SEI CERT C rules and recommendations

ABV.ANY_SIZE_ARRAY  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION  Buffer Overflow - Array Index Out of Bounds

ABV.NON_ARRAY  Non-array object is used as an array

ABV.STACK  Buffer Overflow - Local Array Index Out of Bounds

ABV.TAINTED  Buffer Overflow from Unvalidated Input

ABV.UNICODE.BOUND_MAP  Buffer overflow in mapping character function

ABV.UNICODE.FAILED_MAP  Mapping function failed

ABV.UNICODE.NNTS_MAP  Buffer overflow in mapping character function

ABV.UNICODE.SELF_MAP  Mapping function failed

ABV.UNKNOWN_SIZE  Buffer Overflow - Array Index Out of Bounds

NNTS.MIGHT  Buffer Overflow - Non-null Terminated String

NNTS.MUST  Buffer Overflow - Non-null Terminated String

NNTS.TAINTED  Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String

NPD.FUNC.CALL.MIGHT  Result of function that may return NULL may be passed to another function that may dereference it

SV.TAINTED.INDEX_ACCESS  Use of Unvalidated Integer as Array Index

SV.TAINTED.LOOP_BOUND  Use of Unvalidated Integer in Loop Condition

MISRA.ARRAY.VAR_LENGTH.2012  Variable-length array types shall not be used

MISRA.PTR.ARITH  Pointer is used in arithmetic or array index expression

CERT.ARR.PTR.ARITH  Pointer is used in arithmetic expression

ABV.GENERAL  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION  Buffer Overflow - Array Index Out of Bounds

CERT.ARR.PTR.ARITH  Pointer is used in arithmetic expression

CERT.CONC.LIB_FUNC_USE  Avoid race conditions when using library functions

CONC.DL  Deadlock

CONC.NO_UNLOCK  Missing unlock for variable

CERT.CONC.WAKE_IN_LOOP_C  Wrap functions that can spuriously wake up in a loop

MISRA.STDLIB.SIGNAL  Use of the signal handling facilities of signal.h

CERT.CONC.UNSAFE_COND_VAR_C  Preserve thread safety and liveness when using condition variables

CERT.CONC.ATOMIC_TWICE_EXPR  Do not refer to an atomic variable twice in an expression

CERT.CONC.ATOMIC_COMP_FAIL_IN_LOOP  Wrap functions that can spuriously fail up in a loop

LOCRET.ARG  Function returns address of local variable

LOCRET.GLOB  Function returns address of local variable

LOCRET.RET  Function returns address of local variable

CWARN.IMPLICITINT  Anachronistic 'implicit int'

MISRA.DECL.NO_TYPE  Declaration without a type

MISRA.FUNC.NOPROT.CALL  Function is called but has no prototype

RETVOID.IMPLICIT  Implicitly int function returns void value

MISRA.FUNC.STATIC.REDECL  Function or object redeclaration does not include 'static' modifier

MISRA.DEFINE.WRONGNAME.UNDERSCORE  Usage of a reserved name for naming a macro

MISRA.STDLIB.WRONGNAME  Reused name of standard library macro, object or function

MISRA.STDLIB.WRONGNAME.UNDERSCORE  Usage of a reserved name for naming a language entity

CERT.STRUCT.FLEXIBLE_ARRAY_MEMBER  Use the correct syntax when declaring a flexible array member

PORTING.STORAGE.STRUCT  Byte position of elements in a structure could depend on alignment and packing attributes.

MISRA.FUNC.NOPROT.DEF.2012  Function has a definition but no prototype

MISRA.FUNC.PARAMS.IDENT  Identifiers used in declaration and definition of function are not identical

CERT.DCL.SWITCH.VAR_BEFORE_CASE  Do not declare variables inside a switch statement before the first case label

MISRA.STDLIB.CTYPE.RANGE.2012_AMD1  Any value passed to a function in ctype.h shall be representable as an unsigned char or be the value EOF

MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1  The pointer returned by the Standard Library functions asctime and similar shall not be used following a subsequent call to the same function

MISRA.STDLIB.ILLEGAL_WRITE.2012_AMD1  The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they have pointer to const-qualified type

CERT.EXIT.HANDLER_TERMINATE  All exit handlers must return normally

SV.CODE_INJECTION.SHELL_EXEC  Command Injection into Shell Execution

MISRA.STDLIB.ILLEGAL_REUSE.2012_AMD1  The pointer returned by the Standard Library functions asctime and similar shall not be used following a subsequent call to the same function

