CERT C rules mapped to Klocwork and Klocwork community checkers

ABV.ANY_SIZE_ARRAY   Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL   Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION   Buffer Overflow - Array Index Out of Bounds

ABV.STACK   Buffer Overflow - Local Array Index Out of Bounds

ABV.TAINTED   Buffer Overflow from Unvalidated Input

ABV.UNICODE.BOUND_MAP   Buffer overflow in mapping character function

ABV.UNICODE.FAILED_MAP   Mapping function failed

ABV.UNICODE.NNTS_MAP   Buffer overflow in mapping character function

ABV.UNICODE.SELF_MAP   Mapping function failed

ABV.UNKNOWN_SIZE   Buffer Overflow - Array Index Out of Bounds

NNTS.MIGHT   Buffer Overflow - Non-null Terminated String

NNTS.MUST   Buffer Overflow - Non-null Terminated String

NNTS.TAINTED   Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String

NPD.FUNC.CALL.MIGHT   Result of function that may return NULL may be passed to another function that may dereference it

SV.TAINTED.INDEX_ACCESS   Use of Unvalidated Integer as Array Index

SV.TAINTED.LOOP_BOUND   Use of Unvalidated Integer in Loop Condition

MISRA.ARRAY.VAR_LENGTH.2012   Variable-length array types shall not be used

MISRA.PTR.ARITH   Pointer is used in arithmetic or array index expression

CERT.ARR.PTR.ARITH   Pointer is used in arithmetic expression

ABV.GENERAL   Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION   Buffer Overflow - Array Index Out of Bounds

CERT.ARR.PTR.ARITH   Pointer is used in arithmetic expression

CERT.CONC.LIB_FUNC_USE   Avoid race conditions when using library functions

CONC.DL   Deadlock

CONC.NO_UNLOCK   Missing unlock for variable

CERT.CONC.WAKE_IN_LOOP_C   Wrap functions that can spuriously wake up in a loop

MISRA.STDLIB.SIGNAL   Use of the signal handling facilities of signal.h

CERT.CONC.UNSAFE_COND_VAR_C   Preserve thread safety and liveness when using condition variables

CERT.CONC.ATOMIC_TWICE_EXPR   Do not refer to an atomic variable twice in an expression

CERT.CONC.ATOMIC_COMP_FAIL_IN_LOOP   Wrap functions that can spuriously fail up in a loop

LOCRET.ARG   Function returns address of local variable

LOCRET.GLOB   Function returns address of local variable

LOCRET.RET   Function returns address of local variable

CWARN.IMPLICITINT   Anachronistic 'implicit int'

MISRA.DECL.NO_TYPE   Declaration without a type

MISRA.FUNC.NOPROT.CALL   Function is called but has no prototype

RETVOID.IMPLICIT   Implicitly int function returns void value

MISRA.FUNC.STATIC.REDECL   Function or object redeclaration does not include 'static' modifier

MISRA.DEFINE.WRONGNAME.UNDERSCORE   Usage of a reserved name for naming a macro

MISRA.STDLIB.WRONGNAME   Reused name of standard library macro, object or function

MISRA.STDLIB.WRONGNAME.UNDERSCORE   Usage of a reserved name for naming a language entity

CERT.STRUCT.FLEXIBLE_ARRAY_MEMBER   Use the correct syntax when declaring a flexible array member

PORTING.STORAGE.STRUCT   Byte position of elements in a structure could depend on alignment and packing attributes.

MISRA.FUNC.NOPROT.DEF.2012   Function has a definition but no prototype

MISRA.FUNC.PARAMS.IDENT   Identifiers used in declaration and definition of function are not identical

CERT.DCL.SWITCH.VAR_BEFORE_CASE   Do not declare variables inside a switch statement before the first case label

MISRA.STDLIB.CTYPE.RANGE.2012_AMD1   Any value passed to a function in ctype.h shall be representable as an unsigned char or be the value EOF

MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1   The pointer returned by the Standard Library functions asctime and similar shall not be used following a subsequent call to the same function

MISRA.STDLIB.ILLEGAL_WRITE.2012_AMD1   The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type

CERT.EXIT.HANDLER_TERMINATE   All exit handlers must return normally

SV.CODE_INJECTION.SHELL_EXEC   Command Injection into Shell Execution

MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1   The pointer returned by the Standard Library functions asctime and similar shall not be used following a subsequent call to the same function

CXX.ERRNO.INCORRECTLY_CHECKED   Errno condition check not required after calling library function

CXX.ERRNO.NOT_CHECKED   Errno condition check is missing after calling library function

