Bug Finder

This tab lists thecheckers

defects that a Polyspace Bug Finder analysis can detect.
The tab maps the defects to standards such as CWE.

Group Acronym
Numerical INT_ZERO_DIV
Numerical FLOAT_ZERO_DIV
Numerical INT_CONV_OVFL
Numerical UINT_CONV_OVFL
Numerical INT_CONSTANT_OVFL
Numerical UINT_CONSTANT_OVFL
Numerical SIGN_CHANGE
Numerical FLOAT_CONV_OVFL
Numerical INT_OVFL
Numerical UINT_OVFL
Numerical FLOAT_OVFL
Numerical FLOAT_ABSORPTION
Numerical INT_STD_LIB
Numerical FLOAT_STD_LIB
Numerical SHIFT_NEG
Numerical SHIFT_OVFL
Numerical BAD_PLAIN_CHAR_USE
Numerical BITWISE_NEG
Numerical INT_PRECISION_EXCEEDED
Numerical INVALID_OPERATION_ON_BOOLEAN
Numerical INT_TO_FLOAT_PRECISION_LOSS
Static memory OUT_BOUND_ARRAY
Static memory NULL_PTR
Static memory OUT_BOUND_PTR
Static memory FUNC_CAST
Static memory PTR_CAST
Static memory LOCAL_ADDR_ESCAPE
Static memory MEM_STD_LIB
Static memory STR_STD_LIB
Static memory NULL_PTR_ARITH
Static memory OBJECT_SIZE_MISMATCH
Static memory PATH_BUFFER_OVERFLOW
Static memory STR_FORMAT_BUFFER_OVERFLOW
Static memory STRLIB_BUFFER_OVERFLOW
Static memory STRLIB_BUFFER_UNDERFLOW
Static memory PUTENV_AUTO_VAR
Static memory PTR_TO_DIFF_ARRAY
Dynamic memory FREED_PTR
Dynamic memory UNPROTECTED_MEMORY_ALLOCATION
Dynamic memory DOUBLE_DEALLOCATION
Dynamic memory BAD_FREE
Dynamic memory MEM_LEAK
Dynamic memory BAD_DELETE
Dynamic memory WIN_MISMATCH_DEALLOC
Dynamic memory ALIGNMENT_CHANGE
Data flow USELESS_WRITE
Data flow NON_INIT_VAR
Data flow NON_INIT_PTR
Data flow VAR_SHADOWING
Data flow MISSING_RETURN
Data flow UNREACHABLE
Data flow DEAD_CODE
Data flow USELESS_IF
Data flow PARTIALLY_ACCESSED_ARRAY
Data flow UNCALLED_FUNC
Data flow NON_INIT_PTR_CONV
Data flow DEACTIVATED_CODE
Resource management READ_ONLY_RESOURCE_WRITE
Resource management CLOSED_RESOURCE_USE
Resource management DOUBLE_RESOURCE_CLOSE
Resource management DOUBLE_RESOURCE_OPEN
Resource management RESOURCE_LEAK
Programming ASSERT
Programming BAD_EQUAL_USE
Programming BAD_EQUAL_EQUAL_USE
Programming DECL_MISMATCH
Programming TYPEDEF_MISMATCH
Programming BAD_FLOAT_OP
Programming MISSING_NULL_CHAR
Programming QUALIFIER_MISMATCH
Programming PTR_SIZEOF_MISMATCH
Programming OPERATOR_PRECEDENCE
Programming STD_FUNC_ARG_MISMATCH
Programming INVALID_MEMORY_ASSUMPTION
Programming BAD_PTR_SCALING
Programming CONSTANT_OBJECT_WRITE
Programming IMPROPER_ARRAY_INIT
Programming MEMSET_INVALID_SIZE
Programming INVALID_VA_LIST_ARG
Programming NON_POSITIVE_VLA_SIZE
Programming OVERLAPPING_ASSIGN
Programming OVERLAPPING_COPY
Programming SIZEOF_MISUSE
Programming BAD_FILE_ACCESS_MODE_STATUS
Programming WRITE_INTERNAL_BUFFER_RETURNED_FROM_STD_FUNC
Programming MEMSET_INVALID_VALUE
Programming STRING_FORMAT
Programming OTHER_STD_LIB
Programming AUTOSAR_LIB_NON_COMPLIANCE
Programming BAD_INT_PTR_CAST
Programming UNSAFE_STR_TO_NUMERIC
Programming EXIT_ABNORMAL_HANDLER
Programming MEMCMP_FLOAT
Programming MEMCMP_STRINGS
Programming MEMCMP_PADDING_DATA
Programming NON_REENTRANT_STD_RETURN
Programming INVALID_ENV_POINTER
Programming ERRNO_MISUSE
Programming MISSING_ERRNO_RESET
Programming CHARACTER_MISUSE
Programming CHAR_EOF_CONFUSED
Programming IO_INTERLEAVING
Programming SIG_HANDLER_COMP_EXCP_RETURN
Programming SIG_HANDLER_CALLING_SIGNAL
Programming SIG_HANDLER_ASYNC_UNSAFE
Programming SIG_HANDLER_ASYNC_UNSAFE_STRICT
Programming UNPROTOTYPED_FUNC_CALL
Programming FILE_OBJECT_MISUSE
Programming FLEXIBLE_ARRAY_MEMBER_STRUCT_MISUSE
Programming SIG_HANDLER_SHARED_OBJECT
Programming MISSING_BYTESWAP
Programming INVALID_FILE_POS
Programming INDETERMINATE_STRING
Programming MACRO_USED_AS_OBJECT
Programming UNNAMED_NAMESPACE_IN_HEADER
Programming SIDE_EFFECT_IGNORED
Programming PRE_UCNAME_JOIN_TOKENS
Programming PRE_DIRECTIVE_MACRO_ARG
Programming INLINE_CONSTRAINT_NOT_RESPECTED
Programming VA_ARG_INCORRECT_TYPE
Programming TOO_MANY_VA_ARG_CALLS
Programming STREAM_WITH_SIDE_EFFECT
Programming TEMP_OBJECT_ACCESS
Programming SIG_HANDLER_ERRNO_MISUSE
Programming NARROW_WIDE_STR_MISUSE
Programming SIDE_EFFECT_IN_UNSAFE_MACRO_ARG
Programming OFFSETOF_MISUSE
Programming VA_START_MISUSE
Programming VA_START_INCORRECT_TYPE
Programming MOVE_CONST_OBJECT
Programming INCORRECT_VALUE_FORWARDING
Object oriented OBJECT_SLICING
Object oriented PARTIAL_OVERRIDE
Object oriented VIRTUAL_FUNC_HIDING
Object oriented MISSING_COPY_CTOR_CALL
Object oriented MISSING_BASE_ASSIGN_OP_CALL
Object oriented NON_INIT_MEMBER
Object oriented DTOR_NOT_VIRTUAL
Object oriented RETURN_NOT_REF_TO_THIS
Object oriented MISSING_EXPLICIT_KEYWORD
Object oriented MISSING_SELF_ASSIGN_TEST
Object oriented BREAKING_DATA_ENCAPSULATION
Object oriented MISSING_VIRTUAL_INHERITANCE
Object oriented COPY_MODIFYING_SOURCE
Object oriented INCOMPLETE_CLASS_PTR
Object oriented LAMBDA_TYPE_MISUSE
Object oriented MISSING_OVERLOAD_NEW_FOR_ALIGNED_OBJ
Object oriented MEMOP_ON_NONTRIVIAL_OBJ
C++ Exceptions EXCP_CAUGHT_BY_VALUE
C++ Exceptions EXCP_HANDLER_HIDDEN
C++ Exceptions THROW_ARGUMENT_EXPRESSION_THROWS
C++ Exceptions NOEXCEPT_FUNCTION_THROWS
Concurrency DATA_RACE
Concurrency DATA_RACE_ALL
Concurrency DATA_RACE_STD_LIB
Concurrency DATA_RACE_BIT_FIELDS
Concurrency DEADLOCK
Concurrency BAD_LOCK
Concurrency BAD_UNLOCK
Concurrency DOUBLE_LOCK
Concurrency DOUBLE_UNLOCK
Concurrency DESTROY_LOCKED
Concurrency BLOCKING_WHILE_LOCKED
Concurrency SIGNAL_USE_IN_MULTITHREADED_PROGRAM
Concurrency THREAD_KILLED_WITH_SIGNAL
Concurrency ATOMIC_VAR_ACCESS_TWICE
Concurrency ATOMIC_VAR_SEQUENCE_NOT_ATOMIC
Concurrency SPURIOUS_WAKEUP_NOT_WRAPPED_IN_LOOP
Concurrency SPURIOUS_FAILURE_NOT_WRAPPED_IN_LOOP
Concurrency THREAD_MEM_LEAK
Concurrency DOUBLE_JOIN_OR_DETACH
Concurrency UNDEFINED_THREAD_ID
Concurrency BAD_THREAD_ATTRIBUTE
Concurrency SIGNALED_COND_VAR_NOT_UNIQUE
Concurrency ASYNCHRONOUSLY_CANCELLABLE_THREAD
Concurrency MULTI_MUTEX_WITH_ONE_COND_VAR
Concurrency LOCAL_ADDR_ESCAPE_THREAD
Security PATH_TRAVERSAL
Security DANGEROUS_STD_FUNC
Security CHROOT_MISUSE
Security BAD_UMASK
Security DANGEROUS_PERMISSIONS
Security RAND_SEED_CONSTANT
Security RAND_SEED_PREDICTABLE
Security VULNERABLE_PRNG
Security FUNC_PTR_ABSOLUTE_ADDR
Security TOCTOU
Security RELATIVE_PATH_LIB
Security RELATIVE_PATH_CMD
Security NON_SECURE_TEMP_FILE
Security SENSITIVE_STACK_NOT_CLEARED
Security SENSITIVE_HEAP_NOT_CLEARED
Security SENSITIVE_DATA_PRINT
Security OBSOLETE_STD_FUNC
Security BAD_NETWORK_CONNECT_ORDER
Security DATA_LENGTH_MISMATCH
Security UNSAFE_STD_FUNC
Security UNSAFE_STD_CRYPT
Security MISSING_SWITCH_CASE
Security BAD_PRIVILEGE_DROP_ORDER
Security MISSING_PRIVILEGE_DROP_CHECK
Security RETURN_NOT_CHECKED
Security READLINK_MISUSE
Security ERRNO_NOT_CHECKED
Security FILE_EXPOSURE_TO_CHILD
Security UNSAFE_SYSTEM_CALL
Security PADDING_INFO_LEAK
Security INAPPROPRIATE_IO_ON_DEVICE
Security HARD_CODED_SENSITIVE_DATA
Cryptography CRYPTO_CIPHER_BAD_FUNCTION
Cryptography CRYPTO_CIPHER_NO_ALGORITHM
Cryptography CRYPTO_CIPHER_NO_KEY
Cryptography CRYPTO_CIPHER_NO_IV
Cryptography CRYPTO_CIPHER_NO_DATA
Cryptography CRYPTO_CIPHER_NO_FINAL
Cryptography CRYPTO_CIPHER_WEAK_CIPHER
Cryptography CRYPTO_CIPHER_WEAK_MODE
Cryptography CRYPTO_CIPHER_CONSTANT_KEY
Cryptography CRYPTO_CIPHER_CONSTANT_IV
Cryptography CRYPTO_CIPHER_PREDICTABLE_KEY
Cryptography CRYPTO_CIPHER_PREDICTABLE_IV
Cryptography CRYPTO_PKEY_NO_PUBLIC_KEY
Cryptography CRYPTO_PKEY_NO_PRIVATE_KEY
Cryptography CRYPTO_PKEY_NO_PEER
Cryptography CRYPTO_PKEY_NO_PARAMS
Cryptography CRYPTO_PKEY_NO_DATA
Cryptography CRYPTO_PKEY_WEAK_PARAMS
Cryptography CRYPTO_RSA_LOW_EXPONENT
Cryptography CRYPTO_RSA_WEAK_PADDING
Cryptography CRYPTO_RSA_BAD_PADDING
Cryptography CRYPTO_RSA_NO_BLINDING
Cryptography CRYPTO_PKEY_INCORRECT_KEY
Cryptography CRYPTO_PKEY_INCORRECT_INIT
Cryptography CRYPTO_RSA_NO_PADDING
Cryptography CRYPTO_MD_WEAK_HASH
Cryptography CRYPTO_MD_BAD_FUNCTION
Cryptography CRYPTO_MD_NO_SALT
Cryptography CRYPTO_SSL_WEAK_PROTOCOL
Cryptography CRYPTO_SSL_NO_CERTIFICATE
Cryptography CRYPTO_SSL_NO_CA
Cryptography CRYPTO_MD_NO_ALGORITHM
Cryptography CRYPTO_MD_NO_DATA
Cryptography CRYPTO_MD_NO_FINAL
Cryptography CRYPTO_SSL_NO_ROLE
Cryptography CRYPTO_SSL_BAD_ROLE
Cryptography CRYPTO_SSL_NO_PRIVATE_KEY
Cryptography CRYPTO_SSL_CERT_NOT_CHECKED
Cryptography CRYPTO_SSL_HOSTNAME_NOT_CHECKED
Tainted data TAINTED_HOSTID
Tainted data TAINTED_ENV_VARIABLE
Tainted data TAINTED_STRING_FORMAT
Tainted data TAINTED_SIGN_CHANGE
Tainted data TAINTED_LOOP_BOUNDARY
Tainted data TAINTED_MEMORY_ALLOC_SIZE
Tainted data TAINTED_PATH_LIB
Tainted data TAINTED_PATH_CMD
Tainted data TAINTED_EXTERNAL_CMD
Tainted data TAINTED_VLA_SIZE
Tainted data TAINTED_INT_MOD
Tainted data TAINTED_INT_DIVISION
Tainted data TAINTED_ARRAY_INDEX
Tainted data TAINTED_PTR_OFFSET
Tainted data TAINTED_PTR
Tainted data TAINTED_STRING
Good practice UNUSED_PARAMETER
Good practice HARD_CODED_BUFFER_SIZE
Good practice HARD_CODED_LOOP_BOUNDARY
Good practice HARD_CODED_MEM_SIZE
Good practice SETJMP_LONGJMP_USE
Good practice MORE_THAN_ONE_STATEMENT
Good practice BITWISE_ARITH_MIX
Good practice MISSING_FREED_PTR_RESET
Good practice MISSING_SWITCH_BREAK
Good practice DELETE_OF_VOID_PTR
Good practice FLEXIBLE_ARRAY_MEMBER_INCORRECT_SIZE
Good practice MOST_VEXING_PARSE
Good practice CV_QUALIFIED_REFERENCE_TYPE
Good practice WRITE_REFERENCE_TO_CONST_TYPE
Good practice MISSING_OVERLOAD_NEW_DELETE_PAIR
Good practice MULTI_STMT_MACRO
Good practice SEMICOLON_TERMINATED_MACRO
Good practice SEMICOLON_CTRL_STMT_SAME_LINE
Good practice INCORRECT_INDENTATION
Good practice SIZEOF_USELESS_OP
Good practice INAPPROPRIATE_TYPE_IN_SWITCH
Good practice FORBIDDEN_FUNC
Good practice UNMODIFIED_VAR_NOT_CONST
Good practice FILE_DOES_NOT_COMPILE
Performance STD_ENDL_USE
Performance EMPTY_DESTRUCTOR_DEFINED
Performance CONST_RETURN_VALUE
Performance CONST_PARAMETER_VALUE
Performance INEFFICIENT_BASIC_STRING_LENGTH
Performance MOVE_OPERATION_MAY_THROW
Performance EXPENSIVE_PASS_BY_VALUE
Performance EXPENSIVE_RETURN_BY_VALUE
Performance EXPENSIVE_RANGE_BASED_FOR_LOOP_ITERATION
Performance EXPENSIVE_STD_MOVE_CONST_OBJECT
Performance STD_MOVE_UNMOVABLE_TYPE
Performance MISSING_CONSTEXPR
Performance EXPENSIVE_CONSTANT_STD_STRING
Performance EXPENSIVE_C_STR_STD_STRING_OPERATION
Performance UNNECESSARY_EMPTY_STRING_LITERAL
Performance EXPENSIVE_USE_OF_STD_STRING_METHODS
Performance EXPENSIVE_STD_STRING_APPEND
Performance CONST_RVALUE_REFERENCE_PARAMETER
Performance EXPENSIVE_LOGICAL_OPERATION
Performance EXPENSIVE_LOCAL_VARIABLE
Performance MISSING_MAKE_SHARED
 Defect Name Language
Integer division by zero C-C++
Float division by zero C-C++
Integer conversion overflow C-C++
Unsigned integer conversion overflow C-C++
Integer constant overflow C-C++
Unsigned integer constant overflow C-C++
Sign change integer conversion overflow C-C++
Float conversion overflow C-C++
Integer overflow C-C++
Unsigned integer overflow C-C++
Float overflow C-C++
Absorption of float operand C-C++
Invalid use of standard library integer routine C-C++
Invalid use of standard library floating point routine C-C++
Shift of a negative value C-C++
Shift operation overflow C-C++
Use of plain char type for numeric value C-C++
Bitwise operation on negative value C-C++
Integer precision exceeded C-C++
Possible invalid operation on boolean operand C-C++
Precision loss in integer to float conversion C-C++
Array access out of bounds C-C++
Null pointer C-C++
Pointer access out of bounds C-C++
Unreliable cast of function pointer C-C++
Unreliable cast of pointer C
Pointer or reference to stack variable leaving scope C-C++
Invalid use of standard library memory routine C-C++
Invalid use of standard library string routine C-C++
Arithmetic operation with NULL pointer C-C++
Wrong allocated object size for cast C-C++
Use of path manipulation function without maximum-sized buffer checking C-C++
Buffer overflow from incorrect string format specifier C-C++
Destination buffer overflow in string manipulation C-C++
Destination buffer underflow in string manipulation C-C++
Use of automatic variable as putenv-family function argument C-C++
Subtraction or comparison between pointers to different arrays C-C++
Use of previously freed pointer C-C++
Unprotected dynamic memory allocation C-C++
Deallocation of previously deallocated pointer C-C++
Invalid free of pointer C-C++
Memory leak C-C++
Invalid deletion of pointer C++
Mismatched alloc/dealloc functions on Windows C-C++
Alignment changed after memory reallocation C-C++
Write without a further read C-C++
Non-initialized variable C-C++
Non-initialized pointer C-C++
Variable shadowing C-C++
Missing return statement C-C++
Unreachable code C-C++
Dead code C-C++
Useless if C-C++
Partially accessed array C-C++
Static uncalled function C-C++
Pointer to non initialized value converted to const pointer C-C++
Code deactivated by constant false condition C-C++
Writing to read-only resource C-C++
Use of previously closed resource C-C++
Closing previously closed resource C-C++
Opening previously opened resource C-C++
Resource leak C-C++
Assertion C-C++
Invalid use of = operator C-C++
Invalid use of == operator C-C++
Declaration mismatch C-C++
Typedef mismatch C-C++
Floating point comparison with equality operators C-C++
Missing null in string array C
Qualifier removed in conversion C
Wrong type used in sizeof C-C++
Possibly unintended evaluation of expression because of operator precedence rules C-C++
Standard function call with incorrect arguments C-C++
Invalid assumptions about memory organization C-C++
Incorrect pointer scaling C-C++
Writing to const qualified object C-C++
Improper array initialization C-C++
Use of memset with size argument zero C-C++
Invalid va_list argument C-C++
Variable length array with non-positive size C-C++
Overlapping assignment C-C++
Copy of overlapping memory C-C++
Possible misuse of sizeof C-C++
Bad file access mode or status C-C++
Modification of internal buffer returned from non-reentrant standard function C-C++
Call to memset family with unintended value C-C++
Format string specifiers and arguments mismatch C-C++
Invalid use of standard library routine C-C++
Non-compliance with AUTOSAR specification C-C++
Unsafe conversion between pointer and integer C-C++
Unsafe conversion from string to numerical value C-C++
Abnormal termination of exit handler C-C++
Memory comparison of float-point values C-C++
Memory comparison of strings C-C++
Memory comparison of padding data C-C++
Misuse of return value from non-reentrant standard function C-C++
Environment pointer invalidated by previous operation C-C++
Misuse of errno C-C++
Errno not reset C-C++
Misuse of sign-extended character value C-C++
Character value absorbed into EOF C-C++
Alternating input and output from a stream without flush or positioning call C-C++
Return from computational exception signal handler C-C++
Signal call from within signal handler C-C++