CXX.ERRNO.INCORRECTLY_CHECKED  Errno condition check not required after calling library function

CXX.ERRNO.NOT_CHECKED  Errno condition check is missing after calling library function

CXX.ERRNO.NOT_SET  Errno is not reset to zero before calling library function

MISRA.INCL.SIGNAL.2012  The standard header file signal.h shall not be used

MISRA.STDLIB.SIGNAL  Use of the signal handling facilities of signal.h

NPD.CHECK.MUST  Pointer will be dereferenced after it was positively checked for NULL

NPD.FUNC.MUST  Result of function that may return NULL will be dereferenced

SV.RVT.RETVAL_NOTTESTED  Ignored Return Value

CERT.ERR.CONV.STR_TO_NUM  Detect errors when converting a string to a number

MISRA.STDLIB.ATOI  Use of 'atof', 'atoi' or 'atol' from library stdlib.h

SV.BANNED.RECOMMENDED.SCANF  Banned recommended API: unsafe scanf-type functions

MISRA.INCR_DECR.OTHER  Increment or decrement operator is mixed with other operators in expression

PORTING.VAR.EFFECTS  Variable used twice in one expression where one usage is subject to side-effects

CERT.EXPR.VOLATILE.ADDR  Do not access a volatile object through a nonvolatile pointer

CERT.EXPR.VOLATILE.ADDR.PARAM  Do not pass a volatile object to a function through a nonvolatile pointer

CERT.EXPR.VOLATILE.PTRPTR  Do not assign a reference to a non-volatile pointer to a volatile pointer-to-pointer

UNINIT.HEAP.MIGHT  Uninitialized Heap Use - possible

UNINIT.HEAP.MUST  Uninitialized Heap Use

UNINIT.STACK.ARRAY.MIGHT  Uninitialized Array - possible

UNINIT.STACK.ARRAY.MUST  Uninitialized Array

UNINIT.STACK.ARRAY.PARTIAL.MUST  Partially Uninitialized Array

UNINIT.STACK.MIGHT  Uninitialized Variable - possible

UNINIT.STACK.MUST  Uninitialized Variable

NPD.CHECK.CALL.MIGHT  Pointer may be passed to function that can dereference it after it was positively checked for NULL

NPD.CHECK.CALL.MUST  Pointer will be passed to function that may dereference it after it was positively checked for NULL

NPD.CHECK.MIGHT  Pointer may be dereferenced after it was positively checked for NULL

NPD.CHECK.MUST  Pointer will be dereferenced after it was positively checked for NULL

NPD.CONST.CALL  NULL is passed to function that can dereference it

NPD.CONST.DEREF  NULL is dereferenced

NPD.FUNC.CALL.MIGHT  Result of function that may return NULL may be passed to another function that may dereference it

NPD.FUNC.CALL.MUST  Result of function that may return NULL will be passed to another function that may dereference it

NPD.FUNC.MIGHT  Result of function that can return NULL may be dereferenced

NPD.FUNC.MUST  Result of function that may return NULL will be dereferenced

NPD.GEN.CALL.MIGHT  Null pointer may be passed to function that may dereference it

NPD.GEN.CALL.MUST  Null pointer will be passed to function that may dereference it

NPD.GEN.MIGHT  Null pointer may be dereferenced

NPD.GEN.MUST  Null pointer will be dereferenced

RNPD.CALL  Suspicious dereference of pointer in function call before NULL check

RNPD.DEREF  Suspicious dereference of pointer before NULL check

MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012  Cast between a pointer to object type and a pointer to a different object type

MISRA.FUNC.UNMATCHED.PARAMS  Number of formal and actual parameters passed to function do not match

MISRA.CAST.FUNC_PTR.2012  Conversion performed between a pointer to a function and another incompatible type

MISRA.CAST.INCOMPLETE_PTR_TO_ANY.2012  Conversion performed between a pointer to an incomplete type and a different type

MISRA.CAST.OBJ_PTR_TO_NON_INT.2012  A cast between a pointer to object and a non-integer arithmetic type

MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012  Cast between a pointer to object type and a pointer to a different object type

MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES  The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type

MISRA.TYPE.RESTRICT.QUAL.2012  The restrict type qualifier shall not be used

MISRA.SIZEOF.SIDE_EFFECT  Operand of sizeof has side effects

ASSIGCOND.CALL  Assignment in condition (call)

