class":131},"(filename), ",[114,3455,1830],{"class":124},[114,3457,1833],{"class":204},[114,3459,3177],{"class":124},[114,3461,3180],{"class":131},[114,3463,3464,3466,3469,3471,3473],{"class":116,"line":192},[114,3465,517],{"class":120},[114,3467,3468],{"class":131}," (result ",[114,3470,769],{"class":120},[114,3472,2556],{"class":142},[114,3474,3475],{"class":131},"(filename) {\n",[114,3477,3478],{"class":116,"line":233},[114,3479,3480],{"class":539},"    \u002F* truncation occurred *\u002F\n",[114,3482,3483],{"class":116,"line":248},[114,3484,545],{"class":131},[114,3486,3487],{"class":116,"line":254},[114,3488,279],{"class":131},[72,3490,3492],{"id":3491},"risk-assessment","Risk Assessment",[39,3494,3495],{},"Copying string data to a buffer that is too small to hold that data results in a buffer overflow. Attackers can exploit this condition to execute arbitrary code with the permissions of the vulnerable process.",[3497,3498,3499,3500,3499,3530],"table",{},"\n  ",[3501,3502,3503,3504,3499],"thead",{},"\n    ",[3505,3506,3507,3508,3507,3512,3507,3515,3507,3518,3507,3521,3507,3524,3507,3527,3503],"tr",{},"\n      ",[3509,3510,3511],"th",{},"Rule",[3509,3513,3514],{},"Severity",[3509,3516,3517],{},"Likelihood",[3509,3519,3520],{},"Detectable",[3509,3522,3523],{},"Repairable",[3509,3525,3526],{},"Priority",[3509,3528,3529],{},"Level",[3531,3532,3503,3533,3499],"tbody",{},[3505,3534,3507,3535,3507,3539,3507,3542,3507,3545,3507,3548,3507,3550,3507,3557,3503],{},[3536,3537,3538],"td",{},"STR31-C",[3536,3540,3541],{},"High",[3536,3543,3544],{},"Likely",[3536,3546,3547],{},"No",[3536,3549,3547],{},[3536,3551,3553],{"style":3552},"color: #f1c40f;",[3554,3555,3556],"b",{},"P9",[3536,3558,3559],{"style":3552},[3554,3560,3561],{},"L2",[3563,3564,3566],"h3",{"id":3565},"automated-detection","Automated Detection",[39,3568,3569],{},"Array access out of bounds, Buffer overflow from incorrect string format specifier, Destination buffer overflow in string manipulation, Invalid use of standard library string routine, Missing null in string array, Pointer access out of bounds, Tainted NULL or non-null-terminated string, Use of dangerous standard function",[3497,3571,3574],{"className":3572},[3573],"wrapped",[3531,3575,3576,3600,3646,3675,3726,3758,3800,3828,3866,3902,3931,3986,4015,4067,4115,4150,4190,4221],{},[3505,3577,3580,3585,3590,3595],{"className":3578},[3579],"header",[3509,3581,3582],{},[39,3583,3584],{},"Tool",[3509,3586,3587],{},[39,3588,3589],{},"Version",[3509,3591,3592],{},[39,3593,3594],{},"Checker",[3509,3596,3597],{},[39,3598,3599],{},"Description",[3505,3601,3604,3610,3618,3643],{"className":3602},[3603],"odd",[3536,3605,3606],{},[43,3607,3609],{"href":3608},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fastree","Astrée",[3536,3611,3612],{},[3613,3614,3617],"div",{"className":3615},[3616],"content-wrapper","25.10",[3536,3619,3620],{},[39,3621,3622,3629,3630,3629,3635,3629,3640],{},[3623,3624,3625,3626],"strong",{},"bad-function-use",[3627,3628],"br",{}," ",[3623,3631,3632,3633],{},"stdlib-string-size",[3627,3634],{},[3623,3636,3637,3638],{},"strcpy-limits",[3627,3639],{},[3623,3641,3642],{},"string-initializer-null",[3536,3644,3645],{},"Partially checked + soundly supported",[3505,3647,3650,3656,3659,3664],{"className":3648},[3649],"even",[3536,3651,3652],{},[43,3653,3655],{"href":3654},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Faxivion-bauhaus-suite","Axivion Bauhaus Suite",[3536,3657,3658],{},"7.2.0",[3536,3660,3661],{},[3623,3662,3663],{},"CertC-STR31",[3536,3665,3666],{},[39,3667,3668,3669,3671,3672],{},"Detects calls to unsafe string function that may cause buffer overflow",[3627,3670],{},"\nDetects potential buffer overruns, including those caused by unsafe usage of ",[90,3673,3674],{},"       fscanf()      ",[3505,3676,3678,3684,3690,3712],{"className":3677},[3603],[3536,3679,3680],{},[43,3681,3683],{"href":3682},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodesonar","CodeSonar",[3536,3685,3686],{},[3613,3687,3689],{"className":3688},[3616],"9.1p0",[3536,3691,3692],{},[39,3693,3694,3629,3699,3629,3704,3629,3709],{},[3623,3695,3696,3697],{},"LANG.MEM.BO",[3627,3698],{},[3623,3700,3701,3702],{},"LANG.MEM.TO",[3627,3703],{},[3623,3705,3706,3707],{},"MISC.MEM.NTERM",[3627,3708],{},[3623,3710,3711],{},"BADFUNC.BO.*",[3536,3713,3714],{},[39,3715,3716,3717,3719,3720,3722,3723,3725],{},"Buffer overrun",[3627,3718],{},"\nType overrun",[3627,3721],{},"\nNo space for null terminator",[3627,3724],{},"\nA collection of warning classes that report uses of library functions prone to internal buffer overflows",[3505,3727,3729,3737,3743,3749],{"className":3728},[3649],[3536,3730,3731],{},[39,3732,3733],{},[43,3734,3736],{"href":3735},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FRose","Compass\u002FROSE",[3536,3738,3739],{},[39,3740,3741],{},[3627,3742],{},[3536,3744,3745],{},[39,3746,3747],{},[3627,3748],{},[3536,3750,3751],{},[39,3752,3753,3754,3757],{},"Can detect violations of the rule. However, it is unable to handle cases involving ",[90,3755,3756],{},"       strcpy_s()      "," or manual string copies such as the one in the first example",[3505,3759,3761,3767,3773,3795],{"className":3760},[3603],[3536,3762,3763],{},[43,3764,3766],{"href":3765},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FCoverity","Coverity",[3536,3768,3769],{},[3613,3770,3772],{"className":3771},[3616],"2017.07",[3536,3774,3775,3780,3785,3790],{},[39,3776,3777],{},[3623,3778,3779],{},"STRING_OVERFLOW",[39,3781,3782],{},[3623,3783,3784],{},"BUFFER_SIZE",[39,3786,3787],{},[3623,3788,3789],{},"OVERRUN",[39,3791,3792],{},[3623,3793,3794],{},"STRING_SIZE",[3536,3796,3797],{},[39,3798,3799],{},"Fully implemented",[3505,3801,3803,3811,3816,3822],{"className":3802},[3649],[3536,3804,3805],{},[39,3806,3807],{},[43,3808,3810],{"href":3809},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FFortify","Fortify SCA",[3536,3812,3813],{},[39,3814,3815],{},"5.0",[3536,3817,3818],{},[39,3819,3820],{},[3627,3821],{},[3536,3823,3824],{},[39,3825,3826],{},[3627,3827],{},[3505,3829,3831,3837,3845,3862],{"className":3830},[3603],[3536,3832,3833],{},[43,3834,3836],{"href":3835},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fhelix-qac","Helix QAC",[3536,3838,3839],{},[3613,3840,3842],{"className":3841},[3616],[39,3843,3844],{},"2025.2",[3536,3846,3847,3852,3857],{},[39,3848,3849],{},[3623,3850,3851],{},"C2840,  C5009, C5038",[39,3853,3854],{},[3623,3855,3856],{},"C++0145, C++5009, C++5038",[39,3858,3859],{},[3623,3860,3861],{},"DF2840, DF2841, DF2842, DF2843, DF2845, DF2846, DF2847, DF2848, DF2930, DF2931, DF2932, DF2933, DF2935, DF2936, DF2937, DF2938, DF3581, DF3582, DF3583, DF3586, DF3587, DF3589",[3536,3863,3864],{},[3627,3865],{},[3505,3867,3869,3877,3884,3896],{"className":3868},[3649],[3536,3870,3871],{},[39,3872,3873],{},[43,3874,3876],{"href":3875},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fklocwork","Klocwork",[3536,3878,3879],{},[3613,3880,3882],{"className":3881},[3616],[39,3883,3844],{},[3536,3885,3886],{},[39,3887,3888,3891,3893],{},[3623,3889,3890],{},"SV.FMT_STR.BAD_SCAN_FORMAT",[3627,3892],{},[3623,3894,3895],{},"SV.UNBOUND_STRING_INPUT.FUNC",[3536,3897,3898],{},[39,3899,3900],{},[3627,3901],{},[3505,3903,3905,3913,3919,3926],{"className":3904},[3603],[3536,3906,3907],{},[39,3908,3909],{},[43,3910,3912],{"href":3911},"\u002Fsei-cert-c-coding-standard\u002Fthe-void\u002Fvoid-cert-c-rules-implemented-in-the-ldra-tool-suite","LDRA tool suite",[3536,3914,3915],{},[3613,3916,3918],{"className":3917},[3616],"9.7.1",[3536,3920,3921],{},[39,3922,3923],{},[3623,3924,3925],{},"489 S, 109 D, 66 X, 70 X, 71 X",[3536,3927,3928],{},[39,3929,3930],{},"Partially implemented",[3505,3932,3934,3940,3942,3969],{"className":3933},[3649],[3536,3935,3936],{},[43,3937,3939],{"href":3938},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fparasoft","Parasoft C\u002FC++test",[3536,3941,3844],{},[3536,3943,3944],{},[39,3945,3946,3949,3951,3954,3956,3959,3961,3964,3966],{},[3623,3947,3948],{},"CERT_C-STR31-a",[3627,3950],{},[3623,3952,3953],{},"CERT_C-STR31-b",[3627,3955],{},[3623,3957,3958],{},"CERT_C-STR31-c",[3627,3960],{},[3623,3962,3963],{},"CERT_C-STR31-d",[3627,3965],{},[3623,3967,3968],{},"CERT_C-STR31-e",[3536,3970,3971],{},[39,3972,3973,3974,3976,3977,3979,3980,3982,3983,3985],{},"Avoid accessing arrays out of bounds",[3627,3975],{},"\nAvoid overflow when writing to a buffer",[3627,3978],{},"\nPrevent buffer overflows from tainted data",[3627,3981],{},"\nAvoid buffer write overflow from tainted data",[3627,3984],{},"\nAvoid using unsafe string functions which may cause buffer overflows",[3505,3987,3989,3995,4003,4010],{"className":3988},[3603],[3536,3990,3991],{},[43,3992,3994],{"href":3993},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpc-lint-plus","PC-lint Plus",[3536,3996,3997],{},[3613,3998,4000],{"className":3999},[3616],[39,4001,4002],{},"1.4",[3536,4004,4005],{},[39,4006,4007],{},[3623,4008,4009],{},"421, 498",[3536,4011,4012],{},[39,4013,4014],{},"Partially supported",[3505,4016,4018,4024,4032,4040],{"className":4017},[3649],[3536,4019,4020],{},[43,4021,4023],{"href":4022},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpolyspace-bug-finder","Polyspace Bug Finder",[3536,4025,4026],{},[3613,4027,4029],{"className":4028},[3616],[39,4030,4031],{},"R2025b",[3536,4033,4034],{},[39,4035,4036],{},[43,4037,4039],{"href":4038},"https:\u002F\u002Fwww.mathworks.com\u002Fhelp\u002Fbugfinder\u002Fref\u002Fcertcrulestr31c.html","CERT C: Rule STR31-C",[3536,4041,4042,4045,4064],{},[39,4043,4044],{},"Checks for:",[4046,4047,4048,4052,4055,4058,4061],"ul",{},[4049,4050,4051],"li",{},"Use of dangerous standard function",[4049,4053,4054],{},"Missing null in string array",[4049,4056,4057],{},"Buffer overflow from incorrect string format specifier",[4049,4059,4060],{},"Destination buffer overflow in string manipulation",[4049,4062,4063],{},"Insufficient destination buffer size",[39,4065,4066],{},"Rule partially covered.",[3505,4068,4070,4076,4084,4111],{"className":4069},[3603],[3536,4071,4072],{},[43,4073,4075],{"href":4074},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpvs-studio","PVS-Studio",[3536,4077,4078],{},[3613,4079,4081],{"className":4080},[3616],[39,4082,4083],{},"7.42",[3536,4085,4086,4092,4093,4092,4099,4092,4105],{},[43,4087,4089],{"href":4088},"https:\u002F\u002Fpvs-studio.com\u002Fen\u002Fdocs\u002Fwarnings\u002Fv518\u002F",[3623,4090,4091],{},"V518"," , ",[43,4094,4096],{"href":4095},"https:\u002F\u002Fpvs-studio.com\u002Fen\u002Fdocs\u002Fwarnings\u002Fv645\u002F",[3623,4097,4098],{},"V645",[43,4100,4102],{"href":4101},"https:\u002F\u002Fpvs-studio.com\u002Fen\u002Fdocs\u002Fwarnings\u002Fv727\u002F",[3623,4103,4104],{},"V727",[3623,4106,4107],{},[43,4108,4110],{"href":4109},"https:\u002F\u002Fpvs-studio.com\u002Fen\u002Fdocs\u002Fwarnings\u002Fv755\u002F","V755",[3536,4112,4113],{},[3627,4114],{},[3505,4116,4118,4124,4131,4147],{"className":4117},[3649],[3536,4119,4120],{},[43,4121,4123],{"href":4122},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frulechecker","RuleChecker",[3536,4125,4126],{},[3613,4127,4129],{"className":4128},[3616],[39,4130,3617],{},[3536,4132,4133,3629,4137,3629,4141,3629,4145],{},[3623,4134,3625,4135],{},[3627,4136],{},[3623,4138,3632,4139],{},[3627,4140],{},[3623,4142,3637,4143],{},[3627,4144],{},[3623,4146,3642],{},[3536,4148,4149],{},"Partially checked",[3505,4151,4153,4159,4167,4186],{"className":4152},[3603],[3536,4154,4155],{},[43,4156,4158],{"href":4157},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsecurity-reviewer-static-reviewer","Security Reviewer - Static Reviewer",[3536,4160,4161],{},[3613,4162,4164],{"className":4163},[3616],[39,4165,4166],{},"6.02",[3536,4168,4169],{},[3623,4170,4171,4172,4174,4175,4177,4178,4180,4181,4183,4184],{},"RTOS_33",[3627,4173],{},"\nRTOS_34",[3627,4176],{},"\nshadowVariable",[3627,4179],{},"\nUNSAFE_03",[3627,4182],{},"\nUNSAFE_04",[3627,4185],{},[3536,4187,4188],{},[3623,4189,3799],{},[3505,4191,4193,4201,4209,4215],{"className":4192},[3649],[3536,4194,4195],{},[39,4196,4197],{},[43,4198,4200],{"href":4199},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fseccode\u002FSplint","Splint",[3536,4202,4203],{},[3613,4204,4206],{"className":4205},[3616],[39,4207,4208],{},"3.1.1",[3536,4210,4211],{},[39,4212,4213],{},[3627,4214],{},[3536,4216,4217],{},[39,4218,4219],{},[3627,4220],{},[3505,4222,4224,4230,4238,4243],{"className":4223},[3603],[3536,4225,4226],{},[43,4227,4229],{"href":4228},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Ftrustinsoft-analyzer","TrustInSoft Analyzer",[3536,4231,4232],{},[3613,4233,4235],{"className":4234},[3616],[39,4236,4237],{},"1.38",[3536,4239,4240],{},[3623,4241,4242],{},"mem_access",[3536,4244,4245],{},[39,4246,4247,4248,4252],{},"Exhaustively verified (see ",[43,4249,4251],{"href":4250},"https:\u002F\u002Ftaas.trust-in-soft.com\u002Ftsnippet\u002Ft\u002F144ae03a","one compliant and one non-compliant example"," ).",[3563,4254,4256],{"id":4255},"related-vulnerabilities","Related Vulnerabilities",[39,4258,4259,4265,4266,4269,4270,4275],{},[43,4260,4264],{"href":4261,"rel":4262},"http:\u002F\u002Fweb.nvd.nist.gov\u002Fview\u002Fvuln\u002Fdetail?vulnId=CVE-2009-1252",[4263],"nofollow","CVE-2009-1252"," results from a violation of this rule. The Network Time Protocol daemon (NTPd), before versions 4.2.4p7 and 4.2.5p74, contained calls to ",[90,4267,4268],{},"sprintf"," that allow an attacker to execute arbitrary code by overflowing a character array [ ",[43,4271,4274],{"href":4272,"rel":4273},"http:\u002F\u002Fxorl.wordpress.com\u002F2009\u002F06\u002F10\u002Ffreebsd-sa-0911-ntpd-remote-stack-based-buffer-overflows\u002F",[4263],"xorl 2009"," ].",[39,4277,4278,4283,4284,4275],{},[43,4279,4282],{"href":4280,"rel":4281},"http:\u002F\u002Fweb.nvd.nist.gov\u002Fview\u002Fvuln\u002Fdetail?vulnId=CVE-2009-0587",[4263],"CVE-2009-0587"," results from a violation of this rule. Before version 2.24.5, Evolution Data Server performed unchecked arithmetic operations on the length of a user-input string and used the