CERT C and C++ checker reference
List of community C and C++ checkers that map to the secure coding standard defined by the computer emergency response team (CERT).
Checker name | Description | Default severity | Enabled by default? | Version |
---|---|---|---|---|
CERT.ALIGNOF | Use of '__alignof__' is a language extension | 4 | False | 2024.3 |
CERT.ANONYMOUS.STRUCT | Definition of an anonymous struct object is a language extension | 4 | False | 2024.3 |
CERT.ANONYMOUS.UNION | Definition of an anonymous union object is a language extension | 4 | False | 2024.3 |
CERT.ARRAY.LENGTH.ZERO | Arrays of length zero are a language extension | 4 | False | 2024.3 |
CERT.BITFIELD.NOT.INT | Bit-field not defined as 'int' type is a language extension | 4 | False | 2024.3 |
CERT.BITFIELD.SIGN.MODIFIER | Bit-field not defined as signed or unsigned is implementation defined | 4 | False | 2024.3 |
CERT.CHROOT | Use of chroot function | 4 | False | 2024.3 |
CERT.CHROOT.CHDIR | Call to 'chroot' function is not followed by call to 'chdir' | 4 | False | 2024.3 |
CERT.CONC.ATOMIC_COMP_FAIL_IN_LOOP | Wrap functions that can spuriously fail up in a loop | 4 | False | 2021.2 |
CERT.CONC.LIB_FUNC_USE | Avoid race conditions when using library functions | 4 | False | 2021.2 |
CERT.CONC.MUTEX.DESTROY_WHILE_LOCKED | Do not destroy a mutex while it is locked | 4 | False | 2024.1 |
CERT.CONC.UNSAFE_COND_VAR | Preserve thread safety and liveness when using condition variables | 4 | False | 2024.1 |
CERT.CONC.UNSAFE_COND_VAR_C | Preserve thread safety and liveness when using condition variables | 4 | False | 2024.1 |
CERT.CONC.WAKE_IN_LOOP | Wrap functions that can spuriously wake up in a loop | 4 | False | 2024.1 |
CERT.CONC.WAKE_IN_LOOP_C | Wrap functions that can spuriously wake up in a loop | 4 | False | 2024.1 |
CERT.DCL.AMBIGUOUS_DECL | Do not write syntactically ambiguous declarations | 4 | False | 2024.1 |
CERT.DCL.REF_TYPE.CONST_OR_VOLATILE | Never qualify a reference type with const or volatile | 4 | False | 2024.1 |
CERT.DCL.SAME_SCOPE_ALLOC_DEALLOC | Overload allocation and deallocation functions as a pair in the same scope | 4 | False | 2024.1 |
CERT.DCL.STD_NS_MODIFIED | Do not modify the standard namespaces | 4 | False | 2024.1 |
CERT.DCL.SWITCH.VAR_BEFORE_CASE | Do not declare variables inside a switch statement before the first case label | 4 | False | 2021.2 |
CERT.EMPTY.AGR.INIT | Empty aggregate initializers are a language extension | 4 | False | 2024.3 |
CERT.ENUM.LITERAL.TYPE.INT | Enumeration literal constant is not of type int | 4 | False | 2024.3 |
CERT.ENUM.TYPE.SPECIFIER | Non-standard extended enum type specifier is a language extension | 4 | False | 2024.3 |
CERT.ERR.ABRUPT_TERM | Do not abruptly terminate the program | 4 | False | 2020.1 |
CERT.ERR.CONV.STR_TO_NUM | Detect errors when converting a string to a number | 4 | False | 2020.1 |
CERT.EXPR.DELETE_ARR.BASE_PTR | Do not delete an array through a pointer of the incorrect type | 4 | False | 2020.1 |
CERT.EXPR.DELETE_PTR.INCOMPLETE_TYPE | Do not delete a pointer to an incomplete type | 4 | False | 2020.1 |
CERT.EXPR.PASS_NON_STD_LAYOUT | Do not pass a nonstandard-layout type object across execution boundaries | 4 | False | 2024.1 |
CERT.EXPR.VOLATILE.ADDR | Do not access a volatile object through a nonvolatile pointer | 4 | False | 2020.1 |
CERT.EXPR.VOLATILE.ADDR.PARAM | Do not pass a volatile object to a function through a nonvolatile pointer | 4 | False | 2020.1 |
CERT.EXPR.VOLATILE.PTRPTR | Do not assign a reference to a non-volatile pointer to a volatile pointer-to-pointer | 4 | False | 2020.1 |
CERT.FIXED.MEMORY.ADDRESS | Use of '@ address' is a language extension | 4 | False | 2024.3 |
CERT.LITERAL.ARRAY | Use meaningful symbolic constants to represent literal array size values | 4 | False | 2024.3 |