ASSIGCOND.GEN  Assignment in condition

MISRA.ASSIGN.COND  Assignment operator is used in a condition

MISRA.LOGIC.OPERATOR.NOT_BOOL  Operand of non-logical operator is effectively boolean

CERT.VA_ARG.TYPE  Do not call va_arg with an argument of the incorrect type

SV.FMTSTR.GENERIC  Format String Vulnerability

SV.TAINTED.FMTSTR  Use of Unvalidated Data in a Format String

CWARN.CMPCHR.EOF  A 'char' expression compared with EOF constant

CERT.FIO.FGETS  Do not assume that fgets() or fgetws() returns a nonempty string when successful

MISRA.FILE_PTR.DEREF.2012  A pointer to a FILE object shall not be dereferenced

MISRA.FILE_PTR.DEREF.CAST.2012  Object is casted to a FILE pointer, and it shall not be dereferenced

MISRA.FILE_PTR.DEREF.INDIRECT.2012  A pointer to a FILE object shall not be indirectly dereferenced by a system function

MISRA.FILE_PTR.DEREF.RETURN.2012  A pointer to a FILE object (returned by function) shall not be dereferenced

CERT.FIO.NO_FLUSH  Flush or positioning function call missing

RH.LEAK  Resource leak

CERT.FSETPOS.VALUE  Only use values for fsetpos() that are returned from fgetpos()

SV.TOCTOU.FILE_ACCESS  Time of Creation/Time of Use Race condition in File Access

SV.INCORRECT_RESOURCE_HANDLING.URH  Insecure Resource Handling

SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD  Incompatible type of a print function parameter

SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED  Unexpected type of a print function parameter

SV.FMT_STR.PRINT_IMPROP_LENGTH  Improper use of length modifier in a print function call

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW  Too few arguments in a print function call

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY  Too many arguments in a print function call

SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD  Incompatible type of a scan function parameter

SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED  Unexpected type of a scan function parameter

SV.FMT_STR.SCAN_IMPROP_LENGTH  Improper use of length modifier in a scan function call

SV.FMT_STR.SCAN_PARAMS_WRONGNUM.FEW  Too few arguments in a scan function call

SV.FMT_STR.SCAN_PARAMS_WRONGNUM.MANY  Too many arguments in a scan function call

SV.FMT_STR.UNKWN_FORMAT  Unknown format specifier in a print function call

MISRA.FOR.COUNTER.FLT  For loop counter has a floating point type

CERT.MATH.DOMAIN.CHECK  One or more arguments passed to a standard library math function are outside its valid domain

CERT.MATH.RANGE.CHECK  Error condition must be checked after calling a library math function that might cause range error

MISRA.CAST.FLOAT.WIDER  Cast of floating point expression to a wider floating point type

MISRA.CAST.FLOAT_INT  Cast of floating point expression to integral type

MISRA.CAST.INT_FLOAT  Cast of integral expression to floating point type

MISRA.CONV.FLOAT  Implicit floating-point conversion

PORTING.CAST.FLTPNT  Cast of a floating point expression to a non floating point type

CERT.MEMCMP.FLOAT_MEMBER  Do not compare when member is floating point

MISRA.STDLIB.MEMCMP.PTR_ARG_TYPES  The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type, an essentially unsigned type, an essentially Boolean type or an essentially enum type

CWARN.NOEFFECT.OUTOFRANGE  Value outside of range

NUM.OVERFLOW  Possible Overflow

NUM.OVERFLOW.DF  Possible numeric overflow or wraparound

PORTING.CAST.SIZE  Expression is cast to a type of potentially different size

CWARN.NOEFFECT.OUTOFRANGE  Value outside of range

NUM.OVERFLOW  Possible Overflow

NUM.OVERFLOW.DF  Possible numeric overflow or wraparound

DBZ.CONST  Division by a zero constant occurs

DBZ.CONST.CALL  The value '0' is passed to function that can use this value as divisor

DBZ.GENERAL  Division by zero might occur

DBZ.GENERAL.FLOAT  Division by floating-point zero might occur

DBZ.ITERATOR  Division by zero might occur in a loop iterator

DBZ.ITERATOR.CALL  Division by zero might occur in a function call

DBZ.ITERATOR.FLOAT  Division by zero might occur in a loop iterator

MISRA.SHIFT.RANGE.2012  Right operand of shift operation is out of range - greater or equal to the essential type size of left operand, or is negative