Function called from signal handler not asynchronous-safe C-C++
Function called from signal handler not asynchronous-safe (strict ISO C) C-C++
Call through non-prototyped function pointer C
Misuse of a FILE object C-C++
Misuse of structure with flexible array member C-C++
Shared data access within signal handler C-C++
Missing byte reordering when transferring data C-C++
Invalid file position C-C++
Use of indeterminate string C-C++
Predefined macro used as an object C-C++
Unnamed namespace in header file C++
Side effect of expression ignored C-C++
Universal character name from token concatenation C-C++
Preprocessor directive in macro argument C-C++
Inline constraint not respected C-C++
Incorrect data type passed to va_arg C-C++
Too many va_arg calls for current argument list C-C++
Stream argument with possibly unintended side effects C-C++
Accessing object with temporary lifetime C-C++
Misuse of errno in a signal handler C-C++
Misuse of narrow or wide character string C-C++
Side effect in arguments to unsafe macro C-C++
Incorrect use of offsetof in C++ C++
Incorrect use of va_start C-C++
Incorrect type data passed to va_start C-C++
Move operation on const object C++
Incorrect value forwarding C++
Object slicing C++
Partial override of overloaded virtual functions C++
Incompatible types prevent overriding C++
Copy constructor not called in initialization list C++
Base class assignment operator not called C++
Member not initialized in constructor C++
Base class destructor not virtual C++
*this not returned in copy assignment operator C++
Missing explicit keyword C++
Self assignment not tested in operator C++
Return of non-const handle to encapsulated data member C++
Missing virtual inheritance C++
Copy operation modifying source operand C++
Conversion or deletion of incomplete class pointer C++
Lambda used as typeid operand C++
Operator new not overloaded for possibly over-aligned class C++
Bytewise operations on nontrivial class object C++
Exception caught by value C++
Exception handler hidden by previous handler C++
Argument expression of Throw statement might raise unexpected exception C++
Noexcept function might exit with an exception C++
Data race C-C++
Data race including atomic operations C-C++
Data race through standard library function call C-C++
Data race on adjacent bit fields C-C++
Deadlock C-C++
Missing unlock C-C++
Missing lock C-C++
Double lock C-C++
Double unlock C-C++
Destruction of locked mutex C-C++
Blocking operation while holding lock C-C++
Signal call in multithreaded program C-C++
Use of signal to kill thread C-C++
Atomic variable accessed twice in an expression C-C++
Atomic load and store sequence not atomic C-C++
Function that can spuriously wake up not wrapped in loop C-C++
Function that can spuriously fail not wrapped in loop C-C++
Thread-specific memory leak C-C++
Join or detach of a joined or detached thread C-C++
Use of undefined thread ID C-C++
Missing or double initialization of thread attribute C-C++
Multiple threads waiting on same condition variable C-C++
Asynchronously cancellable thread C-C++
Multiple mutexes used with same condition variable C-C++
Automatic or thread local variable escaping from a thread C-C++
Vulnerable path manipulation C-C++
Use of dangerous standard function C-C++
File manipulation after chroot() without chdir("/") C-C++
Umask used with chmod-style arguments C-C++
Vulnerable permission assignments C-C++
Deterministic random output from constant seed C-C++
Predictable random output from predictable seed C-C++
Vulnerable pseudo-random number generator C-C++
Function pointer assigned with absolute address C-C++
File access between time of check and use (TOCTOU) C-C++
Load of library from a relative path can be controlled by an external actor C-C++
Execution of a binary from a relative path can be controlled by an external actor C-C++
Use of non-secure temporary file C-C++
Uncleared sensitive data in stack C-C++
Sensitive heap memory not cleared before release C-C++
Sensitive data printed out C-C++
Use of obsolete standard function C-C++
Incorrect order of network connection operations C-C++
Mismatch between data length and size C-C++
Unsafe standard function C-C++
Unsafe standard encryption function C-C++
Missing case for switch condition C-C++
Bad order of dropping privileges C-C++
Privilege drop not verified C-C++
Returned value of a sensitive function not checked C-C++
Misuse of readlink() C-C++
Errno not checked C-C++
File descriptor exposure to child process C-C++
Unsafe call to a system function C-C++
Information leak via structure padding C-C++
Inappropriate I/O operation on device files C-C++
Hard-coded sensitive data C-C++
Inconsistent cipher operations C-C++
Missing cipher algorithm C-C++
Missing cipher key C-C++
Missing block cipher initialization vector C-C++
Missing cipher data to process C-C++
Missing cipher final step C-C++
Weak cipher algorithm C-C++
Weak cipher mode C-C++
Constant cipher key C-C++
Constant block cipher initialization vector C-C++
Predictable cipher key C-C++
Predictable block cipher initialization vector C-C++
Missing public key C-C++
Missing private key C-C++
Missing peer key C-C++
Missing parameters for key generation C-C++
Missing data for encryption, decryption or signing operation C-C++
Nonsecure parameters for key generation C-C++
Nonsecure RSA public exponent C-C++
Weak padding for RSA algorithm C-C++
Incompatible padding for RSA algorithm operation C-C++
Missing blinding for RSA algorithm C-C++
Incorrect key for cryptographic algorithm C-C++
Context initialized incorrectly for cryptographic operation C-C++
Missing padding for RSA algorithm C-C++
Nonsecure hash algorithm C-C++
Context initialized incorrectly for digest operation C-C++
Missing salt for hashing operation C-C++
Nonsecure SSL/TLS protocol C-C++
Missing X.509 certificate C-C++
Missing certification authority list C-C++
Missing hash algorithm C-C++
No data added into context C-C++
Missing final step after hashing update operation C-C++
TLS/SSL connection method not set C-C++
TLS/SSL connection method set incorrectly C-C++
Missing private key for X.509 certificate C-C++
X.509 peer certificate not checked C-C++
Server certificate common name not checked C-C++
Host change using externally controlled elements C-C++
Use of externally controlled environment variable C-C++
Tainted string format C-C++
Tainted sign change conversion C-C++
Loop bounded with tainted value C-C++
Memory allocation with tainted size C-C++
Library loaded from externally controlled path C-C++
Command executed from externally controlled path C-C++
Execution of externally controlled command C-C++
Tainted size of variable length array C-C++
Tainted modulo operand C-C++
Tainted division operand C-C++
Array access with tainted index C-C++
Pointer dereference with tainted offset C-C++
Use of tainted pointer C-C++
Tainted NULL or non-null-terminated string C-C++
Unused parameter C-C++
Hard-coded buffer size C-C++
Hard-coded loop boundary C-C++
Hard-coded object size used to manipulate memory C-C++
Use of setjmp/longjmp C-C++
Line with more than one statement C-C++
Bitwise and arithmetic operations on the same data C-C++
Missing reset of freed pointer C-C++
Missing break of switch case C-C++
Delete of void pointer C++
Incorrect syntax of flexible array member size C
Ambiguous declaration syntax C++
C++ reference type qualified with const or volatile C++
C++ reference to const-qualified type with subsequent modification C++
Missing overload of allocation or deallocation function C++
Macro with multiple statements C-C++
Macro terminated with a semicolon C-C++
Semicolon on the same line as an if, for or while statement C-C++
Incorrectly indented statement C-C++
Redundant expression in sizeof operand C-C++
Possibly inappropriate data type for switch expression C-C++
Use of a forbidden function C-C++
Unmodified variable not const-qualified C-C++
File does not compile C-C++
std::endl may cause an unnecessary flush C++
Empty destructors may cause unnecessary data copies C++
Const return values may cause unnecessary data copies C++
Const parameter values may cause unnecessary data copies C++
Inefficient string length computation C++
A move operation may throw C++
Expensive pass by value C-C++
Expensive return by value C-C++
Expensive copy in a range-based for loop iteration C++
Const std::move input may cause a more expensive object copy C++
std::move called on an unmovable type C++
Missing constexpr specifier C++
Expensive constant std::string construction C++
Unnecessary use of std::string::c_str() or equivalent string methods C++
Expensive use of std::string with empty string literal C++
Expensive use of std::string method instead of more efficient overload C++
Expensive use of non-member std::string operator+() instead of a simple append C++
Const rvalue reference parameter may cause unnecessary data copies C++
Expensive logical operation C++
Expensive local variable copy C++
Use of new (or make_unique), when make_shared would have been more efficient C++
 Impact CWE Your Notes
High CWE-189 CWE-369
High CWE-189 CWE-369
High CWE-128 CWE-189 CWE-190 CWE-191 CWE-192 CWE-197
Low CWE-128 CWE-131 CWE-189 CWE-190 CWE-191 CWE-192 CWE-197
Medium CWE-128 CWE-189 CWE-190 CWE-191
Low CWE-128 CWE-189 CWE-190 CWE-191
Medium CWE-192 CWE-194 CWE-195 CWE-196
High CWE-189 CWE-197 CWE-681
Medium CWE-128 CWE-189 CWE-190 CWE-191 CWE-192
Low CWE-128 CWE-131 CWE-189 CWE-190 CWE-191 CWE-192
Low CWE-189 CWE-682 CWE-873
High CWE-189 CWE-682 CWE-873
High CWE-227 CWE-369 CWE-682 CWE-872
High CWE-227 CWE-369 CWE-682 CWE-873
Low CWE-189
Low CWE-189 CWE-190
Medium CWE-682 CWE-758
Medium CWE-682 CWE-758
Low CWE-190
Low CWE-190
Low CWE-189 CWE-681 CWE-704
High CWE-119 CWE-131 CWE-466
High CWE-476 CWE-690
High CWE-119 CWE-131 CWE-188 CWE-466 CWE-823
Medium
Medium CWE-135 CWE-704 CWE-843
High CWE-562 CWE-825
High CWE-120 CWE-227 CWE-690
High CWE-120 CWE-227 CWE-690
Low
High CWE-704
High CWE-785
High CWE-124 CWE-125 CWE-126 CWE-127
High CWE-121 CWE-125 CWE-135 CWE-251 CWE-787
High CWE-124 CWE-786 CWE-787
High CWE-562 CWE-686 CWE-825
High CWE-469
High CWE-416 CWE-825
Low CWE-253 CWE-690 CWE-789
High CWE-415 CWE-825
High CWE-404 CWE-590 CWE-762
Medium CWE-401 CWE-404
High CWE-404
Low CWE-404 CWE-762
Low
Low CWE-398
High CWE-456 CWE-457 CWE-908
High CWE-456 CWE-457 CWE-824 CWE-908
Low
Low
Medium CWE-561
Low CWE-561
Medium
Low
Low CWE-561
Medium
Low
High
High CWE-672 CWE-826 CWE-910
High CWE-672 CWE-826 CWE-910
Medium CWE-362 CWE-413 CWE-675
High CWE-772
High
Medium CWE-480 CWE-481
High CWE-480 CWE-482
High CWE-685 CWE-686
High
Medium CWE-873
Low CWE-170
Low CWE-704
High CWE-467
High CWE-783
Medium CWE-628 CWE-685 CWE-686 CWE-687 CWE-690 CWE-910
Medium CWE-188
Medium CWE-468
High CWE-227 CWE-471 CWE-686
Medium CWE-665
Medium CWE-665
High CWE-628
High CWE-687
Low CWE-665
Medium CWE-475 CWE-628 CWE-687
High CWE-467
Medium CWE-628 CWE-686
Low CWE-573 CWE-628
Low CWE-665 CWE-683
Low CWE-683 CWE-685 CWE-686
High CWE-227 CWE-690
High
Medium CWE-465 CWE-466 CWE-587 CWE-758
Low CWE-20 CWE-253 CWE-676
Medium CWE-705
Low
Medium CWE-188
Medium CWE-188
High
Medium CWE-825
High CWE-703
High CWE-253 CWE-456 CWE-703
Medium CWE-704
High CWE-704
Low
Low CWE-387
Medium CWE-387 CWE-474
Medium CWE-364 CWE-387 CWE-413 CWE-479 CWE-663 CWE-828
Medium CWE-364 CWE-387 CWE-413 CWE-479 CWE-663 CWE-828
Medium
Low
Low
Medium CWE-364 CWE-413
Medium CWE-188 CWE-198
Medium
Medium
Low
Medium
Low
Low
Low
Medium
Medium CWE-686
Medium CWE-685
Low
Low CWE-825
Medium
High CWE-135
Medium
Medium
Medium
Medium
High
High
High
Medium
Medium
High
High
Medium CWE-456 CWE-457 CWE-908
Medium
Low
Low
Medium
Medium CWE-375 CWE-767
Medium
Medium
Medium
Low
Medium
Medium
Medium
Medium CWE-755
High
High
High CWE-366 CWE-413
Medium CWE-366 CWE-413
High CWE-366 CWE-413
High
High CWE-833
High CWE-667
Medium CWE-832
High CWE-764
High CWE-765
Medium CWE-667 CWE-826
Low CWE-667
Low
Low
Medium
Medium
Low
Low
Medium CWE-401 CWE-404
Medium
Medium
Medium
Low
Medium
Medium
Medium
Low CWE-22 CWE-23 CWE-36
Low CWE-242 CWE-676
Medium CWE-243 CWE-922
Low CWE-560 CWE-922
Medium CWE-732 CWE-922
Medium CWE-330 CWE-336
Medium CWE-330 CWE-337
Medium CWE-330 CWE-338
Low CWE-587
Medium CWE-367
Medium CWE-114 CWE-427
Medium CWE-114 CWE-427
High CWE-377 CWE-922
Medium CWE-226 CWE-312 CWE-316
Medium CWE-244 CWE-312 CWE-316
Medium CWE-532 CWE-534 CWE-535
Low CWE-474 CWE-477
Medium CWE-666
Medium CWE-130 CWE-240
Medium CWE-558 CWE-663
Medium CWE-327 CWE-522 CWE-663
Low CWE-478
High CWE-250 CWE-696
High CWE-250 CWE-273
High CWE-252 CWE-253 CWE-690 CWE-754
Medium CWE-170
Medium CWE-253 CWE-391
Medium CWE-362
High CWE-78 CWE-88
Low
Medium CWE-67
Medium
Medium CWE-372 CWE-664
Medium CWE-310 CWE-573
Medium CWE-310 CWE-320 CWE-573 CWE-664
Medium CWE-310 CWE-326 CWE-329
Medium CWE-311 CWE-325 CWE-372 CWE-664
Medium CWE-311 CWE-325 CWE-372 CWE-664
Medium CWE-310 CWE-326 CWE-327
Medium CWE-310 CWE-326 CWE-327
Medium CWE-310 CWE-320 CWE-321 CWE-326 CWE-522
Medium CWE-310 CWE-326 CWE-329
Medium CWE-310 CWE-326 CWE-330 CWE-338
Medium CWE-310 CWE-329 CWE-330 CWE-338
Medium CWE-310 CWE-320 CWE-573 CWE-664
Medium CWE-310 CWE-320 CWE-573 CWE-664
Medium CWE-310 CWE-320 CWE-573 CWE-664
Medium CWE-310 CWE-325 CWE-372 CWE-573
Medium CWE-310 CWE-325 CWE-372 CWE-573
Medium CWE-310 CWE-326 CWE-327 CWE-522
Medium CWE-310 CWE-326 CWE-327 CWE-522
Medium CWE-310 CWE-326 CWE-327 CWE-780
Medium CWE-310 CWE-372 CWE-573 CWE-664
Medium CWE-310 CWE-326 CWE-573
Medium CWE-310 CWE-325 CWE-573 CWE-664
Medium CWE-310 CWE-325 CWE-372 CWE-573 CWE-664
Medium CWE-310 CWE-326 CWE-327 CWE-780
Medium CWE-310 CWE-327 CWE-328 CWE-353 CWE-522
Medium CWE-310 CWE-353 CWE-354 CWE-372 CWE-573 CWE-664
Medium CWE-759
Medium CWE-310 CWE-327 CWE-522 CWE-693
Medium CWE-310
Medium CWE-310
Medium CWE-573
Medium CWE-325
Medium CWE-573
Medium CWE-304 CWE-322 CWE-573
Medium CWE-573
Medium CWE-573
Medium CWE-287
Medium CWE-297
Medium CWE-15
Medium CWE-15
Low CWE-134
Medium CWE-128 CWE-131 CWE-192 CWE-194 CWE-195
Medium CWE-606
Medium CWE-128 CWE-131 CWE-789
Medium CWE-114 CWE-426
Medium CWE-114 CWE-426
Medium CWE-77 CWE-78 CWE-88 CWE-114
Medium CWE-128 CWE-131 CWE-770 CWE-789
Low CWE-369 CWE-682
Low CWE-189 CWE-190 CWE-369
Medium CWE-121 CWE-124 CWE-125 CWE-129
Low CWE-122 CWE-124 CWE-129 CWE-823
Low CWE-690 CWE-822
Low CWE-120 CWE-170 CWE-476 CWE-690 CWE-822
Low
Low CWE-547
Low CWE-547
Low CWE-805
Low CWE-691
Low
Low CWE-710
Low CWE-415 CWE-416 CWE-825
Low CWE-484
Low
Low
Low
Low
Low
Low
Low
Low
Low CWE-483
Low CWE-483
Low
Low
Low
Low
Low
Low
Low
Low
Low
Medium
Low
Medium
Medium
Medium
Medium
Medium
Medium
Medium
Medium
Low
Low
Low
Low
Low
Medium
Low
Code Prover checks
This tab lists the run-time checks that are included in a Polyspace Code Prover verification.