value to allocate space for a new buffer. An attacker could thereby execute arbitrary code by inputting a long string, resulting in incorrect allocation and buffer overflow [ ",[43,4285,4274],{"href":4286,"rel":4287},"http:\u002F\u002Fxorl.wordpress.com\u002F2009\u002F06\u002F10\u002Fcve-2009-0587-evolution-data-server-base64-integer-overflows\u002F",[4263],[39,4289,4290,4295,4296,70],{},[43,4291,4294],{"href":4292,"rel":4293},"https:\u002F\u002Fcve.mitre.org\u002Fcgi-bin\u002Fcvename.cgi?name=CVE-2021-3156",[4263],"CVE-2021-3156"," results from a violation of this rule in versions of Sudo before 1.9.5p2. Due to inconsistencies on whether backslashes are escaped, vulnerable versions of Sudo enabled a user to create a heap-based buffer overflow and exploit it to execute arbitrary code. ",[43,4297,4300],{"href":4298,"rel":4299},"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fnew-linux-sudo-flaw-lets-local-users-gain-root-privileges\u002F",[4263],"[BC]",[39,4302,4303,4304,4307,4308,70],{},"Search for ",[43,4305,4306],{"href":2064},"vulnerabilities"," resulting from the violation of this rule on the ",[43,4309,4312],{"href":4310,"rel":4311},"https:\u002F\u002Fwww.kb.cert.org\u002Fvulnotes\u002Fbymetric?searchview&query=FIELD+KEYWORDS+contains+ARR32-C",[4263],"CERT website",[72,4314,4316],{"id":4315},"related-guidelines","Related Guidelines",[39,4318,4319,4323],{},[43,4320,4322],{"href":4321},"\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhow-this-coding-standard-is-organized#HowthisCodingStandardisOrganized-RelatedGuidelines","Key here"," (explains table format and definitions)",[3497,4325,4327],{"className":4326},[3573],[3531,4328,4329,4347,4362,4391,4405,4417,4429,4443,4455,4474,4491,4508,4525],{},[3505,4330,4332,4337,4342],{"className":4331},[3579],[3509,4333,4334],{},[39,4335,4336],{},"Taxonomy",[3509,4338,4339],{},[39,4340,4341],{},"Taxonomy item",[3509,4343,4344],{},[39,4345,4346],{},"Relationship",[3505,4348,4350,4355,4359],{"className":4349},[3603],[3536,4351,4352],{},[43,4353,4354],{"href":17},"CERT C Secure Coding Standard",[3536,4356,4357],{},[43,4358,51],{"href":50},[3536,4360,4361],{},"Prior to 2018-01-12: CERT: Unspecified Relationship",[3505,4363,4365,4369,4389],{"className":4364},[3649],[3536,4366,4367],{},[43,4368,4354],{"href":17},[3536,4370,4371,3629,4377,3629,4381,3629,4387],{},[43,4372,4374,4375],{"href":4373},"https:\u002F\u002Fwiki.sei.cmu.edu\u002Fconfluence\u002Fdisplay\u002Fc\u002FSTR07-C.+Use+the+bounds-checking+interfaces+for+string+manipulation","STR07-C. Use the bounds-checking interfaces for remediation of existing string manipulation code",[3627,4376],{},[43,4378,556,4379],{"href":555},[3627,4380],{},[43,4382,4384,4385],{"href":4383},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem00-c","MEM00-C. Allocate and free memory in the same module, at the same level of abstraction",[3627,4386],{},[43,4388,1463],{"href":1462},[3536,4390,4361],{},[3505,4392,4394,4400,4403],{"className":4393},[3603],[3536,4395,4396],{},[43,4397,4399],{"href":4398},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO-IECTR24772-2013","ISO\u002FIEC TR 24772:2013",[3536,4401,4402],{},"String Termination [CJM]",[3536,4404,4361],{},[3505,4406,4408,4412,4415],{"className":4407},[3649],[3536,4409,4410],{},[43,4411,4399],{"href":4398},[3536,4413,4414],{},"Buffer Boundary Violation (Buffer Overflow) [HCB]",[3536,4416,4361],{},[3505,4418,4420,4424,4427],{"className":4419},[3603],[3536,4421,4422],{},[43,4423,4399],{"href":4398},[3536,4425,4426],{},"Unchecked Array Copying [XYW]",[3536,4428,4361],{},[3505,4430,4432,4438,4441],{"className":4431},[3649],[3536,4433,4434],{},[43,4435,4437],{"href":4436},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO-IECTS17961","ISO\u002FIEC TS 17961:2013",[3536,4439,4440],{},"Using a tainted value to write to an object using a formatted input or output function [taintformatio]",[3536,4442,4361],{},[3505,4444,4446,4450,4453],{"className":4445},[3603],[3536,4447,4448],{},[43,4449,4437],{"href":4436},[3536,4451,4452],{},"Tainted strings are passed to a string copying function [taintstrcpy]",[3536,4454,4361],{},[3505,4456,4458,4464,4471],{"className":4457},[3649],[3536,4459,4460],{},[43,4461,4463],{"href":4462},"https:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Findex.html","CWE 2.11",[3536,4465,4466,4470],{},[43,4467,4469],{"href":4468},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F119.html","CWE-119"," , Improper Restriction of Operations within the Bounds of a Memory Buffer",[3536,4472,4473],{},"2017-05-18: CERT: Rule subset of CWE",[3505,4475,4477,4481,4488],{"className":4476},[3603],[3536,4478,4479],{},[43,4480,4463],{"href":4462},[3536,4482,4483,4487],{},[43,4484,4486],{"href":4485},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F120.html","CWE-120"," , Buffer Copy without Checking Size of Input (\"Classic Buffer Overflow\")",[3536,4489,4490],{},"2017-05-15: CERT: Exact",[3505,4492,4494,4498,4505],{"className":4493},[3649],[3536,4495,4496],{},[43,4497,4463],{"href":4462},[3536,4499,4500,4504],{},[43,4501,4503],{"href":4502},"https:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F123.html","CWE-123"," , Write-what-where Condition",[3536,4506,4507],{},"2017-06-12: CERT: Partial overlap",[3505,4509,4511,4515,4522],{"className":4510},[3603],[3536,4512,4513],{},[43,4514,4463],{"href":4462},[3536,4516,4517,4521],{},[43,4518,4520],{"href":4519},"https:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F125.html","CWE-125"," , Out-of-bounds Read",[3536,4523,4524],{},"2017-05-18: CERT: Partial overlap",[3505,4526,4528,4533,4540],{"className":4527},[3649],[3536,4529,4530],{},[43,4531,4463],{"href":4532},"http:\u002F\u002Fcwe.mitre.org\u002F",[3536,4534,4535,4539],{},[43,4536,4538],{"href":4537},"https:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Findex.html676.html","CWE-676"," , Off-by-one Error",[3536,4541,4524],{},[72,4543,4545],{"id":4544},"cert-cwe-mapping-notes","CERT-CWE Mapping Notes",[39,4547,4548,4551],{},[43,4549,4322],{"href":4550},"\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhow-this-coding-standard-is-organized#HowthisCodingStandardisOrganized-CERT-CWEMappingNotes"," for mapping notes",[3563,4553,4555],{"id":4554},"cwe-122-and-str31-c","CWE-122 and STR31-C",[39,4557,4558],{},"STR31-C = Union( CWE-122, list) where list =",[4046,4560,4561],{},[4049,4562,4563],{},"Buffer overflows on strings in the stack or data segment",[3563,4565,4567],{"id":4566},"cwe-125-and-str31-c","CWE-125 and STR31-C",[39,4569,4570],{},"Independent( ARR30-C, ARR38-C, EXP39-C, INT30-C)",[39,4572,4573],{},"STR31-C = Subset( Union( ARR30-C, ARR38-C))",[39,4575,4576],{},"STR32-C = Subset( ARR38-C)",[39,4578,4579],{},"Intersection( STR31-C, CWE-125) =",[4046,4581,4582],{},[4049,4583,4584],{},"Directly reading beyond the end of a string",[39,4586,4587],{},"STR31-C – CWE-125 =",[4046,4589,4590],{},[4049,4591,4592],{},"Directly writing beyond the end of a string",[39,4594,4595],{},"CWE-125 – STR31-C =",[4046,4597,4598],{},[4049,4599,4600],{},"Reading beyond a non-string array",[4046,4602,4603],{},[4049,4604,4605],{},"Reading beyond a string using library functions",[3563,4607,4609],{"id":4608},"cwe-676-and-str31-c","CWE-676 and STR31-C",[4046,4611,4612],{},[4049,4613,4614],{},"Independent( ENV33-C, CON33-C, STR31-C, EXP33-C, MSC30-C, ERR34-C)",[4046,4616,4617],{},[4049,4618,4619],{},"STR31-C implies that several C string copy functions, like strcpy() are dangerous.",[39,4621,4622],{},"Intersection( CWE-676, STR31-C) =",[4046,4624,4625],{},[4049,4626,4627],{},"Buffer Overflow resulting from invocation of the following dangerous functions:",[4046,4629,4630],{},[4049,4631,4632],{},"gets(), fscanf(), strcpy(), sprintf()",[39,4634,4635],{},"STR31-C – CWE-676 =",[4046,4637,4638],{},[4049,4639,4640],{},"Buffer overflow that does not involve the dangerous functions listed above.",[39,4642,4643],{},"CWE-676 - STR31-C =",[4046,4645,4646],{},[4049,4647,4648],{},"Invocation of other dangerous functions",[3563,4650,4652],{"id":4651},"cwe-121-and-str31-c","CWE-121 and STR31-C",[39,4654,4655],{},"STR31-C = Union( CWE-121, list) where list =",[4046,4657,4658],{},[4049,4659,4660],{},"Buffer overflows on strings in the heap or data segment",[3563,4662,4664],{"id":4663},"cwe-123-and-str31-c","CWE-123 and STR31-C",[39,4666,4667],{},"Independent(ARR30-C, ARR38-C)",[39,4669,4573],{},[39,4671,4576],{},[39,4673,4674],{},"Intersection( CWE-123, STR31-C) =",[4046,4676,4677],{},[4049,4678,4679],{},"Buffer overflow that overwrites a (unrelated) pointer with untrusted data",[39,4681,4682],{},"STR31-C – CWE-123 =",[4046,4684,4685],{},[4049,4686,4687],{},"Buffer overflow that does not overwrite a (unrelated) pointer",[39,4689,4690],{},"CWE-123 – STR31-C =",[4046,4692,4693],{},[4049,4694,4695],{},"Arbitrary writes that do not involve buffer overflows",[3563,4697,4699],{"id":4698},"cwe-119-and-str31-c","CWE-119 and STR31-C",[39,4701,4702],{},"Independent( ARR30-C, ARR38-C, ARR32-C, INT30-C, INT31-C, EXP39-C, EXP33-C, FIO37-C)",[39,4704,4573],{},[39,4706,4576],{},[39,4708,4709],{},"CWE-119 = Union( STR31-C, list) where list =",[4046,4711,4712],{},[4049,4713,4714],{},"Out-of-bounds reads or writes that are not created by string copy operations",[3563,4716,4718],{"id":4717},"cwe-193-and-str31-c","CWE-193 and STR31-C",[39,4720,4721],{},"Intersection( CWE-193, STR31-C) = Ø",[39,4723,4724],{},"CWE-193 involves an integer computation error (typically off-by-one), which is often a precursor to (slight) buffer overflow. However the two errors occur in different operations and are thus unrelated.",[72,4726,4728],{"id":4727},"bibliography","Bibliography",[3497,4730,4732],{"className":4731},[3573],[3531,4733,4734,4745,4757,4773,4786,4798,4808,4821],{},[3505,4735,4737,4742],{"className":4736},[3603],[3536,4738,4739,4740,2789],{},"[ ",[43,4741,87],{"href":86},[3536,4743,4744],{},"Chapter 7, \"Program Building Blocks\" (\"Loop Constructs,\" pp. 327–336)",[3505,4746,4748,4754],{"className":4747},[3649],[3536,4749,4739,4750,2789],{},[43,4751,4753],{"href":4752},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Drepper06","Drepper 2006",[3536,4755,4756],{},"Section 2.1.1, \"Respecting Memory Bounds\"",[3505,4758,4760,4766],{"className":4759},[3603],[3536,4761,4739,4762,2789],{},[43,4763,4765],{"href":4764},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-ISO-IEC9899-2024","ISO\u002FIEC 9899:2024",[3536,4767,4768,4769,4772],{},"K.3.5.4.1, \"The ",[90,4770,4771],{},"      gets_s     "," Function\"",[3505,4774,4776,4782],{"className":4775},[3649],[3536,4777,4739,4778,2789],{},[43,4779,4781],{"href":4780},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-Lai06","Lai 2006",[3536,4783,4784],{},[3627,4785],{},[3505,4787,4789,4795],{"className":4788},[3603],[3536,4790,4739,4791,2789],{},[43,4792,4794],{"href":4793},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-NIST06","NIST 2006",[3536,4796,4797],{},"SAMATE Reference Dataset Test Case ID 000-000-088",[3505,4799,4801,4805],{"className":4800},[3649],[3536,4802,4739,4803,2789],{},[43,4804,46],{"href":45},[3536,4806,4807],{},"Chapter 2, \"Strings\"",[3505,4809,4811,4816],{"className":4810},[3603],[3536,4812,4739,4813,2789],{},[43,4814,4274],{"href":4815},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography#AA.Bibliography-xorl2009",[3536,4817,4818],{},[43,4819,4820],{"href":4272},"FreeBSD-SA-09:11: NTPd Remote Stack Based Buffer Overflows",[3505,4822,4824,4831],{"className":4823},[3649],[3536,4825,4826],{},[3613,4827,4829],{"className":4828},[3616],[39,4830,4300],{},[3536,4832,4833],{},[43,4834,4835],{"href":4298},"New Linux SUDO flaw lets local users gain root privileges",[4837,4838],"hr",{},[39,4840,4841,3629,4848,3629,4854],{},[43,4842,4844],{"href":4843},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr30-c",[4845,4846],"img",{"src":4847},"\u002Fattachments\u002F87152044\u002F88034188.png",[43,4849,4851],{"href":4850},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002F",[4845,4852],{"src":4853},"\u002Fattachments\u002F87152044\u002F88034190.png",[43,4855,4857],{"href":4856},"\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr32-c",[4845,4858],{"src":4859},"\u002Fattachments\u002F87152044\u002F88034189.png",[4861,4862,4863],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .sTHNf, html code.shiki .sTHNf{--shiki-default:#E36209;--shiki-default-font-style:inherit;--shiki-dark:#FFAB70;--shiki-dark-font-style:inherit;--shiki-sepia:#FD971F;--shiki-sepia-font-style:italic}html pre.shiki code .sOrwc, html code.shiki .sOrwc{--shiki-default:#E36209;--shiki-dark:#FFAB70;--shiki-sepia:#F8F8F2}html pre.shiki code .s7F3e, html code.shiki .s7F3e{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#AE81FF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}",{"title":110,"searchDepth":128,"depth":128,"links":4865},[4866,4867,4868,4870,4872,4874,4876,4878,4880,4882,4884,4886,4887,4888,4890,4892,4894,4896,4898,4902,4903,4912],{"id":74,"depth":128,"text":75},{"id":282,"depth":128,"text":283},{"id":420,"depth":128,"text":4869},"Noncompliant Code Example ( gets() )",{"id":559,"depth":128,"text":4871},"Compliant Solution ( fgets() )",{"id":892,"depth":128,"text":4873},"Compliant Solution ( getline() , POSIX)",{"id":1265,"depth":128,"text":4875},"Noncompliant Code Example ( getchar() )",{"id":1474,"depth":128,"text":4877},"Compliant Solution ( getchar() )",{"id":1742,"depth":128,"text":4879},"Noncompliant Code Example ( fscanf() )",{"id":1862,"depth":128,"text":4881},"Compliant Solution ( fscanf() )",{"id":1972,"depth":128,"text":4883},"Noncompliant Code Example ( argv )",{"id":2210,"depth":128,"text":4885},"Compliant Solution ( argv )",{"id":2413,"depth":128,"text":4885},{"id":2672,"depth":128,"text":4885},{"id":2778,"depth":128,"text":4889},"Noncompliant Code Example ( getenv() )",{"id":2919,"depth":128,"text":4891},"Compliant Solution ( getenv() )",{"id":3104,"depth":128,"text":4893},"Noncompliant Code Example ( sprintf() )",{"id":3196,"depth":128,"text":4895},"Compliant Solution ( sprintf() )",{"id":3373,"depth":128,"text":4897},"Compliant Solution ( snprintf() )",{"id":3491,"depth":128,"text":3492,"children":4899},[4900,4901],{"id":3565,"depth":135,"text":3566},{"id":4255,"depth":135,"text":4256},{"id":4315,"depth":128,"text":4316},{"id":4544,"depth":128,"text":4545,"children":4904},[4905,4906,4907,4908,4909,4910,4911],{"id":4554,"depth":135,"text":4555},{"id":4566,"depth":135,"text":4567},{"id":4608,"depth":135,"text":4609},{"id":4651,"depth":135,"text":4652},{"id":4663,"depth":135,"text":4664},{"id":4698,"depth":135,"text":4699},{"id":4717,"depth":135,"text":4718},{"id":4727,"depth":128,"text":4728},"Copying data to a buffer that is not large enough to hold that data results in a buffer overflow. Buffer overflows occur frequently when manipulating strings [ Seacord 2013b ]. To prevent such errors, either limit copies through truncation or, preferably, ensure that the destination is of sufficient size to hold the character data to be copied and the null-termination character. (See STR03-C. Do not inadvertently truncate a string .)","md",{"tags":4916},[4917,4918,4919,4920,4921,4922,4923,4924,4925,4926,4927,4928,4929,4930,4931,4932,4933],"klocwork","in-cpp","ptc","fortify","rule","compass\u002Frose","cwe-120","ldra","memory-management","array","str","splint","tr24731","cwe-119","rose-partial","cwe-193","android-applicable","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr31-c",{"title":30,"description":4913},"4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F3.str31-c","r08YxcuEPE-f5JZF_QX-I3Jte_hukVhIGbIlkuBmrIQ",[4939,4942],{"title":4940,"path":4843,"stem":4941,"children":-1},"STR30-C. Do not attempt to modify string literals","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F2.str30-c",{"title":4943,"path":4856,"stem":4944,"children":-1},"STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F4.str32-c",[4946],{"title":4947,"path":4948,"stem":4949,"children":4950},"SEI CERT C Coding Standard","\u002Fsei-cert-c-coding-standard","4.sei-cert-c-coding-standard\u002F01.index",[4951,4952,5024,5595,5867,5881,5885,5889,5893,6700],{"title":4947,"path":4948,"stem":4949},{"title":4953,"path":4954,"stem":4955,"children":4956},"Front Matter","\u002Fsei-cert-c-coding-standard\u002Ffront-matter","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F1.index",[4957,4958],{"title":4953,"path":4954,"stem":4955},{"title":4959,"path":4960,"stem":4961,"children":4962},"Introduction","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F01.index",[4963,4964,4968,4972,4976,4980,4984,4988,4992,4996,5000,5004,5008,5012,5016,5020],{"title":4959,"path":4960,"stem":4961},{"title":4965,"path":4966,"stem":4967},"Scope","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fscope","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F01.scope",{"title":4969,"path":4970,"stem":4971},"Audience","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Faudience","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F02.audience",{"title":4973,"path":4974,"stem":4975},"How this Coding Standard is Organized","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhow-this-coding-standard-is-organized","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F03.how-this-coding-standard-is-organized",{"title":4977,"path":4978,"stem":4979},"History","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fhistory","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F04.history",{"title":4981,"path":4982,"stem":4983},"ISO\u002FIEC TS 17961 C Secure Coding Rules","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fisoiec-ts-17961-c-secure-coding-rules","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F05.isoiec-ts-17961-c-secure-coding-rules",{"title":4985,"path":4986,"stem":4987},"Tool Selection and Validation","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftool-selection-and-validation","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F06.tool-selection-and-validation",{"title":4989,"path":4990,"stem":4991},"Taint Analysis","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Ftaint-analysis","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F07.taint-analysis",{"title":4993,"path":4994,"stem":4995},"Rules versus Recommendations","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Frules-versus-recommendations","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F08.rules-versus-recommendations",{"title":4997,"path":4998,"stem":4999},"Conformance Testing","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fconformance-testing","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F09.conformance-testing",{"title":5001,"path":5002,"stem":5003},"Development Process","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fdevelopment-process","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F10.development-process",{"title":5005,"path":5006,"stem":5007},"Usage","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fusage","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F11.usage",{"title":5009,"path":5010,"stem":5011},"System Qualities","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fsystem-qualities","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F12.system-qualities",{"title":5013,"path":5014,"stem":5015},"Automatically Generated Code","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fautomatically-generated-code","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F13.automatically-generated-code",{"title":5017,"path":5018,"stem":5019},"Government Regulations","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Fgovernment-regulations","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F14.government-regulations",{"title":5021,"path":5022,"stem":5023},"Acknowledgments","\u002Fsei-cert-c-coding-standard\u002Ffront-matter\u002Fintroduction\u002Facknowledgments","4.sei-cert-c-coding-standard\u002F02.front-matter\u002F2.introduction\u002F15.acknowledgments",{"title":5025,"path":5026,"stem":5027,"children":5028},"Rules","\u002Fsei-cert-c-coding-standard\u002Frules","4.sei-cert-c-coding-standard\u002F03.rules\u002F01.index",[5029,5030,5034,5060,5081,5143,5181,5207,5229,5295,5321,5377,5411,5437,5447,5485,5555,5573],{"title":5025,"path":5026,"stem":5027},{"title":5031,"path":5032,"stem":5033},"Application Programming Interfaces (API)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fapplication-programming-interfaces-api","4.sei-cert-c-coding-standard\u002F03.rules\u002F02.application-programming-interfaces-api",{"title":5035,"path":5036,"stem":5037,"children":5038},"Arrays (ARR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F1.index",[5039,5040,5042,5046,5050,5054,5056],{"title":5035,"path":5036,"stem":5037},{"title":64,"path":63,"stem":5041},"4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F2.arr30-c",{"title":5043,"path":5044,"stem":5045},"ARR32-C. Ensure size arguments for variable length arrays are in a valid range","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F3.arr32-c",{"title":5047,"path":5048,"stem":5049},"ARR36-C. Do not subtract or compare two pointers that do not refer to the same array","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F4.arr36-c",{"title":5051,"path":5052,"stem":5053},"ARR37-C. Do not add or subtract an integer to a pointer to a non-array object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F5.arr37-c",{"title":69,"path":68,"stem":5055},"4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F6.arr38-c",{"title":5057,"path":5058,"stem":5059},"ARR39-C. Do not add or subtract a scaled integer to a pointer","\u002Fsei-cert-c-coding-standard\u002Frules\u002Farrays-arr\u002Farr39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F03.arrays-arr\u002F7.arr39-c",{"title":5061,"path":5062,"stem":5063,"children":5064},"Characters and Strings (STR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F1.index",[5065,5066,5067,5068,5069,5073,5077],{"title":5061,"path":5062,"stem":5063},{"title":4940,"path":4843,"stem":4941},{"title":30,"path":4934,"stem":4936},{"title":4943,"path":4856,"stem":4944},{"title":5070,"path":5071,"stem":5072},"STR34-C. Cast characters to unsigned char before converting to larger integer sizes","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F5.str34-c",{"title":5074,"path":5075,"stem":5076},"STR37-C. Arguments to character-handling functions must be representable as an unsigned char","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F6.str37-c",{"title":5078,"path":5079,"stem":5080},"STR38-C. Do not confuse narrow and wide character strings and functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fcharacters-and-strings-str\u002Fstr38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F04.characters-and-strings-str\u002F7.str38-c",{"title":5082,"path":5083,"stem":5084,"children":5085},"Concurrency (CON)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F01.index",[5086,5087,5091,5095,5099,5103,5107,5111,5115,5119,5123,5127,5131,5135,5139],{"title":5082,"path":5083,"stem":5084},{"title":5088,"path":5089,"stem":5090},"CON30-C. Clean up thread-specific storage","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F02.con30-c",{"title":5092,"path":5093,"stem":5094},"CON31-C. Do not destroy a mutex while it is locked","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F03.con31-c",{"title":5096,"path":5097,"stem":5098},"CON32-C. Prevent data races when accessing bit-fields from multiple threads","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F04.con32-c",{"title":5100,"path":5101,"stem":5102},"CON33-C. Avoid race conditions when using library functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F05.con33-c",{"title":5104,"path":5105,"stem":5106},"CON34-C. Declare objects shared between threads with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F06.con34-c",{"title":5108,"path":5109,"stem":5110},"CON35-C. Avoid deadlock by locking in a predefined order","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F07.con35-c",{"title":5112,"path":5113,"stem":5114},"CON36-C. Wrap functions that can spuriously wake up in a loop","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F08.con36-c",{"title":5116,"path":5117,"stem":5118},"CON37-C. Do not call signal() in a multithreaded program","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F09.con37-c",{"title":5120,"path":5121,"stem":5122},"CON38-C. Preserve thread safety and liveness when using condition variables","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F10.con38-c",{"title":5124,"path":5125,"stem":5126},"CON39-C. Do not join or detach a thread that was previously joined or detached","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F11.con39-c",{"title":5128,"path":5129,"stem":5130},"CON40-C. Do not refer to an atomic variable twice in an expression","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F12.con40-c",{"title":5132,"path":5133,"stem":5134},"CON41-C. Wrap functions that can fail spuriously in a loop","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F13.con41-c",{"title":5136,"path":5137,"stem":5138},"CON42-C. Don't allow attackers to influence environment variables that control concurrency parameters","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F14.con42-c",{"title":5140,"path":5141,"stem":5142},"CON43-C. Do not allow data races in multithreaded code","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fconcurrency-con\u002Fcon43-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F05.concurrency-con\u002F15.con43-c",{"title":5144,"path":5145,"stem":5146,"children":5147},"Declarations and Initialization (DCL)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F1.index",[5148,5149,5153,5157,5161,5165,5169,5173,5177],{"title":5144,"path":5145,"stem":5146},{"title":5150,"path":5151,"stem":5152},"DCL30-C. Declare objects with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F2.dcl30-c",{"title":5154,"path":5155,"stem":5156},"DCL31-C. Declare identifiers before using them","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F3.dcl31-c",{"title":5158,"path":5159,"stem":5160},"DCL36-C. Do not declare an identifier with conflicting linkage classifications","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F4.dcl36-c",{"title":5162,"path":5163,"stem":5164},"DCL37-C. Do not declare or define a reserved identifier","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F5.dcl37-c",{"title":5166,"path":5167,"stem":5168},"DCL38-C. Use the correct syntax when declaring a flexible array member","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F6.dcl38-c",{"title":5170,"path":5171,"stem":5172},"DCL39-C. Avoid information leakage when passing a structure across a trust boundary","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F7.dcl39-c",{"title":5174,"path":5175,"stem":5176},"DCL40-C. Do not create incompatible declarations of the same function or object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F8.dcl40-c",{"title":5178,"path":5179,"stem":5180},"DCL41-C. Do not declare variables inside a switch statement before the first case label","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F06.declarations-and-initialization-dcl\u002F9.dcl41-c",{"title":5182,"path":5183,"stem":5184,"children":5185},"Environment (ENV)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F1.index",[5186,5187,5191,5195,5199,5203],{"title":5182,"path":5183,"stem":5184},{"title":5188,"path":5189,"stem":5190},"ENV30-C. Do not modify the object referenced by the return value of certain functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F2.env30-c",{"title":5192,"path":5193,"stem":5194},"ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F3.env31-c",{"title":5196,"path":5197,"stem":5198},"ENV32-C. All exit handlers must return normally","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F4.env32-c",{"title":5200,"path":5201,"stem":5202},"ENV33-C. Do not call system()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F5.env33-c",{"title":5204,"path":5205,"stem":5206},"ENV34-C. Do not store pointers returned by certain functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fenvironment-env\u002Fenv34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F07.environment-env\u002F6.env34-c",{"title":5208,"path":5209,"stem":5210,"children":5211},"Error