CERT.LITERAL.BINARY | Use of binary constant is a language extension | 4 | False | 2024.3 |
CERT.LITERAL.BITFIELD | Use meaningful symbolic constants to represent literal bit-field values | 4 | False | 2024.3 |
CERT.LITERAL.CHAR.CONST | Use meaningful symbolic constants to represent literal character values | 4 | False | 2024.3 |
CERT.LITERAL.FLT.CONST | Use meaningful symbolic constants to represent literal float values | 4 | False | 2024.3 |
CERT.LITERAL.INT.CONST | Use meaningful symbolic constants to represent literal integer values | 4 | False | 2024.3 |
CERT.LITERAL.MULTIBYTE.CHAR | Assignment of multi-byte character constant is implementation defined | 4 | False | 2024.3 |
CERT.LITERAL.OCTAL | Use of octal constant is a language extension | 4 | False | 2024.3 |
CERT.LITERAL.STR.CONST | Use meaningful symbolic constants to represent literal string values | 4 | False | 2024.3 |
CERT.LITERAL.SUFFIX.I64 | Use of I64 or UI64 as an integer constant suffix is a language extension | 4 | False | 2024.3 |
CERT.MEM.OVERRIDE.DELETE | Honor replacement dynamic storage management requirements for 'delete' | 4 | False | 2024.1 |
CERT.MEM.OVERRIDE.NEW | Honor replacement dynamic storage management requirements for 'new' | 4 | False | 2024.1 |
CERT.MSC.ASCTIME | Do not pass invalid data to the asctime() function | 4 | False | 2021.2 |
CERT.MSC.NORETURN_FUNC_RETURNS | Do not return from a function declared [[noreturn]] | 4 | False | 2020.1 |
CERT.MSC.SEED_RANDOM | Properly seed pseudorandom number generators | 4 | False | 2021.2 |
CERT.MSC.SIG_HANDLER.POF | A signal handler must be a plain old function | 4 | False | 2020.1 |
CERT.MSC.STD_RAND_CALL | Do not use std::rand() for generating pseudorandom numbers | 4 | False | 2020.1 |
CERT.MULTI.FUNC.ARG.CALLS | Do not depend on the order of evaluation of subexpressions or the order in which side effects take place | 4 | False | 2024.3 |
CERT.NAME.DOLLAR.CHAR | Use '$' of character in object name is not a legal identifier in ISO C | 4 | False | 2024.3 |
CERT.OOP.COPY_MUTATES | Copy operations must not mutate the source object | 4 | False | 2024.1 |
CERT.OOP.CSTD_FUNC_USE | Prefer special member functions and overloaded operators to C Standard Library functions | 4 | False | 2020.1 |
CERT.OOP.CTOR.INIT_ORDER | Write constructor member initializers in the canonical order | 4 | False | 2024.1 |
CERT.OOP.PTR_MEMBER.NO_MEMBER | Do not use pointer-to-member operators to access nonexistent members | 4 | False | 2024.1 |
CERT.POS.THREAD.ASYNC_CANCEL | Do not use threads that can be canceled asynchronously | 3 | False | 2020.1 |
CERT.RTN.FLT.CAST.DBL | Cast the return value of a function that returns a floating-point type | 4 | False | 2024.3 |
CERT.RTN.FLT.IMPLICIT.CAST.DBL | Cast the return value of a function that returns a floating-point type | 4 | False | 2024.3 |
CERT.STATIC.SINGLE.USE | File scope static variable is only accessed in one function | 4 | False | 2024.3 |
CERT.STMT.EXPR | Use of a statement expression is a language extension | 4 | False | 2024.3 |
CERT.STR.ARG.CONST_TO_NONCONST | Do not pass a const char pointer to a non-const char pointer argument | 4 | False | 2022.3 |
CERT.STR.ASSIGN.CONST_TO_NONCONST | Do not assign a const char pointer to a non-const char pointer | 4 | False | 2022.3 |
CERT.STR.RANGE.FORMATTER | Use of string range formatter is implementation defined | 4 | False | 2024.3 |
CERT.STRUCT.FLEXIBLE_ARRAY_MEMBER | Use the correct syntax when declaring a flexible array member | 4 | False | 2021.2 |
CERT.TU.UNUSED.GLOBAL.DECL | Global identifier is declared but is not used in this translation unit | 4 | False | 2024.3 |
CERT.TYPEOF | Use of '__typeof__' is a language extension | 4 | False | 2024.3 |
CERT.UNNAMED.MEMBER | Definition of an unnamed member in a struct or union is a language extension | 4 | False | 2024.3 |