Category Acronym
C++ CPP
C++ EXC
C++ FRV
C++ NNT
C++ OOP
Control flow NTC
Control flow NTL
Data flow FNC
Data flow FNR
Data flow GLOBAL_SET_AT_INITIALIZATION
Data flow IRV
Data flow NIP
Data flow NIV
Data flow NIVL
Data flow UNR
Not shared Global_unshared_variable
Not shared Global_unused_variable
Numerical FOVFL
Numerical INVALID_FLOAT_OP
Numerical SHF
Numerical SOVFL
Numerical SUBNORMAL
Numerical ZDV
Other ASRT
Other AUTOSAR_COMPLIANCE
Other AUTOSAR_IMPL
Other AUTOSAR_NOIMPL
Other AUTOSAR_USE
Other COR
Other STD_LIB
Shared Global_shared_protected_variable
Shared Global_shared_unprotected_variable
Static memory ABS_ADDR
Static memory IDP
Static memory OBAI
d in a Polyspace Code Prover verification.

Check Name Language Your Notes

Invalid C++ specific operations C++
Uncaught exception C++
Function not returning value C++
Null this-pointer calling method C++
Incorrect object oriented programming C++
Non-terminating call C-C++
Non-terminating loop C-C++
Function not called C
Function not reachable C-C++
Global variable not assigned a value in initialization code C
Return value not initialized C
Non-initialized pointer C
Non-initialized variable C-C++
Non-initialized local variable C-C++
Unreachable code C-C++
Used non-shared variable C-C++
Unused variable C-C++
Float overflow C-C++
Invalid operation on floats C
Invalid shift operations C
Scalar overflow C-C++
Subnormal float C
Division by zero C-C++
User assertion C-C++
Non-compliance with AUTOSAR specification C-C++
Invalid result of AUTOSAR runnable implementation C
AUTOSAR runnable not implemented C
Invalid use of AUTOSAR runtime environment function C
Correctness condition C-C++
Invalid use of standard library routine C
Protected variable C-C++
Potentially unprotected variable C-C++
Absolute address usage C
Illegally dereferenced pointer C
Out of bounds array index C
MISRA C 2012
This tab lists the MISRA C 2012 coding rules that Polyspace supports.

Section Type Id Category

Dir 1 The implementation Directive 1.1 Required
Dir 2 Compilation and build Directive 2.1 Required
Dir 4 Code design Directive 4.1 Required
Dir 4 Code design Directive 4.10 Required
Dir 4 Code design Directive 4.11 Required
Dir 4 Code design Directive 4.12 Required
Dir 4 Code design Directive 4.13 Advisory
Dir 4 Code design Directive 4.14 Required
Dir 4 Code design Directive 4.3 Required
Dir 4 Code design Directive 4.4 Advisory
Dir 4 Code design Directive 4.5 Advisory
Dir 4 Code design Directive 4.6 Advisory
Dir 4 Code design Directive 4.7 Required
Dir 4 Code design Directive 4.8 Advisory
Dir 4 Code design Directive 4.9 Advisory
A standard C environment Rule 1.1 Required
A standard C environment Rule 1.2 Advisory
A standard C environment Rule 1.3 Required
A standard C environment Rule 1.4 Required
Unused code Rule 2.1 Required
Unused code Rule 2.2 Required
Unused code Rule 2.3 Advisory
Unused code Rule 2.4 Advisory
Unused code Rule 2.5 Advisory
Unused code Rule 2.6 Advisory
Unused code Rule 2.7 Advisory
Comments Rule 3.1 Required
Comments Rule 3.2 Required
Character sets and lexical conventions Rule 4.1 Required
Character sets and lexical conventions Rule 4.2 Advisory
Identifiers Rule 5.1 Required
Identifiers Rule 5.2 Required
Identifiers Rule 5.3 Required
Identifiers Rule 5.4 Required
Identifiers Rule 5.5 Required
Identifiers Rule 5.6 Required
Identifiers Rule 5.7 Required
Identifiers Rule 5.8 Required
Identifiers Rule 5.9 Advisory
Types Rule 6.1 Required
Types Rule 6.2 Required
Literals and constants Rule 7.1 Required
Literals and constants Rule 7.2 Required
Literals and constants Rule 7.3 Required
Literals and constants Rule 7.4 Required
Declarations and definitions Rule 8.1 Required
Declarations and definitions Rule 8.10 Required
Declarations and definitions Rule 8.11 Advisory
Declarations and definitions Rule 8.12 Required
Declarations and definitions Rule 8.13 Advisory
Declarations and definitions Rule 8.14 Required
Declarations and definitions Rule 8.2 Required
Declarations and definitions Rule 8.3 Required
Declarations and definitions Rule 8.4 Required
Declarations and definitions Rule 8.5 Required
Declarations and definitions Rule 8.6 Required
Declarations and definitions Rule 8.7 Advisory
Declarations and definitions Rule 8.8 Required
Declarations and definitions Rule 8.9 Advisory
Initialization Rule 9.1 Mandatory
Initialization Rule 9.2 Required
Initialization Rule 9.3 Required
Initialization Rule 9.4 Required
Initialization Rule 9.5 Required
The essential type model Rule 10.1 Required
The essential type model Rule 10.2 Required
The essential type model Rule 10.3 Required
The essential type model Rule 10.4 Required
The essential type model Rule 10.5 Advisory
The essential type model Rule 10.6 Required
The essential type model Rule 10.7 Required
The essential type model Rule 10.8 Required
Pointer type conversions Rule 11.1 Required
Pointer type conversions Rule 11.2 Required
Pointer type conversions Rule 11.3 Required
Pointer type conversions Rule 11.4 Advisory
Pointer type conversions Rule 11.5 Advisory
Pointer type conversions Rule 11.6 Required
Pointer type conversions Rule 11.7 Required
Pointer type conversions Rule 11.8 Required
Pointer type conversions Rule 11.9 Required
Expressions Rule 12.1 Advisory
Expressions Rule 12.2 Required
Expressions Rule 12.3 Advisory
Expressions Rule 12.4 Advisory
Expressions Rule 12.5 Mandatory
Side effects Rule 13.1 Required
Side effects Rule 13.2 Required
Side effects Rule 13.3 Advisory
Side effects Rule 13.4 Advisory
Side effects Rule 13.5 Required
Side effects Rule 13.6 Mandatory
Control statement expressions Rule 14.1 Required
Control statement expressions Rule 14.2 Required
Control statement expressions Rule 14.3 Required
Control statement expressions Rule 14.4 Required
Control flow Rule 15.1 Advisory
Control flow Rule 15.2 Required
Control flow Rule 15.3 Required
Control flow Rule 15.4 Advisory
Control flow Rule 15.5 Advisory
Control flow Rule 15.6 Required
Control flow Rule 15.7 Required
Switch statements Rule 16.1 Required
Switch statements Rule 16.2 Required
Switch statements Rule 16.3 Required
Switch statements Rule 16.4 Required
Switch statements Rule 16.5 Required
Switch statements Rule 16.6 Required
Switch statements Rule 16.7 Required
Functions Rule 17.1 Required
Functions Rule 17.2 Required
Functions Rule 17.3 Mandatory
Functions Rule 17.4 Mandatory
Functions Rule 17.5 Advisory
Functions Rule 17.6 Mandatory
Functions Rule 17.7 Required
Functions Rule 17.8 Advisory
Pointers and arrays Rule 18.1 Required
Pointers and arrays Rule 18.2 Required
Pointers and arrays Rule 18.3 Required
Pointers and arrays Rule 18.4 Advisory
Pointers and arrays Rule 18.5 Advisory
Pointers and arrays Rule 18.6 Required
Pointers and arrays Rule 18.7 Required
Pointers and arrays Rule 18.8 Required
Overlapping storage Rule 19.1 Mandatory
Overlapping storage Rule 19.2 Advisory
Preprocessing directives Rule 20.1 Advisory
Preprocessing directives Rule 20.10 Advisory
Preprocessing directives Rule 20.11 Required
Preprocessing directives Rule 20.12 Required
Preprocessing directives Rule 20.13 Required
Preprocessing directives Rule 20.14 Required
Preprocessing directives Rule 20.2 Required
Preprocessing directives Rule 20.3 Required
Preprocessing directives Rule 20.4 Required
Preprocessing directives Rule 20.5 Advisory
Preprocessing directives Rule 20.6 Required
Preprocessing directives Rule 20.7 Required
Preprocessing directives Rule 20.8 Required
Preprocessing directives Rule 20.9 Required
Standard libraries Rule 21.1 Required
Standard libraries Rule 21.10 Required
Standard libraries Rule 21.11 Required
Standard libraries Rule 21.12 Advisory
Standard libraries Rule 21.13 Mandatory
Standard libraries Rule 21.14 Required
Standard libraries Rule 21.15 Required
Standard libraries Rule 21.16 Required
Standard libraries Rule 21.17 Mandatory
Standard libraries Rule 21.18 Mandatory
Standard libraries Rule 21.19 Mandatory
Standard libraries Rule 21.2 Required
Standard libraries Rule 21.20 Mandatory
Standard libraries Rule 21.21 Required
Standard libraries Rule 21.3 Required
Standard libraries Rule 21.4 Required
Standard libraries Rule 21.5 Required
Standard libraries Rule 21.6 Required
Standard libraries Rule 21.7 Required
Standard libraries Rule 21.8 Required
Standard libraries Rule 21.9 Required
Resources Rule 22.1 Required
Resources Rule 22.10 Required
Resources Rule 22.2 Mandatory
Resources Rule 22.3 Required
Resources Rule 22.4 Mandatory
Resources Rule 22.5 Mandatory
Resources Rule 22.6 Mandatory
Resources Rule 22.7 Required
Resources Rule 22.8 Required
Resources Rule 22.9 Required
s.