MISRA.CAST.OBJ_PTR_TO_INT.2012  Conversion performed between a pointer to an object and an integer type

UFM.DEREF.MIGHT  Use of free memory (access) - possible

UFM.DEREF.MUST  Use of Freed Memory by Pointer

UFM.FFM.MIGHT  Use of free memory (double free) - possible

UFM.FFM.MUST  Freeing Freed Memory

UFM.RETURN.MIGHT  Use of freed memory (return) - possible

UFM.RETURN.MUST  Use of Freed Memory on Return

UFM.USE.MIGHT  Use of free memory - possible

UFM.USE.MUST  Use of Freed Memory

CL.FFM.ASSIGN  Use of free memory (double free) - no operator=

CL.FFM.COPY  Use of free memory (double free) - no copy constructor

CL.SHALLOW.ASSIGN  Use of free memory (double free) - shallow copy in operator=

CL.SHALLOW.COPY  Use of free memory (double free) - shallow copy in copy constructor

FMM.MIGHT  Freeing Mismatched Memory - possible

FMM.MUST  Freeing Mismatched Memory

MISRA.INCOMPLETE.STRUCT  Incomplete struct type is used

MISRA.MEMB.FLEX_ARRAY.2012  Flexible array member shall not be declared

FNH.MIGHT  Freeing Non-Heap Memory - possible

FNH.MUST  Freeing Non-Heap Memory

INCORRECT.ALLOC_SIZE  Incorrect Allocation Size

SV.TAINTED.ALLOC_SIZE  Use of Unvalidated Integer in Memory Allocation

AUTOSAR.STDLIB.MEMORY  Functions malloc, calloc, realloc and free shall not be used

CERT.MSC.STD_RAND_CALL  Do not use std::rand() for generating pseudorandom numbers

CERT.MSC.SEED_RANDOM  Properly seed pseudorandom number generators

CERT.MSC.ASCTIME  Do not pass invalid data to the asctime() function

FUNCRET.GEN  Non-void function does not return value

FUNCRET.IMPLICIT  Non-void function implicitly returning int does not return value

VA.LIST.INDETERMINATE  Attempt to call va_arg() on a va_list that has an indeterminate value

MISRA.FUNC.STATIC.REDECL  Function or object redeclaration does not include 'static' modifier

CXX.SV.PWD.PLAIN  Attempt to set password using a plain string

CXX.SV.PWD.PLAIN.LENGTH  Attempt to set password with a length less than 15 characters

CXX.SV.PWD.PLAIN.LENGTH.ZERO  Attempt to set password with a length of zero characters

HCC  Use of hardcoded credentials

HCC.PWD  Use of a hardcoded password

HCC.USER  Use of a hardcoded user name

ABV.GENERAL  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION  Buffer Overflow - Array Index Out of Bounds

CERT.PUTENV.AUTO_VARIABLE  Do not call putenv() with a pointer to an automatic variable as the argument

CERT.STR.ASSIGN.CONST_TO_NONCONST  Do not assign a const char pointer to a non-const char pointer

SV.TOCTOU.FILE_ACCESS  Time of Creation/Time of Use Race condition in File Access

SV.USAGERULES.PERMISSIONS  Use of Privilege Elevation

SV.USAGERULES.PERMISSIONS  Use of Privilege Elevation

BYTEORDER.HTON.SEND  Missed conversion from host to network byte order

BYTEORDER.HTON.WRITE  Missed conversion from host to network byte order

BYTEORDER.NTOH.READ  Missed conversion from network to host byte order

BYTEORDER.NTOH.RECV  Missed conversion from network to host byte order

MISRA.INCL.SIGNAL.2012  The standard header file signal.h shall not be used

CERT.POS.THREAD.ASYNC_CANCEL  Do not use threads that can be canceled asynchronously

CONC.DL  Deadlock

CONC.NO_UNLOCK  Missing unlock for variable

CONC.SLEEP  Function may block in critical section

SV.RVT.RETVAL_NOTTESTED  Ignored Return Value

MISRA.DEFINE.SHARP  # or ## operator in a macro definition

PORTING.VAR.EFFECTS  Variable used twice in one expression where one usage is subject to side-effects

MISRA.EXPANSION.DIRECTIVE  Directive-like tokens within a macro argument

CERT.SIG.SIG_HANDLER.ASYNC_SAFE  Call only asynchronous-safe functions within signal handlers