CXX.ERRNO.NOT_SET   Errno is not reset to zero before calling library function

MISRA.INCL.SIGNAL.2012   The standard header file signal.h shall not be used

MISRA.STDLIB.SIGNAL   Use of the signal handling facilities of signal.h

NPD.CHECK.MUST   Pointer will be dereferenced after it was positively checked for NULL

NPD.FUNC.MUST   Result of function that may return NULL will be dereferenced

SV.RVT.RETVAL_NOTTESTED   Ignored Return Value

CERT.ERR.CONV.STR_TO_NUM   Detect errors when converting a string to a number

MISRA.STDLIB.ATOI   Use of 'atof', 'atoi' or 'atol' from library stdlib.h

SV.BANNED.RECOMMENDED.SCANF   Banned recommended API: unsafe scanf-type functions

MISRA.INCR_DECR.OTHER   Increment or decrement operator is mixed with other operators in expression

PORTING.VAR.EFFECTS   Variable used twice in one expression where one usage is subject to side-effects

CERT.EXPR.VOLATILE.ADDR   Do not access a volatile object through a nonvolatile pointer

CERT.EXPR.VOLATILE.ADDR.PARAM   Do not pass a volatile object to a function through a nonvolatile pointer

CERT.EXPR.VOLATILE.PTRPTR   Do not assign a reference to a non-volatile pointer to a volatile pointer-to-pointer

UNINIT.HEAP.MIGHT   Uninitialized Heap Use - possible

UNINIT.HEAP.MUST   Uninitialized Heap Use

UNINIT.STACK.ARRAY.MIGHT   Uninitialized Array - possible

UNINIT.STACK.ARRAY.MUST   Uninitialized Array

UNINIT.STACK.ARRAY.PARTIAL.MUST   Partially Uninitialized Array

UNINIT.STACK.MIGHT   Uninitialized Variable - possible

UNINIT.STACK.MUST   Uninitialized Variable

NPD.CHECK.CALL.MIGHT   Pointer may be passed to function that can dereference it after it was positively checked for NULL

NPD.CHECK.CALL.MUST   Pointer will be passed to function that may dereference it after it was positively checked for NULL

NPD.CHECK.MIGHT   Pointer may be dereferenced after it was positively checked for NULL

NPD.CHECK.MUST   Pointer will be dereferenced after it was positively checked for NULL

NPD.CONST.CALL   NULL is passed to function that can dereference it

NPD.CONST.DEREF   NULL is dereferenced

NPD.FUNC.CALL.MIGHT   Result of function that may return NULL may be passed to another function that may dereference it

NPD.FUNC.CALL.MUST   Result of function that may return NULL will be passed to another function that may dereference it

NPD.FUNC.MIGHT   Result of function that can return NULL may be dereferenced

NPD.FUNC.MUST   Result of function that may return NULL will be dereferenced

NPD.GEN.CALL.MIGHT   Null pointer may be passed to function that may dereference it

NPD.GEN.CALL.MUST   Null pointer will be passed to function that may dereference it

NPD.GEN.MIGHT   Null pointer may be dereferenced

NPD.GEN.MUST   Null pointer will be dereferenced

RNPD.CALL   Suspicious dereference of pointer in function call before NULL check

RNPD.DEREF   Suspicious dereference of pointer before NULL check

MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012   Cast between a pointer to object type and a pointer to a different object type

MISRA.FUNC.UNMATCHED.PARAMS   Number of formal and actual parameters passed to function do not match

MISRA.CAST.FUNC_PTR.2012   Conversion performed between a pointer to a function and another incompatible type

MISRA.CAST.INCOMPLETE_PTR_TO_ANY.2012   Conversion performed between a pointer to an incomplete type and a different type

MISRA.CAST.OBJ_PTR_TO_NON_INT.2012   A cast between a pointer to object and a non-integer arithmetic type

MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012   Cast between a pointer to object type and a pointer to a different object type

MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES   The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type

MISRA.TYPE.RESTRICT.QUAL.2012   The restrict type qualifier shall not be used

MISRA.SIZEOF.SIDE_EFFECT   Operand of sizeof has side effects

ASSIGCOND.CALL   Assignment in condition (call)

ASSIGCOND.GEN   Assignment in condition

MISRA.ASSIGN.COND   Assignment operator is used in a condition

MISRA.LOGIC.OPERATOR.NOT_BOOL   Operand of non-logical operator is effectively boolean