Handling (ERR)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F1.index",[5212,5213,5217,5221,5225],{"title":5208,"path":5209,"stem":5210},{"title":5214,"path":5215,"stem":5216},"ERR30-C. Take care when reading errno","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F2.err30-c",{"title":5218,"path":5219,"stem":5220},"ERR32-C. Do not rely on indeterminate values of errno","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F3.err32-c",{"title":5222,"path":5223,"stem":5224},"ERR33-C. Detect and handle standard library errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F4.err33-c",{"title":5226,"path":5227,"stem":5228},"ERR34-C. Detect errors when converting a string to a number","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ferror-handling-err\u002Ferr34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F08.error-handling-err\u002F5.err34-c",{"title":5230,"path":5231,"stem":5232,"children":5233},"Expressions (EXP)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F01.index",[5234,5235,5239,5243,5247,5251,5255,5259,5263,5267,5271,5275,5279,5283,5287,5291],{"title":5230,"path":5231,"stem":5232},{"title":5236,"path":5237,"stem":5238},"EXP30-C. Do not depend on the order of evaluation for side effects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F02.exp30-c",{"title":5240,"path":5241,"stem":5242},"EXP32-C. Do not access a volatile object through a nonvolatile reference","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F03.exp32-c",{"title":5244,"path":5245,"stem":5246},"EXP33-C. Do not read uninitialized memory","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F04.exp33-c",{"title":5248,"path":5249,"stem":5250},"EXP34-C. Do not dereference null pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F05.exp34-c",{"title":5252,"path":5253,"stem":5254},"EXP35-C. Do not modify objects with temporary lifetime","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F06.exp35-c",{"title":5256,"path":5257,"stem":5258},"EXP36-C. Do not cast pointers into more strictly aligned pointer types","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F07.exp36-c",{"title":5260,"path":5261,"stem":5262},"EXP37-C. Call functions with the correct number and type of arguments","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F08.exp37-c",{"title":5264,"path":5265,"stem":5266},"EXP39-C. Do not access a variable through a pointer of an incompatible type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F09.exp39-c",{"title":5268,"path":5269,"stem":5270},"EXP40-C. Do not modify constant objects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F10.exp40-c",{"title":5272,"path":5273,"stem":5274},"EXP42-C. Do not compare padding data","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F11.exp42-c",{"title":5276,"path":5277,"stem":5278},"EXP43-C. Avoid undefined behavior when using restrict-qualified pointers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp43-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F12.exp43-c",{"title":5280,"path":5281,"stem":5282},"EXP44-C. Do not rely on side effects in operands to sizeof, _Alignof, or _Generic","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F13.exp44-c",{"title":5284,"path":5285,"stem":5286},"EXP45-C. Do not perform assignments in selection statements","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp45-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F14.exp45-c",{"title":5288,"path":5289,"stem":5290},"EXP46-C. Do not use a bitwise operator with a Boolean-like operand","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp46-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F15.exp46-c",{"title":5292,"path":5293,"stem":5294},"EXP47-C. Do not call va_arg with an argument of the incorrect type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fexpressions-exp\u002Fexp47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F09.expressions-exp\u002F16.exp47-c",{"title":5296,"path":5297,"stem":5298,"children":5299},"Floating Point (FLP)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F1.index",[5300,5301,5305,5309,5313,5317],{"title":5296,"path":5297,"stem":5298},{"title":5302,"path":5303,"stem":5304},"FLP30-C. Do not use floating-point variables as loop counters","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F2.flp30-c",{"title":5306,"path":5307,"stem":5308},"FLP32-C. Prevent or detect domain and range errors in math functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F3.flp32-c",{"title":5310,"path":5311,"stem":5312},"FLP34-C. Ensure that floating-point conversions are within range of the new type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F4.flp34-c",{"title":5314,"path":5315,"stem":5316},"FLP36-C. Preserve precision when converting integral values to floating-point type","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F5.flp36-c",{"title":5318,"path":5319,"stem":5320},"FLP37-C. Do not use object representations to compare floating-point values","\u002Fsei-cert-c-coding-standard\u002Frules\u002Ffloating-point-flp\u002Fflp37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F10.floating-point-flp\u002F6.flp37-c",{"title":5322,"path":5323,"stem":5324,"children":5325},"Input Output (FIO)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F01.index",[5326,5327,5331,5335,5337,5341,5345,5349,5353,5357,5361,5365,5369,5373],{"title":5322,"path":5323,"stem":5324},{"title":5328,"path":5329,"stem":5330},"FIO30-C. Exclude user input from format strings","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F02.fio30-c",{"title":5332,"path":5333,"stem":5334},"FIO32-C. Do not perform operations on devices that are only appropriate for files","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F03.fio32-c",{"title":1463,"path":1462,"stem":5336},"4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F04.fio34-c",{"title":5338,"path":5339,"stem":5340},"FIO37-C. Do not assume that fgets() or fgetws() returns a nonempty string when successful","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F05.fio37-c",{"title":5342,"path":5343,"stem":5344},"FIO38-C. Do not copy a FILE object","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F06.fio38-c",{"title":5346,"path":5347,"stem":5348},"FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F07.fio39-c",{"title":5350,"path":5351,"stem":5352},"FIO40-C. Reset strings on fgets() or fgetws() failure","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F08.fio40-c",{"title":5354,"path":5355,"stem":5356},"FIO41-C. Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F09.fio41-c",{"title":5358,"path":5359,"stem":5360},"FIO42-C. Close files when they are no longer needed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio42-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F10.fio42-c",{"title":5362,"path":5363,"stem":5364},"FIO44-C. Only use values for fsetpos() that are returned from fgetpos()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F11.fio44-c",{"title":5366,"path":5367,"stem":5368},"FIO45-C. Avoid TOCTOU race conditions while accessing files","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio45-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F12.fio45-c",{"title":5370,"path":5371,"stem":5372},"FIO46-C. Do not access a closed file","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio46-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F13.fio46-c",{"title":5374,"path":5375,"stem":5376},"FIO47-C. Use valid format strings","\u002Fsei-cert-c-coding-standard\u002Frules\u002Finput-output-fio\u002Ffio47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F11.input-output-fio\u002F14.fio47-c",{"title":5378,"path":5379,"stem":5380,"children":5381},"Integers (INT)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F1.index",[5382,5383,5387,5391,5395,5399,5403,5407],{"title":5378,"path":5379,"stem":5380},{"title":5384,"path":5385,"stem":5386},"INT30-C. Ensure that unsigned integer operations do not wrap","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F2.int30-c",{"title":5388,"path":5389,"stem":5390},"INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F3.int31-c",{"title":5392,"path":5393,"stem":5394},"INT32-C. Ensure that operations on signed integers do not result in overflow","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F4.int32-c",{"title":5396,"path":5397,"stem":5398},"INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F5.int33-c",{"title":5400,"path":5401,"stem":5402},"INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F6.int34-c",{"title":5404,"path":5405,"stem":5406},"INT35-C. Use correct integer precisions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F7.int35-c",{"title":5408,"path":5409,"stem":5410},"INT36-C. Converting a pointer to integer or integer to pointer","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fintegers-int\u002Fint36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F12.integers-int\u002F8.int36-c",{"title":5412,"path":5413,"stem":5414,"children":5415},"Memory Management (MEM)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F1.index",[5416,5417,5421,5423,5427,5431,5433],{"title":5412,"path":5413,"stem":5414},{"title":5418,"path":5419,"stem":5420},"MEM30-C. Do not access freed memory","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F2.mem30-c",{"title":924,"path":923,"stem":5422},"4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F3.mem31-c",{"title":5424,"path":5425,"stem":5426},"MEM33-C. Allocate and copy structures containing a flexible array member dynamically","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F4.mem33-c",{"title":5428,"path":5429,"stem":5430},"MEM34-C. Only free memory allocated dynamically","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F5.mem34-c",{"title":59,"path":58,"stem":5432},"4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F6.mem35-c",{"title":5434,"path":5435,"stem":5436},"MEM36-C. Do not modify the alignment of objects by calling realloc()","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmemory-management-mem\u002Fmem36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F13.memory-management-mem\u002F7.mem36-c",{"title":5438,"path":5439,"stem":5440,"children":5441},"Microsoft Windows (WIN)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmicrosoft-windows-win","4.sei-cert-c-coding-standard\u002F03.rules\u002F14.microsoft-windows-win\u002F1.index",[5442,5443],{"title":5438,"path":5439,"stem":5440},{"title":5444,"path":5445,"stem":5446},"WIN30-C. Properly pair allocation and deallocation functions","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmicrosoft-windows-win\u002Fwin30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F14.microsoft-windows-win\u002F2.win30-c",{"title":5448,"path":5449,"stem":5450,"children":5451},"Miscellaneous (MSC)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F1.index",[5452,5453,5457,5461,5465,5469,5473,5477,5481],{"title":5448,"path":5449,"stem":5450},{"title":5454,"path":5455,"stem":5456},"MSC30-C. Do not use the rand() function for generating pseudorandom numbers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F2.msc30-c",{"title":5458,"path":5459,"stem":5460},"MSC32-C. Properly seed pseudorandom number generators","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F3.msc32-c",{"title":5462,"path":5463,"stem":5464},"MSC33-C. Do not pass invalid data to the asctime() function","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc33-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F4.msc33-c",{"title":5466,"path":5467,"stem":5468},"MSC37-C. Ensure that control never reaches the end of a non-void function","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F5.msc37-c",{"title":5470,"path":5471,"stem":5472},"MSC38-C. Do not treat a predefined identifier as an object if it might only be implemented as a macro","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F6.msc38-c",{"title":5474,"path":5475,"stem":5476},"MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F7.msc39-c",{"title":5478,"path":5479,"stem":5480},"MSC40-C. Do not violate constraints","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc40-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F8.msc40-c",{"title":5482,"path":5483,"stem":5484},"MSC41-C. Never hard code sensitive information","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fmiscellaneous-msc\u002Fmsc41-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F15.miscellaneous-msc\u002F9.msc41-c",{"title":5486,"path":5487,"stem":5488,"children":5489},"POSIX (POS)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F01.index",[5490,5491,5495,5499,5503,5507,5511,5515,5519,5523,5527,5531,5535,5539,5543,5547,5551],{"title":5486,"path":5487,"stem":5488},{"title":5492,"path":5493,"stem":5494},"POS30-C. Use the readlink() function properly","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F02.pos30-c",{"title":5496,"path":5497,"stem":5498},"POS34-C. Do not call putenv() with a pointer to an automatic variable as the argument","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F03.pos34-c",{"title":5500,"path":5501,"stem":5502},"POS35-C. Avoid race conditions while checking for the existence of a symbolic link","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F04.pos35-c",{"title":5504,"path":5505,"stem":5506},"POS36-C. Observe correct revocation order while relinquishing privileges","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos36-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F05.pos36-c",{"title":5508,"path":5509,"stem":5510},"POS37-C. Ensure that privilege relinquishment is successful","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos37-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F06.pos37-c",{"title":5512,"path":5513,"stem":5514},"POS38-C. Beware of race conditions when using fork and file descriptors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos38-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F07.pos38-c",{"title":5516,"path":5517,"stem":5518},"POS39-C. Use the correct byte ordering when