Rule Descr
Any implementation-defined behaviour on which the output of the program depends shall be documented and understood.
All source files shall compile without any compilation errors.
Run-time failures shall be minimized.
Precautions shall be taken in order to prevent the contents of a header file being included more than once.
The validity of values passed to library functions shall be checked.
Dynamic memory allocation shall not be used.
Functions which are designed to provide operations on a resource should be called in an appropriate sequence.
The validity of values received from external sources shall be checked.
Assembly language shall be encapsulated and isolated.
Sections of code should not be "commented out".
Identifiers in the same name space with overlapping visibility should be typographically unambiguous.
typedefs that indicate size and signedness should be used in place of the basic numerical types.
If a function returns error information, then that error information shall be tested.
If a pointer to a structure or union is never dereferenced within a translation unit, then the implementation of the object should b
A function should be used in preference to a function-like macro where they are interchangeable.
The program shall contain no violations of the standard C syntax and constraints, and shall not exceed the implementation's tra
Language extensions should not be used.
There shall be no occurrence of undefined or critical unspecified behaviour.
Emergent language features shall not be used.
A project shall not contain unreachable code.
There shall be no dead code.
A project should not contain unused type declarations.
A project should not contain unused tag declarations.
A project should not contain unused macro declarations.
A function should not contain unused label declarations.
There should be no unused parameters in functions.
The character sequences /* and // shall not be used within a comment.
Line-splicing shall not be used in // comments.
Octal and hexadecimal escape sequences shall be terminated.
Trigraphs should not be used.
External identifiers shall be distinct.
Identifiers declared in the same scope and name space shall be distinct.
An identifier declared in an inner scope shall not hide an identifier declared in an outer scope.
Macro identifiers shall be distinct.
Identifiers shall be distinct from macro names.
A typedef name shall be a unique identifier.
A tag name shall be a unique identifier.
Identifiers that define objects or functions with external linkage shall be unique.
Identifiers that define objects or functions with internal linkage should be unique.
Bit-fields shall only be declared with an appropriate type.
Single-bit named bit fields shall not be of a signed type.
Octal constants shall not be used.
A "u" or "U" suffix shall be applied to all integer constants that are represented in an unsigned type.
The lowercase character "l" shall not be used in a literal suffix.
A string literal shall not be assigned to an object unless the object's type is "pointer to const-qualified char".
Types shall be explicitly specified.
An inline function shall be declared with the static storage class.
When an array with external linkage is declared, its size should be explicitly specified.
Within an enumerator list, the value of an implicitly-specified enumeration constant shall be unique.
A pointer should point to a const-qualified type whenever possible.
The restrict type qualifier shall not be used.
Function types shall be in prototype form with named parameters.
All declarations of an object or function shall use the same names and type qualifiers.
A compatible declaration shall be visible when an object or function with external linkage is defined.
An external object or function shall be declared once in one and only one file.
An identifier with external linkage shall have exactly one external definition.
Functions and objects should not be defined with external linkage if they are referenced in only one translation unit.
The static storage class specifier shall be used in all declarations of objects and functions that have internal linkage.
An object should be defined at block scope if its identifier only appears in a single function.
The value of an object with automatic storage duration shall not be read before it has been set.
The initializer for an aggregate or union shall be enclosed in braces.
Arrays shall not be partially initialized.
An element of an object shall not be initialized more than once.
Where designated initializers are used to initialize an array object the size of the array shall be specified explicitly.
Operands shall not be of an inappropriate essential type.
Expressions of essentially character type shall not be used inappropriately in addition and subtraction operations.
The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type cate
Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type categ
The value of an expression should not be cast to an inappropriate essential type.
The value of a composite expression shall not be assigned to an object with wider essential type.
If a composite expression is used as one operand of an operator in which the usual arithmetic conversions are performed then
The value of a composite expression shall not be cast to a different essential type category or a wider essential type.
Conversions shall not be performed between a pointer to a function and any other type.
Conversions shall not be performed between a pointer to an incomplete type and any other type.
A cast shall not be performed between a pointer to object type and a pointer to a different object type.
A conversion should not be performed between a pointer to object and an integer type.
A conversion should not be performed from pointer to void into pointer to object.
A cast shall not be performed between pointer to void and an arithmetic type.
A cast shall not be performed between pointer to object and a non-integer arithmetic type.
A cast shall not remove any const or volatile qualification from the type pointed to by a pointer.
The macro NULL shall be the only permitted form of integer null pointer constant.
The precedence of operators within expressions should be made explicit.
The right hand operand of a shift operator shall lie in the range zero to one less than the width in bits of the essential type of the
The comma operator should not be used
Evaluation of constant expressions should not lead to unsigned integer wrap-around.
The sizeof operator shall not have an operand which is a function parameter declared as "array of type".
Initializer lists shall not contain persistent side effects.
The value of an expression and its persistent side effects shall be the same under all permitted evaluation orders.
A full expression containing an increment (++) or decrement (--) operator should have no other potential side effects other than
The result of an assignment operator should not be used.
The right hand operand of a logical && or || operator shall not contain persistent side effects.
The operand of the sizeof operator shall not contain any expression which has potential side effects.
A loop counter shall not have essentially floating type.
A for loop shall be well-formed.
Controlling expressions shall not be invariant.
The controlling expression of an if statement and the controlling expression of an iteration-statement shall have essentially Boo
The goto statement should not be used.
The goto statement shall jump to a label declared later in the same function.
Any label referenced by a goto statement shall be declared in the same block, or in any block enclosing the goto statement.
There should be no more than one break or goto statement used to terminate any iteration statement.
A function should have a single point of exit at the end.
The body of an iteration-statement or a selection-statement shall be a compound-statement.
All if ... else if constructs shall be terminated with an else statement.
All switch statements shall be well-formed.
A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement.
An unconditional break statement shall terminate every switch-clause.
Every switch statement shall have a default label.
A default label shall appear as either the first or the last switch label of a switch statement.
Every switch statement shall have at least two switch-clauses.
A switch-expression shall not have essentially Boolean type.
The features of <stdarg.h> shall not be used.
Functions shall not call themselves, either directly or indirectly.
A function shall not be declared implicitly.
All exit paths from a function with non-void return type shall have an explicit return statement with an expression.
The function argument corresponding to a parameter declared to have an array type shall have an appropriate number of elem
The declaration of an array parameter shall not contain the static keyword between the [ ].
The value returned by a function having non-void return type shall be used.
A function parameter should not be modified.
A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand.
Subtraction between pointers shall only be applied to pointers that address elements of the same array.
The relational operators >, >=, < and <= shall not be applied to objects of pointer type except where they point into the same ob
The +, -, += and -= operators should not be applied to an expression of pointer type.
Declarations should contain no more than two levels of pointer nesting.
The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceas
Flexible array members shall not be declared.
Variable-length array types shall not be used.
An object shall not be assigned or copied to an overlapping object.
The union keyword should not be used.
#include directives should only be preceded by preprocessor directives or comments.
The # and ## preprocessor operators should not be used.
A macro parameter immediately following a # operator shall not immediately be followed by a ## operator.
A macro parameter used as an operand to the # or ## operators, which is itself subject to further macro replacement, shall only
A line whose first token is # shall be a valid preprocessing directive.
All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if, #ifdef or #ifndef directive to which they
The ', " or \ characters and the /* or // character sequences shall not occur in a header file name.
The #include directive shall be followed by either a <filename> or "filename"sequence.
A macro shall not be defined with the same name as a keyword.
#undef should not be used.
Tokens that look like a preprocessing directive shall not occur within a macro argument.
Expressions resulting from the expansion of macro parameters shall be enclosed in parentheses.
The controlling expression of a #if or #elif preprocessing directive shall evaluate to 0 or 1.
All identifiers used in the controlling expression of #if or #elif preprocessing directives shall be #define'd before evaluation.
#define and #undef shall not be used on a reserved identifier or reserved macro name.
The Standard Library time and date functions shall not be used.
The standard header file <tgmath.h> shall not be used.
The exception handling features of <fenv.h> should not be used.
Any value passed to a function in <ctype.h> shall be representable as an unsigned char or be the value EOF.
The Standard Library function memcmp shall not be used to compare null terminated strings.
The pointer arguments to the Standard Library functions memcpy, memmove and memcmp shall be pointers to qualified or unq
The pointer arguments to the Standard Library function memcmp shall point to either a pointer type, an essentially signed type,
Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by
The size_t argument passed to any function in <string.h> shall have an appropriate value.
The pointers returned by the Standard Library functions localeconv, getenv, setlocale or, strerror shall only be used as if they h
A reserved identifier or reserved macro name shall not be declared.
The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, getenv, setlocale or strerr
The Standard Library function system of <stdlib.h> shall not be used.
The memory allocation and deallocation functions of <stdlib.h> shall not be used.
The standard header file <setjmp.h> shall not be used.
The standard header file <signal.h> shall not be used.
The Standard Library input/output functions shall not be used.
The Standard Library functions atof, atoi, atol and atoll of <stdlib.h> shall not be used.
The Standard Library termination functions of <stdlib.h> shall not be used.
The Standard Library functions bsearch and qsort of <stdlib.h> shall not be used.
All resources obtained dynamically by means of Standard Library functions shall be explicitly released.
The value of errno shall only be tested when the last function to be called was an errno-setting-function.
A block of memory shall only be freed if it was allocated by means of a Standard Library function.
The same file shall not be open for read and write access at the same time on different streams.
There shall be no attempt to write to a stream which has been opened as read-only.
A pointer to a FILE object shall not be dereferenced.
The value of a pointer to a FILE shall not be used after the associated stream has been closed.
The macro EOF shall only be compared with the unmodified return value from any Standard Library function capable of returnin
The value of errno shall be set to zero prior to a call to an errno-setting-function.
The value of errno shall be tested against zero after calling an errno-setting-function.
Your Notes
MISRA C 2004
This tab lists the MISRA C 2004 coding rules that Polyspace supports.

Section Id Category
Environment 1.1 Required
Language extensions 2.1 Required
Language extensions 2.2 Required
Language extensions 2.3 Required
Language extensions 2.4 Advisory
Documentation 3.4 Required
Character sets 4.1 Required
Character sets 4.2 Required
Identifiers 5.1 Required
Identifiers 5.2 Required
Identifiers 5.3 Required
Identifiers 5.4 Required
Identifiers 5.5 Advisory
Identifiers 5.6 Advisory
Identifiers 5.7 Advisory
Types 6.1 Required
Types 6.2 Required
Types 6.3 Advisory
Types 6.4 Required
Types 6.5 Required
Constants 7.1 Required
Declarations and definitions 8.1 Required
Declarations and definitions 8.10 Required
Declarations and definitions 8.11 Required
Declarations and definitions 8.12 Required
Declarations and definitions 8.2 Required
Declarations and definitions 8.3 Required
Declarations and definitions 8.4 Required
Declarations and definitions 8.5 Required
Declarations and definitions 8.6 Required
Declarations and definitions 8.7 Required
Declarations and definitions 8.8 Required
Declarations and definitions 8.9 Required
Initialisation 9.1 Required
Initialisation 9.2 Required
Initialisation 9.3 Required
Arithmetic type conversions 10.1 Required
Arithmetic type conversions 10.2 Required
Arithmetic type conversions 10.3 Required
Arithmetic type conversions 10.4 Required
Arithmetic type conversions 10.5 Required
Arithmetic type conversions 10.6 Required
Pointer type conversions 11.1 Required
Pointer type conversions 11.2 Required
Pointer type conversions 11.3 Advisory
Pointer type conversions 11.4 Advisory
Pointer type conversions 11.5 Required
Expressions 12.1 Advisory
Expressions 12.10 Required
Expressions 12.11 Advisory
Expressions 12.12 Required
Expressions 12.13 Advisory
Expressions 12.2 Required
Expressions 12.3 Required
Expressions 12.4 Required
Expressions 12.5 Required
Expressions 12.6 Advisory
Expressions 12.7 Required
Expressions 12.8 Required
Expressions 12.9 Required
Control statement expressions 13.1 Required
Control statement expressions 13.2 Advisory
Control statement expressions 13.3 Required
Control statement expressions 13.4 Required
Control statement expressions 13.5 Required
Control statement expressions 13.6 Required
Control statement expressions 13.7 Required
Control flow 14.1 Required
Control flow 14.10 Required
Control flow 14.2 Required
Control flow 14.3 Required
Control flow 14.4 Required
Control flow 14.5 Required
Control flow 14.6 Required
Control flow 14.7 Required
Control flow 14.8 Required
Control flow 14.9 Required
Switch statements 15.0 Required
Switch statements 15.1 Required
Switch statements 15.2 Required
Switch statements 15.3 Required
Switch statements 15.4 Required
Switch statements 15.5 Required
Functions 16.1 Required
Functions 16.10 Required
Functions 16.2 Required
Functions 16.3 Required
Functions 16.4 Required
Functions 16.5 Required
Functions 16.6 Required
Functions 16.7 Advisory
Functions 16.8 Required
Functions 16.9 Required
Pointers and arrays 17.1 Required
Pointers and arrays 17.2 Required
Pointers and arrays 17.3 Required
Pointers and arrays 17.4 Required
Pointers and arrays 17.5 Advisory
Pointers and arrays 17.6 Required
Structures and unions 18.1 Required
Structures and unions 18.2 Required
Structures and unions 18.4 Required
Preprocessing directives 19.1 Advisory
Preprocessing directives 19.10 Required
Preprocessing directives 19.11 Required
Preprocessing directives 19.12 Required
Preprocessing directives 19.13 Advisory
Preprocessing directives 19.14 Required
Preprocessing directives 19.15 Required
Preprocessing directives 19.16 Required
Preprocessing directives 19.17 Required
Preprocessing directives 19.2 Advisory
Preprocessing directives 19.3 Required
Preprocessing directives 19.4 Required
Preprocessing directives 19.5 Required
Preprocessing directives 19.6 Required
Preprocessing directives 19.7 Advisory
Preprocessing directives 19.8 Required
Preprocessing directives 19.9 Required
Standard libraries 20.1 Required
Standard libraries 20.10 Required
Standard libraries 20.11 Required
Standard libraries 20.12 Required
Standard libraries 20.2 Required
Standard libraries 20.3 Required
Standard libraries 20.4 Required
Standard libraries 20.5 Required
Standard libraries 20.6 Required
Standard libraries 20.7 Required
Standard libraries 20.8 Required
Standard libraries 20.9 Required
Run-time failures 21.1 Required
that Polyspace supports.

Rule Description
All code shall conform to ISO 9899:1990 'Programming languages - C', amended and corrected by ISO/IEC 9899/COR1:1995,
Assembly language shall be encapsulated and isolated.
Source code shall only use /* ... */ style comments.
The character sequence /* shall not be used within a comment.
Sections of code should not be 'commented out'.
All uses of the #pragma directive shall be documented and explained.
Only those escape sequences which are defined in the ISO C standard shall be used.
Trigraphs shall not be used.
Identifiers (internal and external) shall not rely on the significance of more than 31 characters.
Identifiers in an inner scope shall not use the same name as an identifier in an outer scope, and therefore hide that identifier.
A typedef name shall be a unique identifier.
A tag name shall be a unique identifier.
No object or function identifier with static storage duration should be reused.
No identifier in one name space should have the same spelling as an identifier in another name space, with the exception of str
No identifier name should be reused.
The plain char type shall be used only for the storage and use of character values.
Signed and unsigned char type shall be used only for the storage and use of numeric values.
Typedefs that indicate size and signedness should be used in place of the basic types.
Bit fields shall only be defined to be of type unsigned int or signed int.
Bit fields of type signed int shall be at least 2 bits long.
Octal constants (other than zero) and octal escape sequences shall not be used.
Functions shall have prototype declarations and the prototype shall be visible at both the function definition and call.
All declarations and definitions of objects or functions at file scope shall have internal linkage unless external linkage is required
The static storage class specifier shall be used in definitions and declarations of objects and functions that have internal linkage
When an array is declared with external linkage, its size shall be stated explicitly or defined implicitly by initialisation.
Whenever an object or function is declared or defined, its type shall be explicitly stated.
For each function parameter the type given in the declaration and definition shall be identical, and the return types shall also be
If objects or functions are declared more than once their types shall be compatible.
There shall be no definitions of objects or functions in a header file.
Functions shall be declared at file scope.
Objects shall be defined at block scope if they are only accessed from within a single function.
An external object or function shall be declared in one and only one file.
An identifier with external linkage shall have exactly one external definition.
All automatic variables shall have been assigned a value before being used.
Braces shall be used to indicate and match the structure in the non-zero initialisation of arrays and structures.
In an enumerator list, the '=' construct shall not be used to explicitly initialise members other than the first, unless all items are e
The value of an expression of integer type shall not be implicitly converted to a different underlying type.
The value of an expression of floating type shall not be implicitly converted to a different type.
The value of a complex expression of integer type may only be cast to a type that is narrower and of the same signedness as th
The value of a complex expression of floating type may only be cast to narrower floating type.
If the bitwise operator ~ and << are applied to an operand of underlying type unsigned char or unsigned short, the result shall b
The 'U' suffix shall be applied to all constants of unsigned types.
Conversion shall not be performed between a pointer to a function and any type other than an integral type.
Conversion shall not be performed between a pointer to an object and any type other than an integral type, another pointer to o
A cast should not be performed between a pointer type and an integral type.
A cast should not be performed between a pointer to object type and a different pointer to object type.
A cast shall not be performed that removes any const or volatile qualification from the type addressed by a pointer.
Limited dependence should be placed on C's operator precedence rules in expressions.
The comma operator shall not be used.
Evaluation of constant unsigned integer expressions should not lead to wrap-around.
The underlying bit representations of floating-point values shall not be used.
The increment (++) and decrement (--) operators should not be mixed with other operators in an expression
The value of an expression shall be the same under any order of evaluation that the standard permits.
The sizeof operator should not be used on expressions that contain side effects.
The right hand operand of a logical && or || operator shall not contain side effects.
The operands of a logical && or || shall be primary-expressions.
The operands of a logical operators (&&, || and !) should be effectively Boolean. Expressions that are effectively Boolean shoul
Bitwise operators shall not be applied to operands whose underlying type is signed.
The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the underlying type of the
The unary minus operator shall not be applied to an expression whose underlying type is unsigned.
Assignment operators shall not be used in expressions that yield a Boolean value.
Tests of a value against zero should be made explicit, unless the operand is effectively Boolean.
Floating-point expressions shall not be tested for equality or inequality.
The controlling expression of a for statement shall not contain any objects of floating type.
The three expressions of a for statement shall be concerned only with loop control.
Numeric variables being used within a for loop for iteration counting should not be modified in the body of the loop.
Boolean operations whose results are invariant shall not be permitted.
There shall be no unreachable code.
All if ... else if constructs should contain a final else clause.
All non-null statements shall either have at least one side effect however executed, or cause control flow to change.
Before preprocessing, a null statement shall only occur on a line by itself; it may be followed by a comment provided that the fir
The goto statement shall not be used.
The continue statement shall not be used.
For any iteration statement there shall be at most one break statement used for loop termination.
A function shall have a single point of exit at the end of the function.
The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement.
An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compou
A switch statement shall conform to MISRA-C syntax.
A switch label shall only be used when the most closely-enclosing compound statement is the body of a switch statement.
An unconditional break statement shall terminate every non-empty switch clause.
The final clause of a switch statement shall be the default clause.
A switch expression should not represent a value that is effectively Boolean.
Every switch statement shall have at least one case clause.
Functions shall not be defined with variable numbers of arguments.
If a function returns error information, then that error information should be tested.
Functions shall not call themselves, either directly or indirectly.
Identifiers shall be given for all of the parameters in a function prototype declaration.
The identifiers used in the declaration and definition of a function shall be identical.
Functions with no parameters shall be declared with parameter type void.
The number of arguments passed to a function shall match the number of parameters.
A pointer parameter in a function prototype should be declared as pointer to const if the pointer is not used to modify the addre
All exit paths from a function with non-void return type shall have an explicit return statement with an expression.
A function identifier shall only be used with either a preceding &, or with a parenthesised parameter list, which may be empty.
Pointer arithmetic shall only be applied to pointers that address an array or array element.
Pointer subtraction shall only be applied to pointers that address elements of the same array.
>, >=, <, <= shall not be applied to pointer types except where they point to the same array.
Array indexing shall be the only allowed form of pointer arithmetic.
The declaration of objects should contain no more than 2 levels of pointer indirection.
The address of an object with automatic storage shall not be assigned to an object that may persist after the object has ceased
All structure or union types shall be complete at the end of a translation unit.
An object shall not be assigned to an overlapping object.
Unions shall not be used.
#include statements in a file shall only be preceded by other pre-processor directives or comments.
In the definition of a function-like macro each instance of a parameter shall be enclosed in parentheses unless it is used as the
All macro identifiers in preprocessor directives shall be defined before use, except in #ifdef and #ifndef preprocessor directives
There shall be at most one occurrence of the # or ## pre-processor operators in a single macro definition.
The # and ## preprocessor operators should not be used.
The defined pre-processor operator shall only be used in one of the two standard forms.
Precautions shall be taken in order to prevent the contents of a header file being included twice.
Preprocessing directives shall be syntactically meaningful even when excluded by the preprocessor.
All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if or #ifdef directive to which they are rela
Non-standard characters should not occur in header file names in #include directives.
The #include directive shall be followed by either a <filename> or "filename" sequence.
C macros shall only expand to a braced initialiser, a constant, a parenthesised expression,a type qualifier, a storage class spec
Macros shall not be #define'd and #undef'd within a block.
#undef shall not be used.
A function should be used in preference to a macro.
A function-like macro shall not be invoked without all of its arguments.
Arguments to a function-like macro shall not contain tokens that look like pre-processing directives.
Reserved identifiers, macros and functions in the standard library, shall not be defined, redefined or undefined.
The library functions atof, atoi and atol from library <stdlib.h> shall not be used.
The library functions abort, exit, getenv and system from library <stdlib.h> shall not be used.
The time handling functions of library <time.h> shall not be used.
The names of standard library macros, objects and functions shall not be reused.
The validity of values passed to library functions shall be checked.
Dynamic heap memory allocation shall not be used.
The error indicator errno shall not be used.
The macro offsetof, in library <stddef.h>, shall not be used.
The setjmp macro and the longjmp function shall not be used.
The signal handling facilities of <signal.h> shall not be used.
The input/output library <stdio.h> shall not be used in production code.
Minimisation of run-time failures shall be ensured by the use of at least one tool/technique.
Your Notes
MISRA C++ 2008
This tab lists the MISRA C++ 2008 coding rules supported by Polyspace.