CERT.VA_ARG.TYPE   Do not call va_arg with an argument of the incorrect type

SV.FMTSTR.GENERIC   Format String Vulnerability

SV.TAINTED.FMTSTR   Use of Unvalidated Data in a Format String

CWARN.CMPCHR.EOF   A 'char' expression compared with EOF constant

MISRA.FILE_PTR.DEREF.2012   A pointer to a FILE object shall not be dereferenced

MISRA.FILE_PTR.DEREF.CAST.2012   Object is casted to a FILE pointer, and it shall not be dereferenced

MISRA.FILE_PTR.DEREF.INDIRECT.2012   A pointer to a FILE object shall not be indirectly dereferenced by a system function

MISRA.FILE_PTR.DEREF.RETURN.2012   A pointer to a FILE object (returned by function) shall not be dereferenced

CERT.FIO.NO_FLUSH   Flush or positioning function call missing

RH.LEAK   Resource leak

CERT.FSETPOS.VALUE   Only use values for fsetpos() that are returned from fgetpos()

SV.TOCTOU.FILE_ACCESS   Time of Creation/Time of Use Race condition in File Access

SV.INCORRECT_RESOURCE_HANDLING.URH   Insecure Resource Handling

SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD   Incompatible type of a print function parameter

SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED   Unexpected type of a print function parameter

SV.FMT_STR.PRINT_IMPROP_LENGTH   Improper use of length modifier in a print function call

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW   Too few arguments in a print function call

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY   Too many arguments in a print function call

SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD   Incompatible type of a scan function parameter

SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED   Unexpected type of a scan function parameter

SV.FMT_STR.SCAN_IMPROP_LENGTH   Improper use of length modifier in a scan function call

SV.FMT_STR.SCAN_PARAMS_WRONGNUM.FEW   Too few arguments in a scan function call

SV.FMT_STR.SCAN_PARAMS_WRONGNUM.MANY   Too many arguments in a scan function call

SV.FMT_STR.UNKWN_FORMAT   Unknown format specifier in a print function call

MISRA.FOR.COUNTER.FLT   For loop counter has a floating point type

MISRA.CAST.FLOAT.WIDER   Cast of floating point expression to a wider floating point type

MISRA.CAST.FLOAT_INT   Cast of floating point expression to integral type

MISRA.CAST.INT_FLOAT   Cast of integral expression to floating point type

MISRA.CONV.FLOAT   Implicit floating-point conversion

PORTING.CAST.FLTPNT   Cast of a floating point expression to a non floating point type

CERT.MEMCMP.FLOAT_MEMBER   Do not compare when member is floating point

MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES   The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type

CWARN.NOEFFECT.OUTOFRANGE   Value outside of range

NUM.OVERFLOW   Possible Overflow

NUM.OVERFLOW.DF   Possible numeric overflow or wraparound

PORTING.CAST.SIZE   Expression is cast to a type of potentially different size

CWARN.NOEFFECT.OUTOFRANGE   Value outside of range

NUM.OVERFLOW   Possible Overflow

NUM.OVERFLOW.DF   Possible numeric overflow or wraparound

DBZ.CONST   Division by a zero constant occurs

DBZ.CONST.CALL   The value '0' is passed to function that can use this value as divisor

DBZ.GENERAL   Division by zero might occur

DBZ.ITERATOR   Division by zero might occur in a loop iterator

DBZ.ITERATOR.CALL   Division by zero might occur in a function call

MISRA.SHIFT.RANGE.2012   Right operand of shift operation is out of range - greater or equal to the essential type size of left operand, or is negative

MISRA.CAST.OBJ_PTR_TO_INT.2012   Conversion performed between a pointer to an object and an integer type

UFM.DEREF.MIGHT   Use of free memory (access) - possible

UFM.DEREF.MUST   Use of Freed Memory by Pointer

UFM.FFM.MIGHT   Use of free memory (double free) - possible

UFM.FFM.MUST   Freeing Freed Memory

UFM.RETURN.MIGHT   Use of freed memory (return) - possible

UFM.RETURN.MUST   Use of Freed Memory on Return

UFM.USE.MIGHT   Use of free memory - possible

UFM.USE.MUST   Use of Freed Memory

CL.FFM.ASSIGN   Use of free memory (double free) - no operator=

CL.FFM.COPY   Use of free memory (double free) - no copy constructor

CL.SHALLOW.ASSIGN   Use of free memory (double free) - shallow copy in operator=

CL.SHALLOW.COPY   Use of free memory (double free) - shallow copy in copy constructor