transferring data between systems","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos39-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F08.pos39-c",{"title":5520,"path":5521,"stem":5522},"POS44-C. Do not use signals to terminate threads","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos44-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F09.pos44-c",{"title":5524,"path":5525,"stem":5526},"POS47-C. Do not use threads that can be canceled asynchronously","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos47-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F10.pos47-c",{"title":5528,"path":5529,"stem":5530},"POS48-C. Do not unlock or destroy another POSIX thread's mutex","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos48-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F11.pos48-c",{"title":5532,"path":5533,"stem":5534},"POS49-C. When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos49-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F12.pos49-c",{"title":5536,"path":5537,"stem":5538},"POS50-C. Declare objects shared between POSIX threads with appropriate storage durations","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos50-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F13.pos50-c",{"title":5540,"path":5541,"stem":5542},"POS51-C. Avoid deadlock with POSIX threads by locking in predefined order","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos51-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F14.pos51-c",{"title":5544,"path":5545,"stem":5546},"POS52-C. Do not perform operations that can block while holding a POSIX lock","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos52-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F15.pos52-c",{"title":5548,"path":5549,"stem":5550},"POS53-C. Do not use more than one mutex for concurrent waiting operations on a condition variable","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos53-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F16.pos53-c",{"title":5552,"path":5553,"stem":5554},"POS54-C. Detect and handle POSIX library errors","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fposix-pos\u002Fpos54-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F16.posix-pos\u002F17.pos54-c",{"title":5556,"path":5557,"stem":5558,"children":5559},"Preprocessor (PRE)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F1.index",[5560,5561,5565,5569],{"title":5556,"path":5557,"stem":5558},{"title":5562,"path":5563,"stem":5564},"PRE30-C. Do not create a universal character name through concatenation","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F2.pre30-c",{"title":5566,"path":5567,"stem":5568},"PRE31-C. Avoid side effects in arguments to unsafe macros","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F3.pre31-c",{"title":5570,"path":5571,"stem":5572},"PRE32-C. Do not use preprocessor directives in invocations of function-like macros","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fpreprocessor-pre\u002Fpre32-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F17.preprocessor-pre\u002F4.pre32-c",{"title":5574,"path":5575,"stem":5576,"children":5577},"Signals (SIG)","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F1.index",[5578,5579,5583,5587,5591],{"title":5574,"path":5575,"stem":5576},{"title":5580,"path":5581,"stem":5582},"SIG30-C. Call only asynchronous-safe functions within signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig30-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F2.sig30-c",{"title":5584,"path":5585,"stem":5586},"SIG31-C. Do not access shared objects in signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig31-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F3.sig31-c",{"title":5588,"path":5589,"stem":5590},"SIG34-C. Do not call signal() from within interruptible signal handlers","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig34-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F4.sig34-c",{"title":5592,"path":5593,"stem":5594},"SIG35-C. Do not return from a computational exception signal handler","\u002Fsei-cert-c-coding-standard\u002Frules\u002Fsignals-sig\u002Fsig35-c","4.sei-cert-c-coding-standard\u002F03.rules\u002F18.signals-sig\u002F5.sig35-c",{"title":5596,"path":5597,"stem":5598,"children":5599},"Back Matter","\u002Fsei-cert-c-coding-standard\u002Fback-matter","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F1.index",[5600,5601,5605,5609,5613,5617,5806,5863],{"title":5596,"path":5597,"stem":5598},{"title":5602,"path":5603,"stem":5604},"AA. Bibliography","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Faa-bibliography","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F2.aa-bibliography",{"title":5606,"path":5607,"stem":5608},"BB. Definitions","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fbb-definitions","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F3.bb-definitions",{"title":5610,"path":5611,"stem":5612},"CC. Undefined Behavior","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fcc-undefined-behavior","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F4.cc-undefined-behavior",{"title":5614,"path":5615,"stem":5616},"DD. Unspecified Behavior","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fdd-unspecified-behavior","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F5.dd-unspecified-behavior",{"title":5618,"path":5619,"stem":5620,"children":5621},"EE. Analyzers","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F01.index",[5622,5623,5625,5629,5631,5635,5639,5643,5647,5651,5655,5659,5663,5665,5669,5672,5676,5680,5684,5688,5692,5696,5700,5704,5708,5712,5716,5718,5722,5724,5728,5732,5736,5739,5743,5745,5749,5751,5755,5757,5761,5765,5769,5773,5775,5779,5781,5785,5789,5793,5796,5800,5802],{"title":5618,"path":5619,"stem":5620},{"title":3609,"path":3608,"stem":5624},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F02.astree",{"title":5626,"path":5627,"stem":5628},"Astrée_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fastree_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F03.astree_v",{"title":3655,"path":3654,"stem":5630},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F04.axivion-bauhaus-suite",{"title":5632,"path":5633,"stem":5634},"Axivion Bauhaus Suite_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Faxivion-bauhaus-suite_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F05.axivion-bauhaus-suite_v",{"title":5636,"path":5637,"stem":5638},"Clang","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F06.clang",{"title":5640,"path":5641,"stem":5642},"Clang_38_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_38_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F07.clang_38_v",{"title":5644,"path":5645,"stem":5646},"Clang_39_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_39_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F08.clang_39_v",{"title":5648,"path":5649,"stem":5650},"Clang_40_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_40_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F09.clang_40_v",{"title":5652,"path":5653,"stem":5654},"Clang_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fclang_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F10.clang_v",{"title":5656,"path":5657,"stem":5658},"Codee","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodee","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F11.codee",{"title":5660,"path":5661,"stem":5662},"Codee_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodee_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F12.codee_v",{"title":3683,"path":3682,"stem":5664},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F13.codesonar",{"title":5666,"path":5667,"stem":5668},"CodeSonar_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcodesonar_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F14.codesonar_v",{"title":3766,"path":5670,"stem":5671},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcoverity","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F15.coverity",{"title":5673,"path":5674,"stem":5675},"Coverity_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcoverity_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F16.coverity_v",{"title":5677,"path":5678,"stem":5679},"Cppcheck","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F17.cppcheck",{"title":5681,"path":5682,"stem":5683},"Cppcheck Premium","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck-premium","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F18.cppcheck-premium",{"title":5685,"path":5686,"stem":5687},"Cppcheck Premium_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck-premium_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F19.cppcheck-premium_v",{"title":5689,"path":5690,"stem":5691},"Cppcheck_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fcppcheck_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F20.cppcheck_v",{"title":5693,"path":5694,"stem":5695},"ECLAIR","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Feclair","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F21.eclair",{"title":5697,"path":5698,"stem":5699},"ECLAIR_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Feclair_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F22.eclair_v",{"title":5701,"path":5702,"stem":5703},"EDG","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fedg","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F23.edg",{"title":5705,"path":5706,"stem":5707},"EDG_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fedg_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F24.edg_v",{"title":5709,"path":5710,"stem":5711},"GCC","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fgcc","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F25.gcc",{"title":5713,"path":5714,"stem":5715},"GCC_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fgcc_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F26.gcc_v",{"title":3836,"path":3835,"stem":5717},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F27.helix-qac",{"title":5719,"path":5720,"stem":5721},"Helix QAC_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fhelix-qac_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F28.helix-qac_v",{"title":3876,"path":3875,"stem":5723},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F29.klocwork",{"title":5725,"path":5726,"stem":5727},"Klocwork_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fklocwork_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F30.klocwork_v",{"title":5729,"path":5730,"stem":5731},"LDRA","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fldra","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F31.ldra",{"title":5733,"path":5734,"stem":5735},"LDRA_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fldra_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F32.ldra_v",{"title":5737,"path":3938,"stem":5738},"Parasoft","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F33.parasoft",{"title":5740,"path":5741,"stem":5742},"Parasoft_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fparasoft_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F34.parasoft_v",{"title":3994,"path":3993,"stem":5744},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F35.pc-lint-plus",{"title":5746,"path":5747,"stem":5748},"PC-lint Plus_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpc-lint-plus_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F36.pc-lint-plus_v",{"title":4023,"path":4022,"stem":5750},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F37.polyspace-bug-finder",{"title":5752,"path":5753,"stem":5754},"Polyspace Bug Finder_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpolyspace-bug-finder_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F38.polyspace-bug-finder_v",{"title":4075,"path":4074,"stem":5756},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F39.pvs-studio",{"title":5758,"path":5759,"stem":5760},"PVS-Studio_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fpvs-studio_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F40.pvs-studio_v",{"title":5762,"path":5763,"stem":5764},"Rose","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frose","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F41.rose",{"title":5766,"path":5767,"stem":5768},"Rose_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frose_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F42.rose_v",{"title":5770,"path":5771,"stem":5772},"Rosecheckers Code","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frosecheckers-code","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F43.rosecheckers-code",{"title":4123,"path":4122,"stem":5774},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F44.rulechecker",{"title":5776,"path":5777,"stem":5778},"RuleChecker_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Frulechecker_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F45.rulechecker_v",{"title":4158,"path":4157,"stem":5780},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F46.security-reviewer-static-reviewer",{"title":5782,"path":5783,"stem":5784},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsecurity-reviewer-static-reviewer_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F47.security-reviewer-static-reviewer_v",{"title":5786,"path":5787,"stem":5788},"SonarQube C\u002FC++ Plugin","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsonarqube-ccpp-plugin","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F48.sonarqube-ccpp-plugin",{"title":5790,"path":5791,"stem":5792},"SonarQube C\u002FC++ Plugin_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsonarqube-ccpp-plugin_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F49.sonarqube-ccpp-plugin_v",{"title":4200,"path":5794,"stem":5795},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsplint","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F50.splint",{"title":5797,"path":5798,"stem":5799},"Splint_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Fsplint_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F51.splint_v",{"title":4229,"path":4228,"stem":5801},"4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F52.trustinsoft-analyzer",{"title":5803,"path":5804,"stem":5805},"TrustInSoft