Section Id Category
Basic concepts 3-1-1 Required
Basic concepts 3-1-2 Required
Basic concepts 3-1-3 Required
Basic concepts 3-2-1 Required
Basic concepts 3-2-2 Required
Basic concepts 3-2-3 Required
Basic concepts 3-2-4 Required
Basic concepts 3-3-1 Required
Basic concepts 3-3-2 Required
Basic concepts 3-4-1 Required
Basic concepts 3-9-1 Required
Basic concepts 3-9-2 Advisory
Basic concepts 3-9-3 Required
Classes 9-3-1 Required
Classes 9-3-2 Required
Classes 9-3-3 Required
Classes 9-5-1 Required
Classes 9-6-2 Required
Classes 9-6-3 Required
Classes 9-6-4 Required
Declarations 7-1-1 Required
Declarations 7-1-2 Required
Declarations 7-3-1 Required
Declarations 7-3-2 Required
Declarations 7-3-3 Required
Declarations 7-3-4 Required
Declarations 7-3-5 Required
Declarations 7-3-6 Required
Declarations 7-4-2 Required
Declarations 7-4-3 Required
Declarations 7-5-1 Required
Declarations 7-5-2 Required
Declarations 7-5-3 Required
Declarations 7-5-4 Advisory
Declarators 8-0-1 Required
Declarators 8-3-1 Required
Declarators 8-4-1 Required
Declarators 8-4-2 Required
Declarators 8-4-3 Required
Declarators 8-4-4 Required
Declarators 8-5-1 Required
Declarators 8-5-2 Required
Declarators 8-5-3 Required
Derived classes 10-1-1 Advisory
Derived classes 10-1-2 Required
Derived classes 10-1-3 Required
Derived classes 10-2-1 Advisory
Derived classes 10-3-1 Required
Derived classes 10-3-2 Required
Derived classes 10-3-3 Required
Diagnostic library 19-3-1 Required
Exception handling 15-0-2 Advisory
Exception handling 15-0-3 Required
Exception handling 15-1-1 Required
Exception handling 15-1-2 Required
Exception handling 15-1-3 Required
Exception handling 15-3-1 Required
Exception handling 15-3-2 Advisory
Exception handling 15-3-3 Required
Exception handling 15-3-4 Required
Exception handling 15-3-5 Required
Exception handling 15-3-6 Required
Exception handling 15-3-7 Required
Exception handling 15-4-1 Required
Exception handling 15-5-1 Required
Exception handling 15-5-2 Required
Exception handling 15-5-3 Required
Expressions 5-0-1 Required
Expressions 5-0-10 Required
Expressions 5-0-11 Required
Expressions 5-0-12 Required
Expressions 5-0-13 Required
Expressions 5-0-14 Required
Expressions 5-0-15 Required
Expressions 5-0-16 Required
Expressions 5-0-17 Required
Expressions 5-0-18 Required
Expressions 5-0-19 Required
Expressions 5-0-2 Advisory
Expressions 5-0-20 Required
Expressions 5-0-21 Required
Expressions 5-0-3 Required
Expressions 5-0-4 Required
Expressions 5-0-5 Required
Expressions 5-0-6 Required
Expressions 5-0-7 Required
Expressions 5-0-8 Required
Expressions 5-0-9 Required
Expressions 5-14-1 Required
Expressions 5-18-1 Required
Expressions 5-19-1 Advisory
Expressions 5-2-1 Required
Expressions 5-2-10 Advisory
Expressions 5-2-11 Required
Expressions 5-2-12 Required
Expressions 5-2-2 Required
Expressions 5-2-3 Advisory
Expressions 5-2-4 Required
Expressions 5-2-5 Required
Expressions 5-2-6 Required
Expressions 5-2-7 Required
Expressions 5-2-8 Required
Expressions 5-2-9 Advisory
Expressions 5-3-1 Required
Expressions 5-3-2 Required
Expressions 5-3-3 Required
Expressions 5-3-4 Required
Expressions 5-8-1 Required
General 1-0-1 Required
Input/output library 27-0-1 Required
Language independent issues 0-1-1 Required
Language independent issues 0-1-10 Required
Language independent issues 0-1-11 Required
Language independent issues 0-1-12 Required
Language independent issues 0-1-2 Required
Language independent issues 0-1-3 Required
Language independent issues 0-1-4 Required
Language independent issues 0-1-5 Required
Language independent issues 0-1-7 Required
Language independent issues 0-1-9 Required
Language independent issues 0-2-1 Required
Language independent issues 0-3-2 Required
Language support library 18-0-1 Required
Language support library 18-0-2 Required
Language support library 18-0-3 Required
Language support library 18-0-4 Required
Language support library 18-0-5 Required
Language support library 18-2-1 Required
Language support library 18-4-1 Required
Language support library 18-7-1 Required
Lexical conventions 2-10-1 Required
Lexical conventions 2-10-2 Required
Lexical conventions 2-10-3 Required
Lexical conventions 2-10-4 Required
Lexical conventions 2-10-5 Advisory
Lexical conventions 2-10-6 Required
Lexical conventions 2-13-1 Required
Lexical conventions 2-13-2 Required
Lexical conventions 2-13-3 Required
Lexical conventions 2-13-4 Required
Lexical conventions 2-13-5 Required
Lexical conventions 2-3-1 Required
Lexical conventions 2-5-1 Advisory
Lexical conventions 2-7-1 Required
Lexical conventions 2-7-2 Required
Lexical conventions 2-7-3 Advisory
Library introduction 17-0-1 Required
Library introduction 17-0-2 Required
Library introduction 17-0-3 Required
Library introduction 17-0-5 Required
Member access control 11-0-1 Required
Preprocessing directives 16-0-1 Required
Preprocessing directives 16-0-2 Required
Preprocessing directives 16-0-3 Required
Preprocessing directives 16-0-4 Required
Preprocessing directives 16-0-5 Required
Preprocessing directives 16-0-6 Required
Preprocessing directives 16-0-7 Required
Preprocessing directives 16-0-8 Required
Preprocessing directives 16-1-1 Required
Preprocessing directives 16-1-2 Required
Preprocessing directives 16-2-1 Required
Preprocessing directives 16-2-2 Required
Preprocessing directives 16-2-3 Required
Preprocessing directives 16-2-4 Required
Preprocessing directives 16-2-5 Advisory
Preprocessing directives 16-2-6 Required
Preprocessing directives 16-3-1 Required
Preprocessing directives 16-3-2 Advisory
Preprocessing directives 16-6-1 Document
Special member functions 12-1-1 Required
Special member functions 12-1-2 Advisory
Special member functions 12-1-3 Required
Special member functions 12-8-1 Required
Special member functions 12-8-2 Required
Standard conversions 4-10-1 Required
Standard conversions 4-10-2 Required
Standard conversions 4-5-1 Required
Standard conversions 4-5-2 Required
Standard conversions 4-5-3 Required
Statements 6-2-1 Required
Statements 6-2-2 Required
Statements 6-2-3 Required
Statements 6-3-1 Required
Statements 6-4-1 Required
Statements 6-4-2 Required
Statements 6-4-3 Required
Statements 6-4-4 Required
Statements 6-4-5 Required
Statements 6-4-6 Required
Statements 6-4-7 Required
Statements 6-4-8 Required
Statements 6-5-1 Required
Statements 6-5-2 Required
Statements 6-5-3 Required
Statements 6-5-4 Required
Statements 6-5-5 Required
Statements 6-5-6 Required
Statements 6-6-1 Required
Statements 6-6-2 Required
Statements 6-6-3 Required
Statements 6-6-4 Required
Statements 6-6-5 Required
Templates 14-5-1 Required
Templates 14-5-2 Required
Templates 14-5-3 Required
Templates 14-6-1 Required
Templates 14-6-2 Required
Templates 14-7-3 Required
Templates 14-8-1 Required
Templates 14-8-2 Advisory
supported by Polyspace.