FMM.MIGHT   Freeing Mismatched Memory - possible

FMM.MUST   Freeing Mismatched Memory

MISRA.INCOMPLETE.STRUCT   Incomplete struct type is used

MISRA.MEMB.FLEX_ARRAY.2012   Flexible array member shall not be declared

FNH.MIGHT   Freeing Non-Heap Memory - possible

FNH.MUST   Freeing Non-Heap Memory

INCORRECT.ALLOC_SIZE   Incorrect Allocation Size

SV.TAINTED.ALLOC_SIZE   Use of Unvalidated Integer in Memory Allocation

AUTOSAR.STDLIB.MEMORY   Functions malloc, calloc, realloc and free shall not be used

CERT.MSC.STD_RAND_CALL   Do not use std::rand() for generating pseudorandom numbers

CERT.MSC.SEED_RANDOM   Properly seed pseudorandom number generators

CERT.MSC.ASCTIME   Do not pass invalid data to the asctime() function

FUNCRET.GEN   Non-void function does not return value

FUNCRET.IMPLICIT   Non-void function implicitly returning int does not return value

VA.LIST.INDETERMINATE   Attempt to call va_arg() on a va_list that has an indeterminate value

MISRA.FUNC.STATIC.REDECL   Function or object redeclaration does not include 'static' modifier

CXX.SV.PWD.PLAIN   Attempt to set password using a plain string

CXX.SV.PWD.PLAIN.LENGTH   Attempt to set password with a length less than 15 characters

CXX.SV.PWD.PLAIN.LENGTH.ZERO   Attempt to set password with a length of zero characters

HCC   Use of hardcoded credentials

HCC.PWD   Use of a hardcoded password

HCC.USER   Use of a hardcoded user name

ABV.GENERAL   Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION   Buffer Overflow - Array Index Out of Bounds

CERT.PUTENV.AUTO_VARIABLE   Do not call putenv() with a pointer to an automatic variable as the argument

CERT.STR.ASSIGN.CONST_TO_NONCONST   Do not assign a const char pointer to a non-const char pointer

SV.TOCTOU.FILE_ACCESS   Time of Creation/Time of Use Race condition in File Access

SV.USAGERULES.PERMISSIONS   Use of Privilege Elevation

SV.USAGERULES.PERMISSIONS   Use of Privilege Elevation

BYTEORDER.HTON.SEND   Missed conversion from host to network byte order

BYTEORDER.HTON.WRITE   Missed conversion from host to network byte order

BYTEORDER.NTOH.READ   Missed conversion from network to host byte order

BYTEORDER.NTOH.RECV   Missed conversion from network to host byte order

MISRA.INCL.SIGNAL.2012   The standard header file signal.h shall not be used

CERT.POS.THREAD.ASYNC_CANCEL   Do not use threads that can be canceled asynchronously

CONC.DL   Deadlock

CONC.NO_UNLOCK   Missing unlock for variable

CONC.SLEEP   Function may block in critical section

SV.RVT.RETVAL_NOTTESTED   Ignored Return Value

MISRA.DEFINE.SHARP   # or ## operator in a macro definition

PORTING.VAR.EFFECTS   Variable used twice in one expression where one usage is subject to side-effects

MISRA.EXPANSION.DIRECTIVE   Directive-like tokens within a macro argument

MISRA.STDLIB.SIGNAL   Use of the signal handling facilities of signal.h

CERT.STDLIB.SIGNAL   Do not return from a computational exception signal handler

CERT.STR.ARG.CONST_TO_NONCONST   Do not pass a const char pointer to a non-const char pointer argument

CERT.STR.ASSIGN.CONST_TO_NONCONST   Do not assign a const char pointer to a non-const char pointer

SV.FMT_STR.BAD_SCAN_FORMAT   Input format specifier error

SV.UNBOUND_STRING_INPUT.FUNC   Usage of unbounded string input

NNTS.MIGHT   Buffer Overflow - Non-null Terminated String

NNTS.MUST   Buffer Overflow - Non-null Terminated String

SV.STRBO.BOUND_COPY.UNTERM   Possible Buffer Overflow in Following String Operations

CXX.CAST.SIGNED_CHAR_TO_INTEGER   Cast char to unsigned char before converting to larger integer sizes

AUTOSAR.STDLIB.CCTYPE.UCHAR   Arguments to character-handling functions defined in <cctype> shall be representable as an unsigned char

MISRA.ETYPE.ASSIGN.2012   Assignment to an object of a narrower essential type or a different essential type category

CXX.DIFF.WIDTH.STR_AND_FUNC   Implicit cast between narrow and wide character string while calling function

FMM.MIGHT   Freeing Mismatched Memory - possible

FMM.MUST   Freeing Mismatched Memory