Analyzer_V","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fee-analyzers\u002Ftrustinsoft-analyzer_v","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F6.ee-analyzers\u002F53.trustinsoft-analyzer_v",{"title":5807,"path":5808,"stem":5809,"children":5810},"FF. Related Guidelines","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F01.index",[5811,5812,5816,5820,5824,5828,5832,5836,5840,5844,5847,5851,5855,5859],{"title":5807,"path":5808,"stem":5809},{"title":5813,"path":5814,"stem":5815},"2003","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F02.2003","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F02.2003",{"title":5817,"path":5818,"stem":5819},"2006","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F03.2006","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F03.2006",{"title":5821,"path":5822,"stem":5823},"2007","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F04.2007","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F04.2007",{"title":5825,"path":5826,"stem":5827},"2008","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F05.2008","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F05.2008",{"title":5829,"path":5830,"stem":5831},"2010","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F06.2010","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F06.2010",{"title":5833,"path":5834,"stem":5835},"2011","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F07.2011","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F07.2011",{"title":5837,"path":5838,"stem":5839},"2012","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F08.2012","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F08.2012",{"title":5841,"path":5842,"stem":5843},"2013","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F09.2013","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F09.2013",{"title":5841,"path":5845,"stem":5846},"\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002F10.2013","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F10.2013",{"title":5848,"path":5849,"stem":5850},"MITRE CWE","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F11.mitre-cwe",{"title":5852,"path":5853,"stem":5854},"MITRE CWE 2.11","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-211","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F12.mitre-cwe-211",{"title":5856,"path":5857,"stem":5858},"MITRE CWE 3.1","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-31","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F13.mitre-cwe-31",{"title":5860,"path":5861,"stem":5862},"MITRE CWE 3.11","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fff-related-guidelines\u002Fmitre-cwe-311","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F7.ff-related-guidelines\u002F14.mitre-cwe-311",{"title":5864,"path":5865,"stem":5866},"GG. Risk Assessments","\u002Fsei-cert-c-coding-standard\u002Fback-matter\u002Fgg-risk-assessments","4.sei-cert-c-coding-standard\u002F04.back-matter\u002F8.gg-risk-assessments",{"title":5868,"path":5869,"stem":5870,"children":5871},"Admin","\u002Fsei-cert-c-coding-standard\u002Fadmin","4.sei-cert-c-coding-standard\u002F05.admin\u002F1.index",[5872,5873,5877],{"title":5868,"path":5869,"stem":5870},{"title":5874,"path":5875,"stem":5876},"TODO List","\u002Fsei-cert-c-coding-standard\u002Fadmin\u002Ftodo-list","4.sei-cert-c-coding-standard\u002F05.admin\u002F2.todo-list",{"title":5878,"path":5879,"stem":5880},"Undefined and implementation-defined behaviors not deemed ruleworthy","\u002Fsei-cert-c-coding-standard\u002Fadmin\u002Fundefined-and-implementation-defined-behaviors-not-deemed-ruleworthy","4.sei-cert-c-coding-standard\u002F05.admin\u002F3.undefined-and-implementation-defined-behaviors-not-deemed-ruleworthy",{"title":5882,"path":5883,"stem":5884},"Coding Style Guidelines","\u002Fsei-cert-c-coding-standard\u002Fcoding-style-guidelines","4.sei-cert-c-coding-standard\u002F05.coding-style-guidelines",{"title":5886,"path":5887,"stem":5888},"Errata for SEI CERT C Coding Standard (2016 Edition)","\u002Fsei-cert-c-coding-standard\u002Ferrata-for-sei-cert-c-coding-standard-2016-edition","4.sei-cert-c-coding-standard\u002F06.errata-for-sei-cert-c-coding-standard-2016-edition",{"title":5890,"path":5891,"stem":5892},"Wiki Contents","\u002Fsei-cert-c-coding-standard\u002Fwiki-contents","4.sei-cert-c-coding-standard\u002F06.wiki-contents",{"title":5894,"path":5895,"stem":5896,"children":5897},"Recommendations","\u002Fsei-cert-c-coding-standard\u002Frecommendations","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F01.index",[5898,5899,5940,5957,6000,6041,6138,6155,6186,6255,6292,6377,6442,6489,6514,6605,6626,6683],{"title":5894,"path":5895,"stem":5896},{"title":5031,"path":5900,"stem":5901,"children":5902},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F01.index",[5903,5904,5908,5912,5916,5920,5924,5928,5932,5936],{"title":5031,"path":5900,"stem":5901},{"title":5905,"path":5906,"stem":5907},"API00-C. Functions should validate their parameters","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F02.api00-c",{"title":5909,"path":5910,"stem":5911},"API01-C. Avoid laying out strings in memory directly before sensitive data","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F03.api01-c",{"title":5913,"path":5914,"stem":5915},"API02-C. Functions that read or write to or from an array should take an argument to specify the source or target size","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F04.api02-c",{"title":5917,"path":5918,"stem":5919},"API03-C. Create consistent interfaces and capabilities across related functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F05.api03-c",{"title":5921,"path":5922,"stem":5923},"API04-C. Provide a consistent and usable error-checking mechanism","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F06.api04-c",{"title":5925,"path":5926,"stem":5927},"API05-C. Use conformant array parameters","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F07.api05-c",{"title":5929,"path":5930,"stem":5931},"API07-C. Enforce type safety","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F08.api07-c",{"title":5933,"path":5934,"stem":5935},"API09-C. Compatible values should have the same type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F09.api09-c",{"title":5937,"path":5938,"stem":5939},"API10-C. APIs should have security options enabled by default","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fapplication-programming-interfaces-api\u002Fapi10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F02.application-programming-interfaces-api\u002F10.api10-c",{"title":5035,"path":5941,"stem":5942,"children":5943},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F1.index",[5944,5945,5949,5953],{"title":5035,"path":5941,"stem":5942},{"title":5946,"path":5947,"stem":5948},"ARR00-C. Understand how arrays work","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F2.arr00-c",{"title":5950,"path":5951,"stem":5952},"ARR01-C. Do not apply the sizeof operator to a pointer when taking the size of an array","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F3.arr01-c",{"title":5954,"path":5955,"stem":5956},"ARR02-C. Explicitly specify array bounds, even if implicitly defined by an initializer","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Farrays-arr\u002Farr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F03.arrays-arr\u002F4.arr02-c",{"title":5061,"path":5958,"stem":5959,"children":5960},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F01.index",[5961,5962,5966,5970,5974,5976,5980,5984,5988,5992,5996],{"title":5061,"path":5958,"stem":5959},{"title":5963,"path":5964,"stem":5965},"STR00-C. Represent characters using an appropriate type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F02.str00-c",{"title":5967,"path":5968,"stem":5969},"STR01-C. Adopt and implement a consistent plan for managing strings","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F03.str01-c",{"title":5971,"path":5972,"stem":5973},"STR02-C. Sanitize data passed to complex subsystems","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F04.str02-c",{"title":51,"path":50,"stem":5975},"4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F05.str03-c",{"title":5977,"path":5978,"stem":5979},"STR04-C. Use plain char for characters in the basic character set","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F06.str04-c",{"title":5981,"path":5982,"stem":5983},"STR05-C. Use pointers to const when referring to string literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F07.str05-c",{"title":5985,"path":5986,"stem":5987},"STR06-C. Do not assume that strtok() leaves the parse string unchanged","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F08.str06-c",{"title":5989,"path":5990,"stem":5991},"STR09-C. Don't assume numeric values for expressions with type plain character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F09.str09-c",{"title":5993,"path":5994,"stem":5995},"STR10-C. Do not concatenate different type of string literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F10.str10-c",{"title":5997,"path":5998,"stem":5999},"STR11-C. Do not specify the bound of a character array initialized with a string literal","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F04.characters-and-strings-str\u002F11.str11-c",{"title":5082,"path":6001,"stem":6002,"children":6003},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F01.index",[6004,6005,6009,6013,6017,6021,6025,6029,6033,6037],{"title":5082,"path":6001,"stem":6002},{"title":6006,"path":6007,"stem":6008},"CON01-C. Acquire and release synchronization primitives in the same module, at the same level of abstraction","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F02.con01-c",{"title":6010,"path":6011,"stem":6012},"CON02-C. Do not use volatile as a synchronization primitive","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F03.con02-c",{"title":6014,"path":6015,"stem":6016},"CON03-C. Ensure visibility when accessing shared variables","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F04.con03-c",{"title":6018,"path":6019,"stem":6020},"CON04-C. Join or detach threads even if their exit status is unimportant","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F05.con04-c",{"title":6022,"path":6023,"stem":6024},"CON05-C. Do not perform operations that can block while holding a lock","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F06.con05-c",{"title":6026,"path":6027,"stem":6028},"CON06-C. Ensure that every mutex outlives the data it protects","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F07.con06-c",{"title":6030,"path":6031,"stem":6032},"CON07-C. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F08.con07-c",{"title":6034,"path":6035,"stem":6036},"CON08-C. Do not assume that a group of calls to independently atomic methods is atomic","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F09.con08-c",{"title":6038,"path":6039,"stem":6040},"CON09-C. Avoid the ABA problem when using lock-free algorithms","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fconcurrency-con\u002Fcon09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F05.concurrency-con\u002F10.con09-c",{"title":5144,"path":6042,"stem":6043,"children":6044},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F01.index",[6045,6046,6050,6054,6058,6062,6066,6070,6074,6078,6082,6086,6090,6094,6098,6102,6106,6110,6114,6118,6122,6126,6130,6134],{"title":5144,"path":6042,"stem":6043},{"title":6047,"path":6048,"stem":6049},"DCL00-C. Const-qualify immutable objects","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F02.dcl00-c",{"title":6051,"path":6052,"stem":6053},"DCL01-C. Do not reuse variable names in subscopes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F03.dcl01-c",{"title":6055,"path":6056,"stem":6057},"DCL02-C. Use visually distinct identifiers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F04.dcl02-c",{"title":6059,"path":6060,"stem":6061},"DCL03-C. Use a static assertion to test the value of a constant expression","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F05.dcl03-c",{"title":6063,"path":6064,"stem":6065},"DCL04-C. Do not declare more than one variable per declaration","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F06.dcl04-c",{"title":6067,"path":6068,"stem":6069},"DCL05-C. Use typedefs of non-pointer types only","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F07.dcl05-c",{"title":6071,"path":6072,"stem":6073},"DCL06-C. Use meaningful symbolic constants to represent literal values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F08.dcl06-c",{"title":6075,"path":6076,"stem":6077},"DCL07-C. Include the appropriate type information in function declarators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F09.dcl07-c",{"title":6079,"path":6080,"stem":6081},"DCL08-C. Properly encode relationships in constant definitions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F10.dcl08-c",{"title":6083,"path":6084,"stem":6085},"DCL09-C. Declare functions that return errno with a return type of errno_t","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F11.dcl09-c",{"title":6087,"path":6088,"stem":6089},"DCL10-C. Maintain the contract between the writer and caller of variadic functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F12.dcl10-c",{"title":6091,"path":6092,"stem":6093},"DCL11-C. Understand the type issues associated with variadic functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F13.dcl11-c",{"title":6095,"path":6096,"stem":6097},"DCL12-C. Implement abstract data types using opaque types","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F14.dcl12-c",{"title":6099,"path":6100,"stem":6101},"DCL13-C. Declare function parameters that are pointers to values not changed by the function as const","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F15.dcl13-c",{"title":6103,"path":6104,"stem":6105},"DCL15-C. Declare file-scope objects or functions that do not need external linkage as