It shall be possible to include any header file in multiple translation units without violating the One Definition Rule.
Functions shall not be declared at block scope.
When an array is declared, its size shall either be stated explicitly or defined implicitly by initialization.
All declarations of an object or function shall have compatible types.
The One Definition Rule shall not be violated.
A type, object or function that is used in multiple translation units shall be declared in one and only one file.
An identifier with external linkage shall have exactly one definition.
Objects or functions with external linkage shall be declared in a header file.
If a function has internal linkage then all re-declarations shall include the static storage class specifier.
An identifier declared to be an object or type shall be defined in a block that minimizes its visibility.
The types used for an object, a function return type, or a function parameter shall be token-for-token identical in all declarations
Typedefs that indicate size and signedness should be used in place of the basic numerical types.
The underlying bit representations of floating-point values shall not be used.
const member functions shall not return non-const pointers or references to class-data.
Member functions shall not return non-const handles to class-data.
If a member function can be made static then it shall be made static, otherwise if it can be made const then it shall be made con
Unions shall not be used.
Bit-fields shall be either bool type or an explicitly unsigned or signed integral type.
Bit-fields shall not have enum type.
Named bit-fields with signed integer type shall have a length of more than one bit.
A variable which is not modified shall be const qualified.
A pointer or reference parameter in a function shall be declared as pointer to const or reference to const if the corresponding ob
The global namespace shall only contain main, namespace declarations and extern "C" declarations.
The identifier main shall not be used for a function other than the global function main.
There shall be no unnamed namespaces in header files.
using-directives shall not be used.
Multiple declarations for an identifier in the same namespace shall not straddle a using-declaration for that identifier.
using-directives and using-declarations (excluding class scope or function scope using-declarations) shall not be used in heade
Assembler instructions shall only be introduced using the asm declaration.
Assembly language shall be encapsulated and isolated.
A function shall not return a reference or a pointer to an automatic variable (including parameters), defined within the function.
The address of an object with automatic storage shall not be assigned to another object that may persist after the first object ha
A function shall not return a reference or a pointer to a parameter that is passed by reference or const reference.
Functions should not call themselves, either directly or indirectly.
An init-declarator-list or a member-declarator-list shall consist of a single init-declarator or member-declarator respectively.
Parameters in an overriding virtual function shall either use the same default arguments as the function they override, or else sh
Functions shall not be defined using the ellipsis notation.
The identifiers used for the parameters in a re-declaration of a function shall be identical to those in the declaration.
All exit paths from a function with non-void return type shall have an explicit return statement with an expression.
A function identifier shall either be used to call the function or it shall be preceded by &.
All variables shall have a defined value before they are used.
Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and structures.
In an enumerator list, the = construct shall not be used to explicitly initialize members other than the first, unless all items are ex
Classes should not be derived from virtual bases.
A base class shall only be declared virtual if it is used in a diamond hierarchy.
An accessible base class shall not be both virtual and non-virtual in the same hierarchy.
All accessible entity names within a multiple inheritance hierarchy should be unique.
There shall be no more than one definition of each virtual function on each path through the inheritance hierarchy.
Each overriding virtual function shall be declared with the virtual keyword.
A virtual function shall only be overridden by a pure virtual function if it is itself declared as pure virtual.
The error indicator errno shall not be used.
An exception object should not have pointer type.
Control shall not be transferred into a try or catch block using a goto or a switch statement.
The assignment-expression of a throw statement shall not itself cause an exception to be thrown.
NULL shall not be thrown explicitly.
An empty throw (throw;) shall only be used in the compound- statement of a catch handler.
Exceptions shall be raised only after start-up and before termination of the program.
There should be at least one exception handler to catch all otherwise unhandled exceptions
Handlers of a function-try-block implementation of a class constructor or destructor shall not reference non-static members from
Each exception explicitly thrown in the code shall have a handler of a compatible type in all call paths that could lead to that poi
A class type exception shall always be caught by reference.
Where multiple handlers are provided in a single try-catch statement or function-try-block for a derived class and some or all of
Where multiple handlers are provided in a single try-catch statement or function-try-block, any ellipsis (catch-all) handler shall o
If a function is declared with an exception-specification, then all declarations of the same function (in other translation units) sha
A class destructor shall not exit with an exception.
Where a function's declaration includes an exception-specification, the function shall only be capable of throwing exceptions of
The terminate() function shall not be called implicitly.
The value of an expression shall be the same under any order of evaluation that the standard permits.
If the bitwise operators ~ and << are applied to an operand with an underlying type of unsigned char or unsigned short, the resu
The plain char type shall only be used for the storage and use of character values.
signed char and unsigned char type shall only be used for the storage and use of numeric values.
The condition of an if-statement and the condition of an iteration-statement shall have type bool.
The first operand of a conditional-operator shall have type bool.
Array indexing shall be the only form of pointer arithmetic.
A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same
Subtraction between pointers shall only be applied to pointers that address elements of the same array.
>, >=, <, <= shall not be applied to objects of pointer type, except where they point to the same array.
The declaration of objects shall contain no more than two levels of pointer indirection.
Limited dependence should be placed on C++ operator precedence rules in expressions.
Non-constant operands to a binary bitwise operator shall have the same underlying type.
Bitwise operators shall only be applied to operands of unsigned underlying type.
A cvalue expression shall not be implicitly converted to a different underlying type.
An implicit integral conversion shall not change the signedness of the underlying type.
There shall be no implicit floating-integral conversions.
An implicit integral or floating-point conversion shall not reduce the size of the underlying type.
There shall be no explicit floating-integral conversions of a cvalue expression.
An explicit integral or floating-point conversion shall not increase the size of the underlying type of a cvalue expression.
An explicit integral conversion shall not change the signedness of the underlying type of a cvalue expression.
The right hand operand of a logical && or || operator shall not contain side effects.
The comma operator shall not be used.
Evaluation of constant unsigned integer expressions should not lead to wrap-around.
Each operand of a logical && or || shall be a postfix-expression.
The increment ( ++ ) and decrement ( -- ) operators should not be mixed with other operators in an expression.
The comma operator, && operator and the || operator shall not be overloaded.
An identifier with array type passed as a function argument shall not decay to a pointer.
A pointer to a virtual base class shall only be cast to a pointer to a derived class by means of dynamic_cast.
Casts from a base class to a derived class should not be performed on polymorphic types.
C-style casts (other than void casts) and functional notation casts (other than explicit constructor calls) shall not be used.
A cast shall not remove any const or volatile qualification from the type of a pointer or reference.
A cast shall not convert a pointer to a function to any other pointer type, including a pointer to function type.
An object with pointer type shall not be converted to an unrelated pointer type, either directly or indirectly.
An object with integer type or pointer to void type shall not be converted to an object with pointer type.
A cast should not convert a pointer type to an integral type.
Each operand of the ! operator, the logical && or the logical || operators shall have type bool.
The unary minus operator shall not be applied to an expression whose underlying type is unsigned.
The unary & operator shall not be overloaded.
Evaluation of the operand to the sizeof operator shall not contain side effects.
The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the underlying type of the
All code shall conform to ISO/IEC 14882:2003 "The C++ Standard Incorporating Technical Corrigendum 1".
The stream input/output library <cstdio> shall not be used.
A project shall not contain unreachable code.
Every defined function shall be called at least once.
There shall be no unused parameters (named or unnamed) in non-virtual functions.
There shall be no unused parameters (named or unnamed) in the set of parameters for a virtual function and all the functions th
A project shall not contain infeasible paths.
A project shall not contain unused variables.
A project shall not contain non-volatile POD variables having only one use.
A project shall not contain unused type declarations.
The value returned by a function having a non-void return type that is not an overloaded operator shall always be used.
There shall be no dead code.
An object shall not be assigned to an overlapping object.
If a function generates error information, then that error information shall be tested.
The C library shall not be used.
The library functions atof, atoi and atol from library <cstdlib> shall not be used.
The library functions abort, exit, getenv and system from library <cstdlib> shall not be used.
The time handling functions of library <ctime> shall not be used.
The unbounded functions of library <cstring> shall not be used.
The macro offsetof shall not be used.
Dynamic heap memory allocation shall not be used.
The signal handling facilities of <csignal> shall not be used.
Different identifiers shall be typographically unambiguous.
Identifiers declared in an inner scope shall not hide an identifier declared in an outer scope.
A typedef name (including qualification, if any) shall be a unique identifier.
A class, union or enum name (including qualification, if any) shall be a unique identifier.
The identifier name of a non-member object or function with static storage duration should not be reused.
If an identifier refers to a type, it shall not also refer to an object or a function in the same scope.
Only those escape sequences that are defined in ISO/IEC 14882:2003 shall be used.
Octal constants (other than zero) and octal escape sequences (other than "\0") shall not be used.
A "U" suffix shall be applied to all octal or hexadecimal integer literals of unsigned type.
Literal suffixes shall be upper case.
Narrow and wide string literals shall not be concatenated.
Trigraphs shall not be used.
Digraphs should not be used.
The character sequence /* shall not be used within a C-style comment.
Sections of code shall not be "commented out" using C-style comments.
Sections of code should not be "commented out" using C++ comments.
Reserved identifiers, macros and functions in the standard library shall not be defined, redefined or undefined.
The names of standard library macros and objects shall not be reused.
The names of standard library functions shall not be overridden.
The setjmp macro and the longjmp function shall not be used.
Member data in non-POD class types shall be private.
#include directives in a file shall only be preceded by other preprocessor directives or comments.
Macros shall only be #define 'd or #undef 'd in the global namespace.
#undef shall not be used.
Function-like macros shall not be defined.
Arguments to a function-like macro shall not contain tokens that look like preprocessing directives.
In the definition of a function-like macro, each instance of a parameter shall be enclosed in parentheses, unless it is used as the
Undefined macro identifiers shall not be used in #if or #elif preprocessor directives, except as operands to the defined operator
If the # token appears as the first token on a line, then it shall be immediately followed by a preprocessing token.
The defined preprocessor operator shall only be used in one of the two standard forms.
All #else, #elif and #endif preprocessor directives shall reside in the same file as the #if or #ifdef directive to which they are rela
The pre-processor shall only be used for file inclusion and include guards.
C++ macros shall only be used for: include guards, type qualifiers, or storage class specifiers.
Include guards shall be provided.
The ', ", /* or // characters shall not occur in a header file name.
The \ character should not occur in a header file name.
The #include directive shall be followed by either a <filename> or "filename" sequence.
There shall be at most one occurrence of the # or ## operators in a single macro definition.
The # and ## operators should not be used.
All uses of the #pragma directive shall be documented.
An object's dynamic type shall not be used from the body of its constructor or destructor.
All constructors of a class should explicitly call a constructor for all of its immediate base classes and all virtual base classes.
All constructors that are callable with a single argument of fundamental type shall be declared explicit.
A copy constructor shall only initialize its base classes and the non-static members of the class of which it is a member.
The copy assignment operator shall be declared protected or private in an abstract class.
NULL shall not be used as an integer value.
Literal zero (0) shall not be used as the null-pointer-constant.
Expressions with type bool shall not be used as operands to built-in operators other than the assignment operator =, the logical
Expressions with type enum shall not be used as operands to built- in operators other than the subscript operator [ ], the assign
Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other than the assignment op
Assignment operators shall not be used in sub-expressions.
Floating-point expressions shall not be directly or indirectly tested for equality or inequality.
Before preprocessing, a null statement shall only occur on a line by itself; it may be followed by a comment, provided that the fi
The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement.
An if ( condition ) construct shall be followed by a compound statement. The else keyword shall be followed by either a compou
All if ... else if constructs shall be terminated with an else clause.
A switch statement shall be a well-formed switch statement.
A switch-label shall only be used when the most closely-enclosing compound statement is the body of a switch statement.
An unconditional throw or break statement shall terminate every non - empty switch-clause.
The final clause of a switch statement shall be the default-clause.
The condition of a switch statement shall not have bool type.
Every switch statement shall have at least one case-clause.
A for loop shall contain a single loop-counter which shall not have floating type.
If loop-counter is not modified by -- or ++, then, within condition, the loop-counter shall only be used as an operand to <=, <, > o
The loop-counter shall not be modified within condition or statement.
The loop-counter shall be modified by one of: --, ++, -=n, or +=n ; where n remains constant for the duration of the loop.
A loop-control-variable other than the loop-counter shall not be modified within condition or expression.
A loop-control-variable other than the loop-counter which is modified in statement shall have type bool.
Any label referenced by a goto statement shall be declared in the same block, or in a block enclosing the goto statement.
The goto statement shall jump to a label declared later in the same function body.
The continue statement shall only be used within a well-formed for loop.
For any iteration statement there shall be no more than one break or goto statement used for loop termination.
A function shall have a single point of exit at the end of the function.
A non-member generic function shall only be declared in a namespace that is not an associated namespace.
A copy constructor shall be declared when there is a template constructor with a single parameter that is a generic parameter.
A copy assignment operator shall be declared when there is a template assignment operator with a parameter that is a generic
In a class template with a dependent base, any name that may be found in that dependent base shall be referred to using a qu
The function chosen by overload resolution shall resolve to a function declared previously in the translation unit.
All partial and explicit specializations for a template shall be declared in the same file as the declaration of their primary templat
Overloaded function templates shall not be explicitly specialized.
The viable function set for a function call should either contain no function specializations, or only contain function specialization
Your Notes
JSF C++
This tab lists the JSF C++ coding rules supported by Polyspace.

Section Id Category
Rules 1 to 3 - Code Size and Complexity 1 Will
Rules 1 to 3 - Code Size and Complexity 3 Shall
Rules 8 to 15 - Environment 8 Shall
Rules 8 to 15 - Environment 9 Will
Rules 8 to 15 - Environment 11 Will
Rules 8 to 15 - Environment 12 Will
Rules 8 to 15 - Environment 13 Will
Rules 8 to 15 - Environment 14 Shall
Rules 8 to 15 - Environment 15 Shall
Rules 16 to 25 - Libraries 17 Shall
Rules 16 to 25 - Libraries 18 Shall
Rules 16 to 25 - Libraries 19 Shall
Rules 16 to 25 - Libraries 20 Shall
Rules 16 to 25 - Libraries 21 Shall
Rules 16 to 25 - Libraries 22 Shall
Rules 16 to 25 - Libraries 23 Shall
Rules 16 to 25 - Libraries 24 Shall
Rules 16 to 25 - Libraries 25 Shall
Rules 26 to 32 - Pre-Processing Directives 26 Shall
Rules 26 to 32 - Pre-Processing Directives 27 Will
Rules 26 to 32 - Pre-Processing Directives 28 Will
Rules 26 to 32 - Pre-Processing Directives 29.1 Shall
Rules 26 to 32 - Pre-Processing Directives 29.2 Shall
Rules 26 to 32 - Pre-Processing Directives 30 Shall
Rules 26 to 32 - Pre-Processing Directives 31 Will
Rules 26 to 32 - Pre-Processing Directives 32 Will
Rules 33 to 39 - Header Files 33 Shall
Rules 33 to 39 - Header Files 35 Will
Rules 33 to 39 - Header Files 39 Will
Rules 40 - Implementation Files 40 Shall
Rules 41 to 63 - Style 41 Will
Rules 41 to 63 - Style 42 Will
Rules 41 to 63 - Style 43 Should
Rules 41 to 63 - Style 44 Will
Rules 41 to 63 - Style 46 Will
Rules 41 to 63 - Style 47 Will
Rules 41 to 63 - Style 48 Will
Rules 41 to 63 - Style 50 Will
Rules 41 to 63 - Style 51 Will
Rules 41 to 63 - Style 52 Shall
Rules 41 to 63 - Style 53 Will
Rules 41 to 63 - Style 53.1 Shall
Rules 41 to 63 - Style 54 Will
Rules 41 to 63 - Style 57 Will
Rules 41 to 63 - Style 58 Will
Rules 41 to 63 - Style 59 Shall
Rules 41 to 63 - Style 60 Will
Rules 41 to 63 - Style 61 Will
Rules 41 to 63 - Style 62 Will
Rules 41 to 63 - Style 63 Will
Rules 64 to 97.1 - Classes 67 Should
Rules 64 to 97.1 - Classes 68 Shall
Rules 64 to 97.1 - Classes 71.1 Shall
Rules 64 to 97.1 - Classes 74 Will
Rules 64 to 97.1 - Classes 75 Shall
Rules 64 to 97.1 - Classes 76 Shall
Rules 64 to 97.1 - Classes 77.1 Shall
Rules 64 to 97.1 - Classes 78 Shall
Rules 64 to 97.1 - Classes 79 Shall
Rules 64 to 97.1 - Classes 81 Shall
Rules 64 to 97.1 - Classes 82 Shall
Rules 64 to 97.1 - Classes 83 Shall
Rules 64 to 97.1 - Classes 88 Shall
Rules 64 to 97.1 - Classes 88.1 Shall
Rules 64 to 97.1 - Classes 89 Shall
Rules 64 to 97.1 - Classes 94 Shall
Rules 64 to 97.1 - Classes 95 Shall
Rules 64 to 97.1 - Classes 96 Shall
Rules 64 to 97.1 - Classes 97 Shall
Rules 64 to 97.1 - Classes 97.1 Shall
Rules 98 to 100 - Namespaces 98 Should
Rules 98 to 100 - Namespaces 99 Will
Rules 101 to 106 - Templates 104 Shall
Rules 107 to 125 - Functions 107 Shall
Rules 107 to 125 - Functions 108 Shall
Rules 107 to 125 - Functions 109 Should
Rules 107 to 125 - Functions 110 Will
Rules 107 to 125 - Functions 111 Shall
Rules 107 to 125 - Functions 113 Will
Rules 107 to 125 - Functions 114 Shall
Rules 107 to 125 - Functions 116 Should
Rules 107 to 125 - Functions 117 Should
Rules 107 to 125 - Functions 119 Shall
Rules 107 to 125 - Functions 121 Should
Rules 107 to 125 - Functions 122 Should
Rules 126 to 134 - Comments 126 Shall
Rules 126 to 134 - Comments 127 Shall
Rules 126 to 134 - Comments 133 Will
Rules 135 to 141 - Declaration and Definition 135 Shall
Rules 135 to 141 - Declaration and Definition 136 Should
Rules 135 to 141 - Declaration and Definition 137 Should
Rules 135 to 141 - Declaration and Definition 138 Shall
Rules 135 to 141 - Declaration and Definition 139 Will
Rules 135 to 141 - Declaration and Definition 140 Shall
Rules 135 to 141 - Declaration and Definition 141 Will
Rules 142 to 145 - Initialization 142 Shall
Rules 142 to 145 - Initialization 144 Shall
Rules 142 to 145 - Initialization 145 Shall
Rules 146 to 148 - Types 147 Shall
Rules 146 to 148 - Types 148 Shall
Rules 149 to 151.1 - Constants 149 Shall
Rules 149 to 151.1 - Constants 150 Will
Rules 149 to 151.1 - Constants 151 Will
Rules 149 to 151.1 - Constants 151.1 Shall
Rules 152 - Variables 152 Shall
Rules 153 to 156 - Unions and Bit Fields 153 Shall
Rules 153 to 156 - Unions and Bit Fields 154 Shall
Rules 153 to 156 - Unions and Bit Fields 156 Shall
Rules 157 to 168 - Operators 157 Shall
Rules 157 to 168 - Operators 158 Shall
Rules 157 to 168 - Operators 159 Shall
Rules 157 to 168 - Operators 160 Shall
Rules 157 to 168 - Operators 162 Shall
Rules 157 to 168 - Operators 163 Shall
Rules 157 to 168 - Operators 164 Shall
Rules 157 to 168 - Operators 164.1 Shall
Rules 157 to 168 - Operators 165 Shall
Rules 157 to 168 - Operators 166 Will
Rules 157 to 168 - Operators 168 Shall
Rules 169 to 176 - Pointers & References 169 Should
Rules 169 to 176 - Pointers & References 170 Shall
Rules 169 to 176 - Pointers & References 171 Shall
Rules 169 to 176 - Pointers & References 173 Shall
Rules 169 to 176 - Pointers & References 174 Shall
Rules 169 to 176 - Pointers & References 175 Shall
Rules 169 to 176 - Pointers & References 176 Will
Rules 177 to 185 - Type Conversions 177 Should
Rules 177 to 185 - Type Conversions 178 Shall
Rules 177 to 185 - Type Conversions 179 Shall
Rules 177 to 185 - Type Conversions 180 Shall
Rules 177 to 185 - Type Conversions 181 Will
Rules 177 to 185 - Type Conversions 182 Shall
Rules 177 to 185 - Type Conversions 184 Shall
Rules 177 to 185 - Type Conversions 185 Shall
Rules 186 to 201 - Flow Control Structures 186 Shall
Rules 186 to 201 - Flow Control Structures 187 Shall
Rules 186 to 201 - Flow Control Structures 188 Will
Rules 186 to 201 - Flow Control Structures 189 Shall
Rules 186 to 201 - Flow Control Structures 190 Shall
Rules 186 to 201 - Flow Control Structures 191 Shall
Rules 186 to 201 - Flow Control Structures 192 Will
Rules 186 to 201 - Flow Control Structures 193 Shall
Rules 186 to 201 - Flow Control Structures 194 Shall
Rules 186 to 201 - Flow Control Structures 195 Will
Rules 186 to 201 - Flow Control Structures 196 Will
Rules 186 to 201 - Flow Control Structures 197 Shall
Rules 186 to 201 - Flow Control Structures 198 Will
Rules 186 to 201 - Flow Control Structures 199 Will
Rules 186 to 201 - Flow Control Structures 200 Will
Rules 186 to 201 - Flow Control Structures 201 Shall
Rules 202 to 205 - Expressions 202 Shall
Rules 202 to 205 - Expressions 203 Shall
Rules 202 to 205 - Expressions 204 Shall
Rules 202 to 205 - Expressions 204.1 Shall
Rules 202 to 205 - Expressions 205 Shall
Rules 206 to 207 - Memory Allocation 206 Shall
Rules 208 - Fault Handling 208 Shall
Rules 209 to 215 - Portable Code 209 Shall
Rules 209 to 215 - Portable Code 213 Shall
Rules 209 to 215 - Portable Code 215 Will
.