MISRA.STDLIB.SIGNAL  Use of the signal handling facilities of signal.h

CERT.STDLIB.SIGNAL  Do not return from a computational exception signal handler

CERT.STR.ARG.CONST_TO_NONCONST  Do not pass a const char pointer to a non-const char pointer argument

CERT.STR.ASSIGN.CONST_TO_NONCONST  Do not assign a const char pointer to a non-const char pointer

SV.FMT_STR.BAD_SCAN_FORMAT  Input format specifier error

SV.UNBOUND_STRING_INPUT.FUNC  Usage of unbounded string input

NNTS.MIGHT  Buffer Overflow - Non-null Terminated String

NNTS.MUST  Buffer Overflow - Non-null Terminated String

SV.STRBO.BOUND_COPY.UNTERM  Possible Buffer Overflow in Following String Operations

CXX.CAST.SIGNED_CHAR_TO_INTEGER  Cast char to unsigned char before converting to larger integer sizes

AUTOSAR.STDLIB.CCTYPE.UCHAR  Arguments to character-handling functions defined in <cctype> shall be representable as an unsigned char

MISRA.ETYPE.ASSIGN.2012  Assignment to an object of a narrower essential type or a different essential type category

CXX.DIFF.WIDTH.STR_AND_FUNC  Implicit cast between narrow and wide character string while calling function

FMM.MIGHT  Freeing Mismatched Memory - possible

FMM.MUST  Freeing Mismatched Memory

ABV.ANY_SIZE_ARRAY  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION  Buffer Overflow - Array Index Out of Bounds

ABV.ITERATOR  Buffer Overflow - Array Index may be out of Bounds

ABV.MEMBER  Buffer Overflow - Array Index Out of Bounds

ABV.STACK  Buffer Overflow - Local Array Index Out of Bounds

ABV.TAINTED  Buffer Overflow from Unvalidated Input

ABV.UNICODE.BOUND_MAP  Buffer overflow in mapping character function

ABV.UNICODE.FAILED_MAP  Mapping function failed

ABV.UNICODE.NNTS_MAP  Buffer overflow in mapping character function

ABV.UNICODE.SELF_MAP  Mapping function failed

ABV.UNKNOWN_SIZE  Buffer Overflow - Array Index Out of Bounds

NNTS.MIGHT  Buffer Overflow - Non-null Terminated String

NNTS.MUST  Buffer Overflow - Non-null Terminated String

NNTS.TAINTED  Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String

SV.STRBO.BOUND_COPY.OVERFLOW  Buffer Overflow in Bound String Copy

SV.STRBO.BOUND_COPY.UNTERM  Possible Buffer Overflow in Following String Operations

SV.STRBO.BOUND_SPRINTF  Buffer Overflow in Bound sprintf

SV.STRBO.UNBOUND_COPY  Buffer Overflow in Unbound String Copy

SV.STRBO.UNBOUND_SPRINTF  Buffer Overflow in Unbound sprintf

SV.TAINTED.ALLOC_SIZE  Use of Unvalidated Integer in Memory Allocation

SV.TAINTED.CALL.INDEX_ACCESS  Use of Unvalidated Integer as Array Index by Function Call

SV.TAINTED.CALL.LOOP_BOUND  Use of Unvalidated Integer in Loop Condition through a Function Call

SV.TAINTED.INDEX_ACCESS  Use of Unvalidated Integer as Array Index

SV.TAINTED.LOOP_BOUND  Use of Unvalidated Integer in Loop Condition

SV.UNBOUND_STRING_INPUT.CIN  Usage of cin for unbounded string input

SV.UNBOUND_STRING_INPUT.FUNC  Usage of unbounded string input

CWARN.MEMSET.SIZEOF.PTR  Memset-like function is called for 'sizeof' applied to pointer

CONC.SLEEP  Function may block in critical section

MISRA.VAR.HIDDEN  Identifier declared in an inner scope hides identifier in outer scope

CERT.LITERAL.ARRAY  Use meaningful symbolic constants to represent literal array size values

CERT.LITERAL.BITFIELD  Use meaningful symbolic constants to represent literal bit-field values

CERT.LITERAL.CHAR.CONST  Use meaningful symbolic constants to represent literal character values

CERT.LITERAL.FLT.CONST  Use meaningful symbolic constants to represent literal float values

CERT.LITERAL.INT.CONST  Use meaningful symbolic constants to represent literal integer values