static","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F16.dcl15-c",{"title":6107,"path":6108,"stem":6109},"DCL16-C. Use \"L,\" not \"l,\" to indicate a long value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F17.dcl16-c",{"title":6111,"path":6112,"stem":6113},"DCL17-C. Beware of miscompiled volatile-qualified variables","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F18.dcl17-c",{"title":6115,"path":6116,"stem":6117},"DCL18-C. Do not begin integer constants with 0 when specifying a decimal value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F19.dcl18-c",{"title":6119,"path":6120,"stem":6121},"DCL19-C. Minimize the scope of variables and functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F20.dcl19-c",{"title":6123,"path":6124,"stem":6125},"DCL20-C. Explicitly specify void when a function accepts no arguments","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F21.dcl20-c",{"title":6127,"path":6128,"stem":6129},"DCL21-C. Understand the storage of compound literals","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F22.dcl21-c",{"title":6131,"path":6132,"stem":6133},"DCL22-C. Use volatile for data that cannot be cached","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F23.dcl22-c",{"title":6135,"path":6136,"stem":6137},"DCL23-C. Guarantee that mutually visible identifiers are unique","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F06.declarations-and-initialization-dcl\u002F24.dcl23-c",{"title":5182,"path":6139,"stem":6140,"children":6141},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F1.index",[6142,6143,6147,6151],{"title":5182,"path":6139,"stem":6140},{"title":6144,"path":6145,"stem":6146},"ENV01-C. Do not make assumptions about the size of an environment variable","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F2.env01-c",{"title":6148,"path":6149,"stem":6150},"ENV02-C. Beware of multiple environment variables with the same effective name","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F3.env02-c",{"title":6152,"path":6153,"stem":6154},"ENV03-C. Sanitize the environment when invoking external programs","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fenvironment-env\u002Fenv03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F07.environment-env\u002F4.env03-c",{"title":5208,"path":6156,"stem":6157,"children":6158},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F1.index",[6159,6160,6164,6168,6170,6174,6178,6182],{"title":5208,"path":6156,"stem":6157},{"title":6161,"path":6162,"stem":6163},"ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F2.err00-c",{"title":6165,"path":6166,"stem":6167},"ERR01-C. Use ferror() rather than errno to check for FILE stream errors","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F3.err01-c",{"title":1262,"path":1261,"stem":6169},"4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F4.err02-c",{"title":6171,"path":6172,"stem":6173},"ERR04-C. Choose an appropriate termination strategy","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F5.err04-c",{"title":6175,"path":6176,"stem":6177},"ERR05-C. Application-independent code should provide error detection without dictating error handling","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F6.err05-c",{"title":6179,"path":6180,"stem":6181},"ERR06-C. Understand the termination behavior of assert() and abort()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F7.err06-c",{"title":6183,"path":6184,"stem":6185},"ERR07-C. Prefer functions that support error checking over equivalent functions that don't","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ferror-handling-err\u002Ferr07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F08.error-handling-err\u002F8.err07-c",{"title":5230,"path":6187,"stem":6188,"children":6189},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F01.index",[6190,6191,6195,6199,6203,6207,6211,6215,6219,6223,6227,6231,6235,6239,6243,6247,6251],{"title":5230,"path":6187,"stem":6188},{"title":6192,"path":6193,"stem":6194},"EXP00-C. Use parentheses for precedence of operation","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F02.exp00-c",{"title":6196,"path":6197,"stem":6198},"EXP02-C. Be aware of the short-circuit behavior of the logical AND and OR operators","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F03.exp02-c",{"title":6200,"path":6201,"stem":6202},"EXP03-C. Do not assume the size of a structure is the sum of the sizes of its members","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F04.exp03-c",{"title":6204,"path":6205,"stem":6206},"EXP05-C. Do not cast away a const qualification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F05.exp05-c",{"title":6208,"path":6209,"stem":6210},"EXP07-C. Do not diminish the benefits of constants by assuming their values in expressions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F06.exp07-c",{"title":6212,"path":6213,"stem":6214},"EXP08-C. Ensure pointer arithmetic is used correctly","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F07.exp08-c",{"title":6216,"path":6217,"stem":6218},"EXP09-C. Use sizeof to determine the size of a type or variable","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F08.exp09-c",{"title":6220,"path":6221,"stem":6222},"EXP10-C. Do not depend on the order of evaluation of subexpressions or the order in which side effects take place","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F09.exp10-c",{"title":6224,"path":6225,"stem":6226},"EXP11-C. Do not make assumptions regarding the layout of structures with bit-fields","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F10.exp11-c",{"title":6228,"path":6229,"stem":6230},"EXP12-C. Do not ignore values returned by functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F11.exp12-c",{"title":6232,"path":6233,"stem":6234},"EXP13-C. Treat relational and equality operators as if they were nonassociative","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F12.exp13-c",{"title":6236,"path":6237,"stem":6238},"EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F13.exp14-c",{"title":6240,"path":6241,"stem":6242},"EXP15-C. Do not place a semicolon on the same line as an if, for, or while statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F14.exp15-c",{"title":6244,"path":6245,"stem":6246},"EXP16-C. Do not compare function pointers to constant values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F15.exp16-c",{"title":6248,"path":6249,"stem":6250},"EXP19-C. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F16.exp19-c",{"title":6252,"path":6253,"stem":6254},"EXP20-C. Perform explicit tests to determine success, true and false, and equality","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fexpressions-exp\u002Fexp20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F09.expressions-exp\u002F17.exp20-c",{"title":5296,"path":6256,"stem":6257,"children":6258},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F1.index",[6259,6260,6264,6268,6272,6276,6280,6284,6288],{"title":5296,"path":6256,"stem":6257},{"title":6261,"path":6262,"stem":6263},"FLP00-C. Understand the limitations of floating-point numbers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F2.flp00-c",{"title":6265,"path":6266,"stem":6267},"FLP01-C. Take care in rearranging floating-point expressions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F3.flp01-c",{"title":6269,"path":6270,"stem":6271},"FLP02-C. Avoid using floating-point numbers when precise computation is needed","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F4.flp02-c",{"title":6273,"path":6274,"stem":6275},"FLP03-C. Detect and handle floating-point errors","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F5.flp03-c",{"title":6277,"path":6278,"stem":6279},"FLP04-C. Check floating-point inputs for exceptional values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F6.flp04-c",{"title":6281,"path":6282,"stem":6283},"FLP05-C. Do not use denormalized numbers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F7.flp05-c",{"title":6285,"path":6286,"stem":6287},"FLP06-C. Convert integers to floating point for floating-point operations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F8.flp06-c",{"title":6289,"path":6290,"stem":6291},"FLP07-C. Cast the return value of a function that returns a floating-point type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Ffloating-point-flp\u002Fflp07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F10.floating-point-flp\u002F9.flp07-c",{"title":5322,"path":6293,"stem":6294,"children":6295},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F01.index",[6296,6297,6301,6305,6309,6313,6317,6321,6325,6329,6333,6337,6341,6345,6349,6353,6357,6361,6365,6369,6373],{"title":5322,"path":6293,"stem":6294},{"title":6298,"path":6299,"stem":6300},"FIO01-C. Be careful using functions that use file names for identification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F02.fio01-c",{"title":6302,"path":6303,"stem":6304},"FIO02-C. Canonicalize path names originating from tainted sources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F03.fio02-c",{"title":6306,"path":6307,"stem":6308},"FIO03-C. Do not make assumptions about fopen() and file creation","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F04.fio03-c",{"title":6310,"path":6311,"stem":6312},"FIO05-C. Identify files using multiple file attributes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F05.fio05-c",{"title":6314,"path":6315,"stem":6316},"FIO06-C. Create files with appropriate access permissions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F06.fio06-c",{"title":6318,"path":6319,"stem":6320},"FIO08-C. Take care when calling remove() on an open file","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F07.fio08-c",{"title":6322,"path":6323,"stem":6324},"FIO09-C. Be careful with binary data when transferring data across systems","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F08.fio09-c",{"title":6326,"path":6327,"stem":6328},"FIO10-C. Take care when using the rename() function","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F09.fio10-c",{"title":6330,"path":6331,"stem":6332},"FIO11-C. Take care when specifying the mode parameter of fopen()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F10.fio11-c",{"title":6334,"path":6335,"stem":6336},"FIO13-C. Never push back anything other than one read character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F11.fio13-c",{"title":6338,"path":6339,"stem":6340},"FIO14-C. Understand the difference between text mode and binary mode with file streams","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F12.fio14-c",{"title":6342,"path":6343,"stem":6344},"FIO15-C. Ensure that file operations are performed in a secure directory","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F13.fio15-c",{"title":6346,"path":6347,"stem":6348},"FIO17-C. Do not rely on an ending null character when using fread()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F14.fio17-c",{"title":6350,"path":6351,"stem":6352},"FIO18-C. Never expect fwrite() to terminate the writing process at a null character","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F15.fio18-c",{"title":6354,"path":6355,"stem":6356},"FIO19-C. Do not use fseek() and ftell() to compute the size of a regular file","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F16.fio19-c",{"title":6358,"path":6359,"stem":6360},"FIO20-C. Avoid unintentional truncation when using fgets() or fgetws()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F17.fio20-c",{"title":6362,"path":6363,"stem":6364},"FIO21-C. Do not create temporary files in shared directories","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F18.fio21-c",{"title":6366,"path":6367,"stem":6368},"FIO22-C. Close files before spawning processes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F19.fio22-c",{"title":6370,"path":6371,"stem":6372},"FIO23-C. Do not exit with unflushed data in stdout or stderr","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F20.fio23-c",{"title":6374,"path":6375,"stem":6376},"FIO24-C. Do not open a file that is already open","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Finput-output-fio\u002Ffio24-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F11.input-output-fio\u002F21.fio24-c",{"title":5378,"path":6378,"stem":6379,"children":6380},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F01.index",[6381,6382,6386,6390,6394,6398,6402,6406,6410,6414,6418,6422,6426,6430,6434,6438],{"title":5378,"path":6378,"stem":6379},{"title":6383,"path":6384,"stem":6385},"INT00-C. Understand the data model used by your implementation(s)","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F02.int00-c",{"title":6387,"path":6388,"stem":6389},"INT01-C. Use size_t or rsize_t for all integer values representing the size of an object","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F03.int01-c",{"title":6391,"path":6392,"stem":6393},"INT04-C. Enforce limits on integer values originating from tainted sources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F05.int04-c",{"title":6395,"path":6396,"stem":6397},"INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F06.int05-c",{"title":6399,"path":6400,"stem":6401},"INT07-C. Use only explicitly signed or unsigned char type for numeric values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F07.int07-c",{"title":6403,"path":6404,"stem":6405},"INT08-C. Verify that all integer values are in range","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F08.int08-c",{"title":6407,"path":6408,"stem":6409},"INT09-C. Ensure enumeration constants map to unique values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F09.int09-c",{"title":6411,"path":6412,"stem":6413},"INT10-C. Do not assume a positive remainder when using the % operator","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F10.int10-c",{"title":6415,"path":6416,"stem":6417},"INT12-C. Do not make assumptions about the type of a plain int bit-field when used in an expression","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F11.int12-c",{"title":6419,"path":6420,"stem":6421},"INT13-C. Use