Any one function (or method) will contain no more than 200 logical source lines of code (L-SLOCs).
All functions shall have a cyclomatic complexity number of 20 or less.
All code shall conform to ISO/IEC 14882:2002(E) standard C++.
Only those characters specified in the C++ basic source character set will be used.
Trigraphs will not be used.
The following digraphs will not be used: "<%", "%>", "<:", ":>", %:, %:%:.
Multi-byte characters and wide string literals will not be used.
Literal suffixes shall use uppercase rather than lowercase letters.
Provision shall be made for run-time checking (defensive programming).
The error indicator errno shall not be used.
The macro offsetof, in library <stddef.h>, shall not be used.
<locale.h> and the setlocale function shall not be used.
The setjmp macro and the longjmp function shall not be used.
The signal handling facilities of <signal.h> shall not be used.
The input/output library <stdio.h> shall not be used.
The library functions atof, atoi and atol from library <stdlib.h> shall not be used.
The library functions abort, exit, getenv and system from library <stdlib.h> shall not be used.
The time handling functions of library <time.h> shall not be used.
Only the following pre-processor directives shall be used: #ifndef, #define, #endif, #include.
#ifndef, #define and #endif will be used to prevent multiple inclusions of the same header file. Other techniques to prevent the m
The #ifndef and #endif pre-processor directives will only be used as defined in AV Rule 27 to prevent multiple inclusions of the
The #define pre-processor directive shall not be used to create inline macros.
Inline functions shall be used instead of inline macros.
The #define pre-processor directive shall not be used to define constant values. Instead, the const qualifier shall be applied to v
The #define pre-processor directive will only be used as part of the technique to prevent multiple inclusions of the same header
The #include pre-processor directive will only be used to include header (*.h) files.
The #include directive shall use the <filename.h> notation to include header files.
A header file will contain a mechanism that prevents multiple inclusions of itself.
Header files (*.h) will not contain non-const variable definitions or function definitions.
Every implementation file shall include the header files that uniquely define the inline functions, types, and templates used.
Source lines will be kept to a length of 120 characters or less.
Each expression-statement will be on a separate line.
Tabs should be avoided.
All indentations will be at least two spaces and be consistent within the same source file.
User-specified identifiers (internal and external) will not rely on significance of more than 64 characters.
Identifiers will not begin
- the interchange of the with
letterthe
'Z' underscore character
with the number 2 '_'.
- the interchange of the letter 'n' with the letter 'h'.
The first word of the name of a class, structure, namespace, enumeration, or type created with typedef will begin with an upper
All letters contained in function and variables names will be composed entirely of lowercase letters.
Identifiers for constant and enumerator values shall be lowercase.
Header files will always have file name extension of ".h".
The following character sequences shall not appear in header file names: ', \, *, //, or ".
Implementation files will always have a file name extension of ".cpp".
The public, protected, and private sections of a class will be declared in that order.
When declaring and defining functions with more than two parameters, the leading parenthesis and the first argument will be w
The statements forming the body of an if, else if, else, while, do ... while or for statement shall always be enclosed in braces, ev
Braces ("{}") which enclose a block will be placed in the same column, on separate lines directly before and after the block.
Braces ("{}") which enclose a block will have nothing else on the line except comments.
The dereference operator '*' and the address-of operator '&' will be directly connected with the type-specifier.
Spaces will not be used around '.' or '->', nor between unary operators and operands.
Public and protected data should only be used in structs - not classes.
Unneeded implicitly generated member functions shall be explicitly disallowed.
A class's virtual functions shall not be invoked from its destructor or any of its constructors.
Initialization of nonstatic class members will be performed through the member initialization list.
Members of the initialization list shall be listed in the order in which they are declared in the class.
A copy constructor and an assignment operator shall be declared for classes that contain pointers to data items or nontrivial de
The definition of a member function shall not contain default arguments that produce a signature identical to that of the implicitly
All base classes with a virtual function shall define a virtual destructor.
All resources acquired by a class shall be released by the class's destructor.
The assignment operator shall handle self-assignment correctly.
An assignment operator shall return a reference to *this.
An assignment operator shall assign all data members and bases that affect the class invariant (a data element representing a
Multiple inheritance shall only be allowed in the following restricted form: n interfaces plus m private implementations, plus at m
A stateful virtual base shall be explicitly declared in each derived class that accesses it.
A base class shall not be both virtual and non-virtual in the same hierarchy.
An inherited nonvirtual function shall not be redefined in a derived class.
An inherited default parameter shall never be redefined.
Arrays shall not be treated polymorphically.
Arrays shall not be used in interfaces.
Neither operand of an equality operator (== or !=) shall be a pointer to a virtual member function.
Every nonlocal name, except main(), should be placed in some namespace.
Namespaces will not be nested more than two levels deep.
A template specialization shall be declared before its use.
Functions shall always be declared at file scope.
Functions with variable numbers of arguments shall not be used.
A function definition should not be placed in a class specification unless the function is intended to be inlined.
Functions with more than 7 arguments will not be used.
A function shall not return a pointer or reference to a non-static local object.
Functions will have a single exit point.
All exit points of value-returning functions shall be through return statements.
Small, concrete-type arguments (two or three words in size) should be passed by value if changes made to formal parameters
Arguments should be passed by reference if NULL values are not possible.
Functions shall not call themselves, either directly or indirectly (i.e. recursion shall not be allowed).
Only functions with 1 or 2 statements should be considered candidates for inline functions.
Trivial accessor and mutator functions should be inlined.
Only valid C++ style comments (//) shall be used.
Code that is not used (commented out) shall be deleted.
Every source file will be documented with an introductory comment that provides information on the file name, its contents, and
Identifiers in an inner scope shall not use the same name as an identifier in an outer scope, and therefore hide that identifier.
Declarations should be at the smallest feasible scope.
All declarations at file scope should be static where possible.
Identifiers shall not simultaneously have both internal and external linkage in the same translation unit.
External objects will not be declared in more than one file.
The register storage class specifier shall not be used.
A class, structure, or enumeration will not be declared in the definition of its type.
All variables shall be initialized before use.
Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and structures.
In an enumerator list, the '=' construct shall not be used to explicitly initialize members other than the first, unless all items are e
The underlying bit representations of floating point numbers shall not be used in any way by the programmer.
Enumeration types shall be used instead of integer types (and constants) to select from a limited series of choices.
Octal constants (other than zero) shall not be used.
Hexadecimal constants will be represented using all uppercase letters.
Numeric values in code will not be used; symbolic values will be used instead.
A string literal shall not be modified.
Multiple variable declarations shall not be allowed on the same line.
Unions shall not be used.
Bit-fields shall have explicitly unsigned integral or enumeration types only.
All the members of a structure (or class) shall be named and shall only be accessed via their names.
The right hand operand of a && or || operator shall not contain side effects.
The operands of a logical && or || shall be parenthesized if the operands contain binary operators.
Operators ||, &&, and unary & shall not be overloaded.
An assignment expression shall be used only as the expression in an expression statement.
Signed and unsigned values shall not be mixed in arithmetic or comparison operations.
Unsigned arithmetic shall not be used.
The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the left-hand operand (in
The left-hand operand of a right-shift operator shall not have a negative value.
The unary minus operator shall not be applied to an unsigned expression.
The sizeof operator will not be used on expressions that contain side effects.
The comma operator shall not be used.
Pointers to pointers should be avoided when possible.
More than 2 levels of pointer indirection shall not be used.
Relational operators shall not be applied to pointer types except where both operands are of the same type and point to: the sa
The address of an object with automatic storage shall not be assigned to an object which persists after the object has ceased to
The null pointer shall not be de-referenced.
A pointer shall not be compared to NULL or be assigned NULL; use plain 0 instead.
A typedef will be used to simplify program syntax when declaring function pointers.
User-defined conversion
- Virtual functions that actfunctions should
like dynamic be avoided.
casts (most likely useful in relatively simple cases).
- Use of the visitor (or similar) pattern (most likely useful in complicated cases).
A pointer to a virtual base class shall not be converted to a pointer to a derived class.
Implicit conversions that may result in a loss of information shall not be used.
Redundant explicit casts will not be used.
Type casting from any type to or from pointers shall not be used.
Floating point numbers shall not be converted to integers unless such a conversion is a specified algorithmic requirement or is
C++ style casts (const_cast, reinterpret_cast, and static_cast) shall be used instead of the traditional C-style casts.
There shall be no unreachable code.
All non-null statements shall potentially have a side-effect.
Labels will not be used, except in switch statements.
The goto statement shall not be used.
The continue statement shall not be used.
The break statement shall not be used (except to terminate the cases of a switch statement).
All if, else if constructs will contain either a final else clause or a comment indicating why a final else clause is not necessary.
Every non-empty case clause in a switch statement shall be terminated with a break statement.
All switch statements that do not intend to test for every enumeration value shall contain a final default clause.
A switch expression will not represent a Boolean value.
Every switch statement will have at least two cases and a potential default.
Floating point variables shall not be used as loop counters.
The initialization expression in a for loop will perform no actions other than to initialize the value of a single for loop parameter.
The increment expression in a for loop will perform no action other than to change a single loop parameter to the next value for
Null initialize or increment expressions in for loops will not be used; a while loop will be used instead.
Numeric variables being used within a for loop for iteration counting shall not be modified in the body of the loop.
Floating point variables shall not be tested for exact equality or inequality.
Evaluation of expressions shall not lead to overflow/underflow.
- switch condition
- single part of a chained operation.
The value of an expression shall be the same under any order of evaluation that the standard permits.
The volatile keyword shall not be used unless directly interfacing with hardware.
Allocation/deallocation from/to the free store (heap) shall not occur after initialization.
C++ exceptions shall not be used.
The basic types of int, short, long, float and double shall not be used, but specific-length equivalents should be typedef'd accord
No dependence shall be placed on C++'s operator precedence rules, below arithmetic operators, in expressions.
Pointer arithmetic will not be used.
Your Notes
SEI CERT-C Coding Standard
This tab lists SEI CERT coding rules that Polyspace supports.