CERT.LITERAL.STR.CONST  Use meaningful symbolic constants to represent literal string values

MISRA.CAST.FUNC_PTR.2012  Conversion performed between a pointer to a function and another incompatible type

MISRA.FUNC.NOPROT.DEF.2012  Function has a definition but no prototype

MISRA.FUNC.PROT_FORM.KR.2012  Function types shall be in prototype form

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW  Too few arguments in a print function call

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY  Too many arguments in a print function call

SV.FMT_STR.SCAN_PARAMS_WRONGNUM.FEW  Too few arguments in a scan function call

SV.FMT_STR.SCAN_PARAMS_WRONGNUM.MANY  Too many arguments in a scan function call

MISRA.FUNC.VARARG  Function with variable number of arguments

SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD  Incompatible type of a print function parameter

SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED  Unexpected type of a print function parameter

SV.FMT_STR.PRINT_IMPROP_LENGTH  Improper use of length modifier in a print function call

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW  Too few arguments in a print function call

SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY  Too many arguments in a print function call

SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD  Incompatible type of a scan function parameter

SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED  Unexpected type of a scan function parameter

SV.FMT_STR.UNKWN_FORMAT.SCAN  Unknown format specifier in a scan function call

MISRA.PPARAM.NEEDS.CONST  Pointer parameter is not used to modify the addressed object but is not declared as a pointer to const

MISRA.TOKEN.OCTAL.ESCAPE  Usage of octal escape sequences

MISRA.TOKEN.OCTAL.INT  Usage of octal integer constants

CERT.STATIC.SINGLE.USE  File scope static variable is only accessed in one function

CERT.TU.UNUSED.GLOBAL.DECL  Global identifier is declared but is not used in this translation unit

CXX.ID_VIS.GLOBAL_VARIABLE.EXTERN  Visibility of extern global variable is too wide

CXX.ID_VIS.GLOBAL_VARIABLE.STATIC  Visibility of static global variable is too wide

MISRA.VAR.MIN.VIS  Name visibility is too wide

MISRA.FUNC.NO_PARAMS  Function without parameters is missing void parameter type

MISRA.IDENT.DISTINCT.C99.2012  Identifiers declared in the same scope or name space are not distinct

ABV.ANY_SIZE_ARRAY  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION  Buffer Overflow - Array Index Out of Bounds

ABV.ITERATOR  Buffer Overflow - Array Index may be out of Bounds

ABV.MEMBER  Buffer Overflow - Array Index Out of Bounds

ABV.STACK  Buffer Overflow - Local Array Index Out of Bounds

ABV.TAINTED  Buffer Overflow from Unvalidated Input

ABV.UNICODE.BOUND_MAP  Buffer overflow in mapping character function

ABV.UNICODE.FAILED_MAP  Mapping function failed

ABV.UNICODE.NNTS_MAP  Buffer overflow in mapping character function

ABV.UNICODE.SELF_MAP  Mapping function failed

ABV.UNKNOWN_SIZE  Buffer Overflow - Array Index Out of Bounds

CERT.EXPR.PARENS  The precedence of operators within expressions should be made explicit.

MISRA.LOGIC.SIDEEFF  Right operand in a logical 'and' or 'or' expression contains side effects

ABV.GENERAL  Buffer Overflow - Array Index Out of Bounds

ABV.GENERAL.MULTIDIMENSION  Buffer Overflow - Array Index Out of Bounds

ABV.ITERATOR  Buffer Overflow - Array Index may be out of Bounds

CERT.MULTI.FUNC.ARG.CALLS  Do not depend on the order of evaluation of subexpressions or the order in which side effects take place

MISRA.FUNC.UNUSEDRET.2012  The return value of a non-void function shall be used.

SV.RVT.RETVAL_NOTTESTED  Ignored Return Value

SEMICOL  Suspiciously placed semicolon

CWARN.FUNCADDR  Function address is used instead of a call to this function

CWARN.NULLCHECK.FUNCNAME  Function address was directly compared against 0

MISRA.IF.NO_COMPOUND  The body of if/else statement is not a compound statement

MISRA.STMT.NO_COMPOUND  The body of switch, while, do/while or for statement is not a compound statement

SV.TOCTOU.FILE_ACCESS  Time of Creation/Time of Use Race condition in File Access

SV.DLLPRELOAD.NONABSOLUTE.DLL  Potential DLL-preload hijack vector

SV.TOCTOU.FILE_ACCESS  Time of Creation/Time of Use Race condition in File Access