bitwise operators only on unsigned operands","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F12.int13-c",{"title":6423,"path":6424,"stem":6425},"INT14-C. Avoid performing bitwise and arithmetic operations on the same data","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F13.int14-c",{"title":6427,"path":6428,"stem":6429},"INT15-C. Use intmax_t or uintmax_t for formatted IO on programmer-defined integer types","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F14.int15-c",{"title":6431,"path":6432,"stem":6433},"INT16-C. Do not make assumptions about representation of signed integers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint16-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F15.int16-c",{"title":6435,"path":6436,"stem":6437},"INT17-C. Define integer constants in an implementation-independent manner","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F16.int17-c",{"title":6439,"path":6440,"stem":6441},"INT18-C. Evaluate integer expressions in a larger size before comparing or assigning to that size","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fintegers-int\u002Fint18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F12.integers-int\u002F17.int18-c",{"title":5412,"path":6443,"stem":6444,"children":6445},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F01.index",[6446,6447,6449,6453,6457,6461,6465,6469,6473,6477,6481,6485],{"title":5412,"path":6443,"stem":6444},{"title":4384,"path":4383,"stem":6448},"4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F02.mem00-c",{"title":6450,"path":6451,"stem":6452},"MEM01-C. Store a new value in pointers immediately after free()","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F03.mem01-c",{"title":6454,"path":6455,"stem":6456},"MEM02-C. Immediately cast the result of a memory allocation function call into a pointer to the allocated type","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F04.mem02-c",{"title":6458,"path":6459,"stem":6460},"MEM03-C. Clear sensitive information stored in reusable resources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F05.mem03-c",{"title":6462,"path":6463,"stem":6464},"MEM04-C. Beware of zero-length allocations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F06.mem04-c",{"title":6466,"path":6467,"stem":6468},"MEM05-C. Avoid large stack allocations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F07.mem05-c",{"title":6470,"path":6471,"stem":6472},"MEM06-C. Ensure that sensitive data is not written out to disk","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F08.mem06-c",{"title":6474,"path":6475,"stem":6476},"MEM07-C. Ensure that the arguments to calloc(), when multiplied, do not wrap","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F09.mem07-c",{"title":6478,"path":6479,"stem":6480},"MEM10-C. Define and use a pointer validation function","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F10.mem10-c",{"title":6482,"path":6483,"stem":6484},"MEM11-C. Do not assume infinite heap space","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F11.mem11-c",{"title":6486,"path":6487,"stem":6488},"MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmemory-management-mem\u002Fmem12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F13.memory-management-mem\u002F12.mem12-c",{"title":5438,"path":6490,"stem":6491,"children":6492},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F1.index",[6493,6494,6498,6502,6506,6510],{"title":5438,"path":6490,"stem":6491},{"title":6495,"path":6496,"stem":6497},"WIN00-C. Be specific when dynamically loading libraries","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F2.win00-c",{"title":6499,"path":6500,"stem":6501},"WIN01-C. Do not forcibly terminate execution","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F3.win01-c",{"title":6503,"path":6504,"stem":6505},"WIN02-C. Restrict privileges when spawning child processes","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F4.win02-c",{"title":6507,"path":6508,"stem":6509},"WIN03-C. Understand HANDLE inheritance","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin03-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F5.win03-c",{"title":6511,"path":6512,"stem":6513},"WIN04-C. Consider encrypting function pointers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmicrosoft-windows-win\u002Fwin04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F14.microsoft-windows-win\u002F6.win04-c",{"title":5448,"path":6515,"stem":6516,"children":6517},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F01.index",[6518,6519,6523,6527,6531,6535,6539,6543,6547,6551,6555,6559,6563,6567,6571,6575,6579,6583,6587,6591,6595,6597,6601],{"title":5448,"path":6515,"stem":6516},{"title":6520,"path":6521,"stem":6522},"MSC00-C. Compile cleanly at high warning levels","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F02.msc00-c",{"title":6524,"path":6525,"stem":6526},"MSC01-C. Strive for logical completeness","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F03.msc01-c",{"title":6528,"path":6529,"stem":6530},"MSC04-C. Use comments consistently and in a readable fashion","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F04.msc04-c",{"title":6532,"path":6533,"stem":6534},"MSC05-C. Do not manipulate time_t typed values directly","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F05.msc05-c",{"title":6536,"path":6537,"stem":6538},"MSC06-C. Beware of compiler optimizations","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F06.msc06-c",{"title":6540,"path":6541,"stem":6542},"MSC07-C. Detect and remove dead code","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F07.msc07-c",{"title":6544,"path":6545,"stem":6546},"UTF8-related issues","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Futf8-related-issues","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F08.utf8-related-issues",{"title":6548,"path":6549,"stem":6550},"MSC11-C. Incorporate diagnostic tests using assertions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F09.msc11-c",{"title":6552,"path":6553,"stem":6554},"MSC12-C. Detect and remove code that has no effect or is never executed","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F10.msc12-c",{"title":6556,"path":6557,"stem":6558},"MSC13-C. Detect and remove unused values","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F11.msc13-c",{"title":6560,"path":6561,"stem":6562},"MSC14-C. Do not introduce unnecessary platform dependencies","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc14-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F12.msc14-c",{"title":6564,"path":6565,"stem":6566},"MSC15-C. Do not depend on undefined behavior","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc15-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F13.msc15-c",{"title":6568,"path":6569,"stem":6570},"MSC17-C. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc17-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F14.msc17-c",{"title":6572,"path":6573,"stem":6574},"MSC18-C. Be careful while handling sensitive data, such as passwords, in program code","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc18-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F15.msc18-c",{"title":6576,"path":6577,"stem":6578},"MSC19-C. For functions that return an array, prefer returning an empty array over a null value","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc19-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F16.msc19-c",{"title":6580,"path":6581,"stem":6582},"MSC20-C. Do not use a switch statement to transfer control into a complex block","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc20-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F17.msc20-c",{"title":6584,"path":6585,"stem":6586},"MSC21-C. Use robust loop termination conditions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc21-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F18.msc21-c",{"title":6588,"path":6589,"stem":6590},"MSC22-C. Use the setjmp(), longjmp() facility securely","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc22-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F19.msc22-c",{"title":6592,"path":6593,"stem":6594},"MSC23-C. Beware of vendor-specific library and language differences","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc23-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F20.msc23-c",{"title":556,"path":555,"stem":6596},"4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F21.msc24-c",{"title":6598,"path":6599,"stem":6600},"MSC25-C. Do not use insecure or weak cryptographic algorithms","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc25-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F22.msc25-c",{"title":6602,"path":6603,"stem":6604},"Use subset of ASCII for safety","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fmiscellaneous-msc\u002Fuse-subset-of-ascii-for-safety","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F15.miscellaneous-msc\u002F23.use-subset-of-ascii-for-safety",{"title":5486,"path":6606,"stem":6607,"children":6608},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F1.index",[6609,6610,6614,6618,6622],{"title":5486,"path":6606,"stem":6607},{"title":6611,"path":6612,"stem":6613},"POS01-C. Check for the existence of links when dealing with files","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F2.pos01-c",{"title":6615,"path":6616,"stem":6617},"POS02-C. Follow the principle of least privilege","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F3.pos02-c",{"title":6619,"path":6620,"stem":6621},"POS04-C. Avoid using PTHREAD_MUTEX_NORMAL type mutex locks","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F4.pos04-c",{"title":6623,"path":6624,"stem":6625},"POS05-C. Limit access to files by creating a jail","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fposix-pos\u002Fpos05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F16.posix-pos\u002F5.pos05-c",{"title":5556,"path":6627,"stem":6628,"children":6629},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F01.index",[6630,6631,6635,6639,6643,6647,6651,6655,6659,6663,6667,6671,6675,6679],{"title":5556,"path":6627,"stem":6628},{"title":6632,"path":6633,"stem":6634},"PRE00-C. Prefer inline or static functions to function-like macros","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F02.pre00-c",{"title":6636,"path":6637,"stem":6638},"PRE01-C. Use parentheses within macros around parameter names","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F03.pre01-c",{"title":6640,"path":6641,"stem":6642},"PRE02-C. Macro replacement lists should be parenthesized","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F04.pre02-c",{"title":6644,"path":6645,"stem":6646},"PRE04-C. Do not reuse a standard header file name","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre04-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F05.pre04-c",{"title":6648,"path":6649,"stem":6650},"PRE05-C. Understand macro replacement when concatenating tokens or performing stringification","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre05-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F06.pre05-c",{"title":6652,"path":6653,"stem":6654},"PRE06-C. Enclose header files in an include guard","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre06-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F07.pre06-c",{"title":6656,"path":6657,"stem":6658},"PRE07-C. Avoid using repeated question marks","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre07-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F08.pre07-c",{"title":6660,"path":6661,"stem":6662},"PRE08-C. Guarantee that header file names are unique","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre08-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F09.pre08-c",{"title":6664,"path":6665,"stem":6666},"PRE09-C. Do not replace secure functions with deprecated or obsolescent functions","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre09-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F10.pre09-c",{"title":6668,"path":6669,"stem":6670},"PRE10-C. Wrap multistatement macros in a do-while loop","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre10-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F11.pre10-c",{"title":6672,"path":6673,"stem":6674},"PRE11-C. Do not conclude macro definitions with a semicolon","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre11-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F12.pre11-c",{"title":6676,"path":6677,"stem":6678},"PRE12-C. Do not define unsafe macros","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre12-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F13.pre12-c",{"title":6680,"path":6681,"stem":6682},"PRE13-C. Use the Standard predefined macros to test for versions and features.","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fpreprocessor-pre\u002Fpre13-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F17.preprocessor-pre\u002F14.pre13-c",{"title":5574,"path":6684,"stem":6685,"children":6686},"\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F1.index",[6687,6688,6692,6696],{"title":5574,"path":6684,"stem":6685},{"title":6689,"path":6690,"stem":6691},"SIG00-C. Mask signals handled by noninterruptible signal handlers","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig00-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F2.sig00-c",{"title":6693,"path":6694,"stem":6695},"SIG01-C. Understand implementation-specific details regarding signal handler persistence","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig01-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F3.sig01-c",{"title":6697,"path":6698,"stem":6699},"SIG02-C. Avoid using signals to implement normal functionality","\u002Fsei-cert-c-coding-standard\u002Frecommendations\u002Fsignals-sig\u002Fsig02-c","4.sei-cert-c-coding-standard\u002F08.recommendations\u002F18.signals-sig\u002F4.sig02-c",{"title":6701,"path":6702,"stem":6703},"CERT manifest files","\u002Fsei-cert-c-coding-standard\u002Fcert-manifest-files","4.sei-cert-c-coding-standard\u002F09.cert-manifest-files",1775657798712]