RH.LEAK  Resource leak

CERT.RTN.FLT.CAST.DBL  Cast the return value of a function that returns a floating-point type

CERT.RTN.FLT.IMPLICIT.CAST.DBL  Cast the return value of a function that returns a floating-point type

MISRA.CAST.INT  Non-trivial integer expression is cast to a wider type, or type with a different signedness

MISRA.CAST.UNSIGNED_BITS  The result of bitwise operation on unsigned char or short is not cast back to original type

MISRA.CONV.INT.SIGN  Implicit integral conversion changes signedness

MISRA.CVALUE.IMPL.CAST  The value of an expression implicitly converted to a different type

MISRA.UMINUS.UNSIGNED  Operand of unary minus is unsigned

PRECISION.LOSS  Loss of Precision

SV.TAINTED.ALLOC_SIZE  Use of Unvalidated Integer in Memory Allocation

SV.TAINTED.BINOP  Use of Unvalidated Integer in Binary Operation

SV.TAINTED.CALL.BINOP  Use of Unvalidated Integer in Binary Operation

SV.TAINTED.CALL.INDEX_ACCESS  Use of Unvalidated Integer as Array Index by Function Call

SV.TAINTED.CALL.LOOP_BOUND  Use of Unvalidated Integer in Loop Condition through a Function Call

SV.TAINTED.INDEX_ACCESS  Use of Unvalidated Integer as Array Index

SV.TAINTED.LOOP_BOUND  Use of Unvalidated Integer in Loop Condition

PORTING.SIGNED.CHAR  'char' used without explicitly specifying signedness

MISRA.ENUM.IMPLICIT.VAL.NON_UNIQUE.2012  Implicit enumerator value is not unique

MISRA.BITFIELD.TYPE  Type of bit-field is not signed/unsigned integer

MISRA.BITS.NOT_UNSIGNED  Operand of bitwise operation is not unsigned integer

MISRA.BITS.NOT_UNSIGNED.PREP  Operand of bitwise operation is not unsigned integer

PORTING.CAST.SIZE  Expression is cast to a type of potentially different size

FNH.MIGHT  Freeing Non-Heap Memory - possible

FNH.MUST  Freeing Non-Heap Memory

FUM.GEN.MIGHT  Freeing Unallocated Memory - possible

FUM.GEN.MUST  Freeing Unallocated Memory

MLK.MIGHT  Memory Leak - possible

MLK.MUST  Memory Leak

MLK.RET.MIGHT  Memory Leak - possible

MLK.RET.MUST  Memory Leak

RH.LEAK  Resource leak

UFM.DEREF.MIGHT  Use of free memory (access) - possible

UFM.DEREF.MUST  Use of Freed Memory by Pointer

UFM.FFM.MIGHT  Use of free memory (double free) - possible

UFM.FFM.MUST  Freeing Freed Memory

UFM.RETURN.MIGHT  Use of freed memory (return) - possible

UFM.RETURN.MUST  Use of Freed Memory on Return

UFM.USE.MIGHT  Use of free memory - possible

UFM.USE.MUST  Use of Freed Memory

MISRA.FUNC.RECUR  Recursive function

MLK.MIGHT  Memory Leak - possible

MLK.MUST  Memory Leak

MLK.RET.MIGHT  Memory Leak - possible

MLK.RET.MUST  Memory Leak

RH.LEAK  Resource leak

CWARN.EMPTY.LABEL  Empty label statement

INFINITE_LOOP.GLOBAL  Infinite loop

INFINITE_LOOP.LOCAL  Infinite loop

INFINITE_LOOP.MACRO  Infinite loop

LA_UNUSED  Label unused

MISRA.IF.NO_ELSE  A chain of if/else-if statements is not terminated with else or is terminated with an empty else clause

MISRA.SWITCH.WELL_FORMED.DEFAULT.2012  Every switch statement shall have a default label.

INVARIANT_CONDITION.UNREACH  Invariant expression in a condition

LA_UNUSED  Label unused

UNREACH.ENUM  Code is unreachable due to the possible value(s) of an enum

UNREACH.GEN  Unreachable code

UNREACH.RETURN  Unreachable Void Return

UNREACH.SIZEOF  Architecture-related unreachable code

CWARN.NOEFFECT.SELF_ASSIGN  A variable is assigned to self

CWARN.NOEFFECT.UCMP.GE  Comparison of unsigned value against 0 is always true

CWARN.NOEFFECT.UCMP.GE.MACRO  Comparison of unsigned value against 0 within a macro is always true

CWARN.NOEFFECT.UCMP.LT  Comparison of unsigned value against 0 is always false

CWARN.NOEFFECT.UCMP.LT.MACRO  Comparison of unsigned value against 0 within a macro is always false

CWARN.NULLCHECK.FUNCNAME  Function address was directly compared against 0

EFFECT  Statement has no effect

INVARIANT_CONDITION.UNREACH  Invariant expression in a condition

LA_UNUSED  Label unused

MISRA.STMT.NO_EFFECT  The statement has no side effects, and does not change control flow

UNREACH.ENUM  Code is unreachable due to the possible value(s) of an enum

UNREACH.GEN  Unreachable code

UNREACH.RETURN  Unreachable Void Return

UNREACH.SIZEOF  Architecture-related unreachable code

VA_UNUSED.GEN  Value is Never Used after Assignment

VA_UNUSED.INIT  Value is Never Used after Initialization

LV_UNUSED.GEN  Local variable unused

VA_UNUSED.GEN  Value is Never Used after Assignment

VA_UNUSED.INIT  Value is Never Used after Initialization

CERT.ALIGNOF  Use of '__alignof__' is a language extension

CERT.ANONYMOUS.STRUCT  Definition of an anonymous struct object is a language extension

CERT.ANONYMOUS.UNION  Definition of an anonymous union object is a language extension

CERT.ARRAY.LENGTH.ZERO  Arrays of length zero are a language extension

CERT.BITFIELD.NOT.INT  Bit-field not defined as 'int' type is a language extension

CERT.BITFIELD.SIGN.MODIFIER  Bit-field not defined as signed or unsigned is implementation defined

CERT.EMPTY.AGR.INIT  Empty aggregate initializers are a language extension

CERT.ENUM.LITERAL.TYPE.INT  Enumeration literal constant is not of type int

CERT.ENUM.TYPE.SPECIFIER  Non-standard extended enum type specifier is a language extension

CERT.FIXED.MEMORY.ADDRESS  Use of '@ address' is a language extension

CERT.LITERAL.BINARY  Use of binary constant is a language extension

CERT.LITERAL.MULTIBYTE.CHAR  Assignment of multi-byte character constant is implementation defined

CERT.LITERAL.OCTAL  Use of octal constant is a language extension

CERT.LITERAL.SUFFIX.I64  Use of I64 or UI64 as an integer constant suffix is a language extension

CERT.NAME.DOLLAR.CHAR  Use '$' of character in object name is not a legal identifier in ISO C

CERT.STMT.EXPR  Use of a statement expression is a language extension

CERT.STR.RANGE.FORMATTER  Use of string range formatter is implementation defined

CERT.TYPEOF  Use of '__typeof__' is a language extension

CERT.UNNAMED.MEMBER  Definition of an unnamed member in a struct or union is a language extension

MISRA.SWITCH.WELL_FORMED.BREAK.2012  An unconditional break statement shall terminate every switch-clause.

SV.USAGERULES.PERMISSIONS  Use of Privilege Elevation

CERT.CHROOT  Use of chroot function

CERT.CHROOT.CHDIR  Call to 'chroot' function is not followed by call to 'chdir'

MISRA.DEFINE.FUNC  Function-like macro definition

MISRA.DEFINE.NOPARS  Macro parameter with no parentheses

MISRA.DEFINE.BADEXP  Inappropriate macro expansion

MISRA.DEFINE.SHARP.ORDER.2012  Unspecified order of evaluation of multiple '#' or '##'

MISRA.INCGUARD  Include guard is not provided

MISRA.DEFINE.BADEXP  Inappropriate macro expansion

NNTS.TAINTED  Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String

SV.TAINTED.INJECTION  Command Injection

NNTS.MIGHT  Buffer Overflow - Non-null Terminated String

NNTS.MUST  Buffer Overflow - Non-null Terminated String

MISRA.STRING_LITERAL.NON_CONST.2012  A string literal shall not be assigned to an object unless the object's type is pointer to const-qualified char

SV.DLLPRELOAD.NONABSOLUTE.DLL  Potential DLL-preload hijack vector

SV.DLLPRELOAD.NONABSOLUTE.EXE  Potential process injection vector

SV.DLLPRELOAD.SEARCHPATH  Do not use SearchPath to find DLLs