Section Type Acronym

Application Programming Interfaces (API) Recommendation C API04-C
Arrays (ARR) Recommendation C ARR01-C
Arrays (ARR) Recommendation C ARR02-C
Arrays (ARR) Rule C ARR30-C
Arrays (ARR) Rule C ARR32-C
Arrays (ARR) Rule C ARR36-C
Arrays (ARR) Rule C ARR37-C
Arrays (ARR) Rule C ARR38-C
Arrays (ARR) Rule C ARR39-C
Characters and Strings (STR) Recommendation C STR02-C
Characters and Strings (STR) Recommendation C STR03-C
Characters and Strings (STR) Recommendation C STR07-C
Characters and Strings (STR) Recommendation C STR11-C
Characters and Strings (STR) Rule C STR30-C
Characters and Strings (STR) Rule C STR31-C
Characters and Strings (STR) Rule C STR32-C
Characters and Strings (STR) Rule C STR34-C
Characters and Strings (STR) Rule C STR37-C
Characters and Strings (STR) Rule C STR38-C
Concurrency (CON) Recommendation C CON01-C
Concurrency (CON) Recommendation C CON05-C
Concurrency (CON) Rule C CON30-C
Concurrency (CON) Rule C CON31-C
Concurrency (CON) Rule C CON32-C
Concurrency (CON) Rule C CON33-C
Concurrency (CON) Rule C CON34-C
Concurrency (CON) Rule C CON35-C
Concurrency (CON) Rule C CON36-C
Concurrency (CON) Rule C CON37-C
Concurrency (CON) Rule C CON38-C
Concurrency (CON) Rule C CON39-C
Concurrency (CON) Rule C CON40-C
Concurrency (CON) Rule C CON41-C
Concurrency (CON) Rule C CON43-C
Declarations and Initialization (DCL) Recommendation C DCL00-C
Declarations and Initialization (DCL) Recommendation C DCL01-C
Declarations and Initialization (DCL) Recommendation C DCL02-C
Declarations and Initialization (DCL) Recommendation C DCL06-C
Declarations and Initialization (DCL) Recommendation C DCL07-C
Declarations and Initialization (DCL) Recommendation C DCL10-C
Declarations and Initialization (DCL) Recommendation C DCL11-C
Declarations and Initialization (DCL) Recommendation C DCL12-C
Declarations and Initialization (DCL) Recommendation C DCL13-C
Declarations and Initialization (DCL) Recommendation C DCL15-C
Declarations and Initialization (DCL) Recommendation C DCL16-C
Declarations and Initialization (DCL) Recommendation C DCL18-C
Declarations and Initialization (DCL) Recommendation C DCL19-C
Declarations and Initialization (DCL) Recommendation C DCL22-C
Declarations and Initialization (DCL) Recommendation C DCL23-C
Declarations and Initialization (DCL) Rule C DCL30-C
Declarations and Initialization (DCL) Rule C DCL31-C
Declarations and Initialization (DCL) Rule C DCL36-C
Declarations and Initialization (DCL) Rule C DCL37-C
Declarations and Initialization (DCL) Rule C DCL38-C
Declarations and Initialization (DCL) Rule C DCL39-C
Declarations and Initialization (DCL) Rule C DCL40-C
Declarations and Initialization (DCL) Rule C DCL41-C
Environment (ENV) Recommendation C ENV01-C
Environment (ENV) Rule C ENV30-C
Environment (ENV) Rule C ENV31-C
Environment (ENV) Rule C ENV32-C
Environment (ENV) Rule C ENV33-C
Environment (ENV) Rule C ENV34-C
Error Handling (ERR) Recommendation C ERR00-C
Error Handling (ERR) Rule C ERR30-C
Error Handling (ERR) Rule C ERR32-C
Error Handling (ERR) Rule C ERR33-C
Error Handling (ERR) Rule C ERR34-C
Expressions (EXP) Recommendation C EXP00-C
Expressions (EXP) Recommendation C EXP05-C
Expressions (EXP) Recommendation C EXP08-C
Expressions (EXP) Recommendation C EXP09-C
Expressions (EXP) Recommendation C EXP10-C
Expressions (EXP) Recommendation C EXP12-C
Expressions (EXP) Recommendation C EXP13-C
Expressions (EXP) Recommendation C EXP15-C
Expressions (EXP) Recommendation C EXP19-C
Expressions (EXP) Rule C EXP30-C
Expressions (EXP) Rule C EXP32-C
Expressions (EXP) Rule C EXP33-C
Expressions (EXP) Rule C EXP34-C
Expressions (EXP) Rule C EXP35-C
Expressions (EXP) Rule C EXP36-C
Expressions (EXP) Rule C EXP37-C
Expressions (EXP) Rule C EXP39-C
Expressions (EXP) Rule C EXP40-C
Expressions (EXP) Rule C EXP42-C
Expressions (EXP) Rule C EXP43-C
Expressions (EXP) Rule C EXP44-C
Expressions (EXP) Rule C EXP45-C
Expressions (EXP) Rule C EXP46-C
Expressions (EXP) Rule C EXP47-C
Floating Point (FLP) Recommendation C FLP00-C
Floating Point (FLP) Recommendation C FLP02-C
Floating Point (FLP) Recommendation C FLP03-C
Floating Point (FLP) Recommendation C FLP06-C
Floating Point (FLP) Rule C FLP30-C
Floating Point (FLP) Rule C FLP32-C
Floating Point (FLP) Rule C FLP34-C
Floating Point (FLP) Rule C FLP36-C
Floating Point (FLP) Rule C FLP37-C
Input Output (FIO) Recommendation C FIO02-C
Input Output (FIO) Recommendation C FIO11-C
Input Output (FIO) Recommendation C FIO21-C
Input Output (FIO) Recommendation C FIO24-C
Input Output (FIO) Rule C FIO30-C
Input Output (FIO) Rule C FIO32-C
Input Output (FIO) Rule C FIO34-C
Input Output (FIO) Rule C FIO37-C
Input Output (FIO) Rule C FIO38-C
Input Output (FIO) Rule C FIO39-C
Input Output (FIO) Rule C FIO40-C
Input Output (FIO) Rule C FIO41-C
Input Output (FIO) Rule C FIO42-C
Input Output (FIO) Rule C FIO44-C
Input Output (FIO) Rule C FIO45-C
Input Output (FIO) Rule C FIO46-C
Input Output (FIO) Rule C FIO47-C
Integers (INT) Recommendation C INT00-C
Integers (INT) Recommendation C INT02-C
Integers (INT) Recommendation C INT04-C
Integers (INT) Recommendation C INT07-C
Integers (INT) Recommendation C INT08-C
Integers (INT) Recommendation C INT09-C
Integers (INT) Recommendation C INT10-C
Integers (INT) Recommendation C INT12-C
Integers (INT) Recommendation C INT13-C
Integers (INT) Recommendation C INT14-C
Integers (INT) Recommendation C INT18-C
Integers (INT) Rule C INT30-C
Integers (INT) Rule C INT31-C
Integers (INT) Rule C INT32-C
Integers (INT) Rule C INT33-C
Integers (INT) Rule C INT34-C
Integers (INT) Rule C INT35-C
Integers (INT) Rule C INT36-C
Memory Management (MEM) Recommendation C MEM00-C
Memory Management (MEM) Recommendation C MEM01-C
Memory Management (MEM) Recommendation C MEM02-C
Memory Management (MEM) Recommendation C MEM03-C
Memory Management (MEM) Recommendation C MEM04-C
Memory Management (MEM) Recommendation C MEM05-C
Memory Management (MEM) Recommendation C MEM06-C
Memory Management (MEM) Recommendation C MEM11-C
Memory Management (MEM) Recommendation C MEM12-C
Memory Management (MEM) Rule C MEM30-C
Memory Management (MEM) Rule C MEM31-C
Memory Management (MEM) Rule C MEM33-C
Memory Management (MEM) Rule C MEM34-C
Memory Management (MEM) Rule C MEM35-C
Memory Management (MEM) Rule C MEM36-C
Microsoft Windows (WIN) Recommendation C WIN00-C
Microsoft Windows (WIN) Rule C WIN30-C
Miscellaneous (MSC) Recommendation C MSC01-C
Miscellaneous (MSC) Recommendation C MSC04-C
Miscellaneous (MSC) Recommendation C MSC12-C
Miscellaneous (MSC) Recommendation C MSC13-C
Miscellaneous (MSC) Recommendation C MSC15-C
Miscellaneous (MSC) Recommendation C MSC17-C
Miscellaneous (MSC) Recommendation C MSC18-C
Miscellaneous (MSC) Recommendation C MSC20-C
Miscellaneous (MSC) Recommendation C MSC21-C
Miscellaneous (MSC) Recommendation C MSC22-C
Miscellaneous (MSC) Recommendation C MSC24-C
Miscellaneous (MSC) Rule C MSC30-C
Miscellaneous (MSC) Rule C MSC32-C
Miscellaneous (MSC) Rule C MSC33-C
Miscellaneous (MSC) Rule C MSC37-C
Miscellaneous (MSC) Rule C MSC38-C
Miscellaneous (MSC) Rule C MSC39-C
Miscellaneous (MSC) Rule C MSC40-C
Miscellaneous (MSC) Rule C MSC41-C
POSIX (POS) Recommendation C POS05-C
POSIX (POS) Rule C POS30-C
POSIX (POS) Rule C POS33-C
POSIX (POS) Rule C POS34-C
POSIX (POS) Rule C POS35-C
POSIX (POS) Rule C POS36-C
POSIX (POS) Rule C POS37-C
POSIX (POS) Rule C POS38-C
POSIX (POS) Rule C POS39-C
POSIX (POS) Rule C POS44-C
POSIX (POS) Rule C POS47-C
POSIX (POS) Rule C POS48-C
POSIX (POS) Rule C POS49-C
POSIX (POS) Rule C POS50-C
POSIX (POS) Rule C POS51-C
POSIX (POS) Rule C POS52-C
POSIX (POS) Rule C POS53-C
POSIX (POS) Rule C POS54-C
Preprocessor (PRE) Recommendation C PRE00-C
Preprocessor (PRE) Recommendation C PRE01-C
Preprocessor (PRE) Recommendation C PRE06-C
Preprocessor (PRE) Recommendation C PRE07-C
Preprocessor (PRE) Recommendation C PRE09-C
Preprocessor (PRE) Recommendation C PRE10-C
Preprocessor (PRE) Recommendation C PRE11-C
Preprocessor (PRE) Rule C PRE30-C
Preprocessor (PRE) Rule C PRE31-C
Preprocessor (PRE) Rule C PRE32-C
Signals (SIG) Rule C SIG30-C
Signals (SIG) Rule C SIG31-C
Signals (SIG) Rule C SIG34-C
Signals (SIG) Rule C SIG35-C
 Description
Provide a consistent and usable error-checking mechanism
Do not apply the sizeof operator to a pointer when taking the size of an array
Explicitly specify array bounds, even if implicitly defined by an initializer
Do not form or use out-of-bounds pointers or array subscripts
Ensure size arguments for variable length arrays are in a valid range
Do not subtract or compare two pointers that do not refer to the same array
Do not add or subtract an integer to a pointer to a non-array object
Guarantee that library functions do not form invalid pointers
Do not add or subtract a scaled integer to a pointer
Sanitize data passed to complex subsystems
Do not inadvertently truncate a string
Use the bounds-checking interfaces for string manipulation
Do not specify the bound of a character array initialized with a string literal
Do not attempt to modify string literals
Guarantee that storage for strings has sufficient space for character data and the null terminator
Do not pass a non-null-terminated character sequence to a library function that expects a string
Cast characters to unsigned char before converting to larger integer sizes
Arguments to character-handling functions must be representable as an unsigned char
Do not confuse narrow and wide character strings and functions
Acquire and release synchronization primitives in the same module, at the same level of abstraction
Do not perform operations that can block while holding a lock
Clean up thread-specific storage
Do not destroy a mutex while it is locked
Prevent data races when accessing bit-fields from multiple threads
Avoid race conditions when using library functions
Declare objects shared between threads with appropriate storage durations
Avoid deadlock by locking in a predefined order
Wrap functions that can spuriously wake up in a loop
Do not call signal() in a multithreaded program
Preserve thread safety and liveness when using condition variables
Do not join or detach a thread that was previously joined or detached
Do not refer to an atomic variable twice in an expression
Wrap functions that can fail spuriously in a loop
Do not allow data races in multithreaded code
Const-qualify immutable objects
Do not reuse variable names in subscopes
Use visually distinct identifiers
Use meaningful symbolic constants to represent literal values
Include the appropriate type information in function declarators
Maintain the contract between the writer and caller of variadic functions
Understand the type issues associated with variadic functions
Implement abstract data types using opaque types
Declare function parameters that are pointers to values not changed by the function as const
Declare file-scope objects or functions that do not need external linkage as static
Use 'L,' not 'l,' to indicate a long value
Do not begin integer constants with 0 when specifying a decimal value
Minimize the scope of variables and functions
Use volatile for data that cannot be cached
Guarantee that mutually visible identifiers are unique
Declare objects with appropriate storage durations
Declare identifiers before using them
Do not declare an identifier with conflicting linkage classifications
Do not declare or define a reserved identifier
Use the correct syntax when declaring a flexible array member
Avoid information leakage in structure padding
Do not create incompatible declarations of the same function or object
Do not declare variables inside a switch statement before the first case label
Do not make assumptions about the size of an environment variable
Do not modify the object referenced by the return value of certain functions
Do not rely on an environment pointer following an operation that may invalidate it
All exit handlers must return normally
Do not call system()
Do not store pointers returned by certain functions
Adopt and implement a consistent and comprehensive error-handling policy
Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indi
Do not rely on indeterminate values of errno
Detect and handle standard library errors
Detect errors when converting a string to a number
Use parentheses for precedence of operation
Do not cast away a const qualification
Ensure pointer arithmetic is used correctly
Use sizeof to determine the size of a type or variable
Do not depend on the order of evaluation of subexpressions or the order in which side effects take place
Do not ignore values returned by functions
Treat relational and equality operators as if they were nonassociative
Do not place a semicolon on the same line as an if, for, or while statement
Use braces for the body of an if, for, or while statement
Do not depend on the order of evaluation for side effects
Do not access a volatile object through a nonvolatile reference
Do not read uninitialized memory
Do not dereference null pointers
Do not modify objects with temporary lifetime
Do not cast pointers into more strictly aligned pointer types
Call functions with the correct number and type of arguments
Do not access a variable through a pointer of an incompatible type
Do not modify constant objects
Do not compare padding data
Avoid undefined behavior when using restrict-qualified pointers
Do not rely on side effects in operands to sizeof, _Alignof, or _Generic
Do not perform assignments in selection statements
Do not use a bitwise operator with a Boolean-like operand
Do not call va_arg with an argument of the incorrect type
Understand the limitations of floating-point numbers
Avoid using floating-point numbers when precise computation is needed
Detect and handle floating-point errors
Convert integers to floating point for floating-point operations
Do not use floating-point variables as loop counters
Prevent or detect domain and range errors in math functions
Ensure that floating-point conversions are within range of the new type
Preserve precision when converting integral values to floating-point type
Do not use object representations to compare floating-point values
Canonicalize path names originating from tainted sources
Take care when specifying the mode parameter of fopen()
Do not create temporary files in shared directories
Do not open a file that is already open
Exclude user input from format strings
Do not perform operations on devices that are only appropriate for files
Distinguish between characters read from a file and EOF or WEOF
Do not assume that fgets() or fgetws() returns a nonempty string when successful
Do not copy a FILE object
Do not alternately input and output from a stream without an intervening flush or positioning call
Reset strings on fgets() or fgetws() failure
Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
Close files when they are no longer needed
Only use values for fsetpos() that are returned from fgetpos()
Avoid TOCTOU race conditions while accessing files
Do not access a closed file
Use valid format strings
Understand the data model used by your implementation(s)
Understand integer conversion rules
Enforce limits on integer values originating from tainted sources
Use only explicitly signed or unsigned char type for numeric values
Verify that all integer values are in range
Ensure enumeration constants map to unique values
Do not assume a positive remainder when using the % operator
Do not make assumptions about the type of a plain int bit-field when used in an expression
Use bitwise operators only on unsigned operands
Avoid performing bitwise and arithmetic operations on the same data
Evaluate integer expressions in a larger size before comparing or assigning to that size
Ensure that unsigned integer operations do not wrap
Ensure that integer conversions do not result in lost or misinterpreted data
Ensure that operations on signed integers do not result in overflow
Ensure that division and remainder operations do not result in divide-by-zero errors
Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operan
Use correct integer precisions
Converting a pointer to integer or integer to pointer
Allocate and free memory in the same module, at the same level of abstraction
Store a new value in pointers immediately after free()
Immediately cast the result of a memory allocation function call into a pointer to the allocated type
Clear sensitive information stored in reusable resources
Beware of zero-length allocations
Avoid large stack allocations
Ensure that sensitive data is not written out to disk
Do not assume infinite heap space
Consider using a goto chain when leaving a function on error when using and releasing resources
Do not access freed memory
Free dynamically allocated memory when no longer needed
Allocate and copy structures containing a flexible array member dynamically
Only free memory allocated dynamically
Allocate sufficient memory for an object
Do not modify the alignment of objects by calling realloc()
Be specific when dynamically loading libraries
Properly pair allocation and deallocation functions
Strive for logical completeness
Use comments consistently and in a readable fashion
Detect and remove code that has no effect or is never executed
Detect and remove unused values
Do not depend on undefined behavior
Finish every set of statements associated with a case label with a break statement
Be careful while handling sensitive data, such as passwords, in program code
Do not use a switch statement to transfer control into a complex block
Use robust loop termination conditions
Use the setjmp(), longjmp() facility securely
Do not use deprecated or obsolescent functions
Do not use the rand() function for generating pseudorandom numbers
Properly seed pseudorandom number generators
Do not pass invalid data to the asctime() function
Ensure that control never reaches the end of a non-void function
Do not treat a predefined identifier as an object if it might only be implemented as a macro
Do not call va_arg() on a va_list that has an indeterminate value
Do not violate constraints
Never hard code sensitive information
Limit access to files by creating a jail
Use the readlink() function properly
Do not use vfork()
Do not call putenv() with a pointer to an automatic variable as the argument
Avoid race conditions while checking for the existence of a symbolic link
Observe correct revocation order while relinquishing privileges
Ensure that privilege relinquishment is successful
Beware of race conditions when using fork and file descriptors
Use the correct byte ordering when transferring data between systems
Do not use signals to terminate threads
Do not use threads that can be canceled asynchronously
Do not unlock or destroy another POSIX thread's mutex
When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed
Declare objects shared between POSIX threads with appropriate storage durations
Avoid deadlock with POSIX threads by locking in predefined order
Do not perform operations that can block while holding a POSIX lock
Do not use more than one mutex for concurrent waiting operations on a condition variable
Detect and handle POSIX library errors
Prefer inline or static functions to function-like macros
Use parentheses within macros around parameter names
Enclose header files in an inclusion guard
Avoid using repeated question marks
Do not replace secure functions with deprecated or obsolescent functions
Wrap multistatement macros in a do-while loop
Do not conclude macro definitions with a semicolon
Do not create a universal character name through concatenation
Avoid side effects in arguments to unsafe macros
Do not use preprocessor directives in invocations of function-like macros
Call only asynchronous-safe functions within signal handlers
Do not access shared objects in signal handlers
Do not call signal() from within interruptible signal handlers
Do not return from a computational exception signal handler
Your Notes
SEI CERT-C++ Coding Standard
This tab lists SEI CERT C++ coding rules that Polyspace supports.

Section Acronym
Characters and Strings (STR) C++ STR30-C
Characters and Strings (STR) C++ STR31-C
Characters and Strings (STR) C++ STR32-C
Characters and Strings (STR) C++ STR34-C
Characters and Strings (STR) C++ STR37-C
Characters and Strings (STR) C++ STR38-C
Characters and Strings (STR) C++ STR50-CPP
Characters and Strings (STR) C++ STR53-CPP
Concurrency (CON) C++ CON33-C
Concurrency (CON) C++ CON37-C
Concurrency (CON) C++ CON40-C
Concurrency (CON) C++ CON41-C
Concurrency (CON) C++ CON43-C
Concurrency (CON) C++ CON50-CPP
Concurrency (CON) C++ CON52-CPP
Concurrency (CON) C++ CON53-CPP
Concurrency (CON) C++ CON54-CPP
Containers (CTR) C++ ARR30-C
Containers (CTR) C++ ARR37-C
Containers (CTR) C++ ARR38-C
Containers (CTR) C++ ARR39-C
Containers (CTR) C++ CTR50-CPP
Declarations and Initialization (DCL) C++ DCL30-C
Declarations and Initialization (DCL) C++ DCL39-C
Declarations and Initialization (DCL) C++ DCL40-C
Declarations and Initialization (DCL) C++ DCL50-CPP
Declarations and Initialization (DCL) C++ DCL51-CPP
Declarations and Initialization (DCL) C++ DCL52-CPP
Declarations and Initialization (DCL) C++ DCL53-CPP
Declarations and Initialization (DCL) C++ DCL54-CPP
Declarations and Initialization (DCL) C++ DCL57-CPP
Declarations and Initialization (DCL) C++ DCL58-CPP
Declarations and Initialization (DCL) C++ DCL59-CPP
Declarations and Initialization (DCL) C++ DCL60-CPP
Exceptions and Error Handling (ERR) C++ ERR30-C
Exceptions and Error Handling (ERR) C++ ERR32-C
Exceptions and Error Handling (ERR) C++ ERR33-C
Exceptions and Error Handling (ERR) C++ ERR34-C
Exceptions and Error Handling (ERR) C++ ERR50-CPP
Exceptions and Error Handling (ERR) C++ ERR51-CPP
Exceptions and Error Handling (ERR) C++ ERR52-CPP
Exceptions and Error Handling (ERR) C++ ERR53-CPP
Exceptions and Error Handling (ERR) C++ ERR54-CPP
Exceptions and Error Handling (ERR) C++ ERR55-CPP
Exceptions and Error Handling (ERR) C++ ERR58-CPP
Exceptions and Error Handling (ERR) C++ ERR61-CPP
Expressions (EXP) C++ EXP34-C
Expressions (EXP) C++ EXP35-C
Expressions (EXP) C++ EXP36-C
Expressions (EXP) C++ EXP37-C
Expressions (EXP) C++ EXP39-C
Expressions (EXP) C++ EXP42-C
Expressions (EXP) C++ EXP45-C
Expressions (EXP) C++ EXP46-C
Expressions (EXP) C++ EXP47-C
Expressions (EXP) C++ EXP50-CPP
Expressions (EXP) C++ EXP52-CPP
Expressions (EXP) C++ EXP53-CPP
Expressions (EXP) C++ EXP54-CPP
Expressions (EXP) C++ EXP55-CPP
Expressions (EXP) C++ EXP57-CPP
Expressions (EXP) C++ EXP58-CPP
Expressions (EXP) C++ EXP59-CPP
Expressions (EXP) C++ EXP61-CPP
Expressions (EXP) C++ EXP63-CPP
Input Output (FIO) C++ FIO30-C
Input Output (FIO) C++ FIO32-C
Input Output (FIO) C++ FIO34-C
Input Output (FIO) C++ FIO37-C
Input Output (FIO) C++ FIO38-C
Input Output (FIO) C++ FIO39-C
Input Output (FIO) C++ FIO40-C
Input Output (FIO) C++ FIO41-C
Input Output (FIO) C++ FIO42-C
Input Output (FIO) C++ FIO44-C
Input Output (FIO) C++ FIO45-C
Input Output (FIO) C++ FIO46-C
Input Output (FIO) C++ FIO47-C
Input Output (FIO) C++ FIO50-CPP
Input Output (FIO) C++ FIO51-CPP
Integers (INT) C++ INT30-C
Integers (INT) C++ INT31-C
Integers (INT) C++ INT32-C
Integers (INT) C++ INT33-C
Integers (INT) C++ INT34-C
Integers (INT) C++ INT35-C
Integers (INT) C++ INT36-C
Memory Management (MEM) C++ MEM30-C
Memory Management (MEM) C++ MEM31-C
Memory Management (MEM) C++ MEM34-C
Memory Management (MEM) C++ MEM35-C
Memory Management (MEM) C++ MEM36-C
Memory Management (MEM) C++ MEM50-CPP
Memory Management (MEM) C++ MEM51-CPP
Memory Management (MEM) C++ MEM52-CPP
Memory Management (MEM) C++ MEM54-CPP
Memory Management (MEM) C++ MEM55-CPP
Memory Management (MEM) C++ MEM56-CPP
Memory Management (MEM) C++ MEM57-CPP
Miscellaneous (MSC) C++ ENV30-C
Miscellaneous (MSC) C++ ENV31-C
Miscellaneous (MSC) C++ ENV32-C
Miscellaneous (MSC) C++ ENV33-C
Miscellaneous (MSC) C++ ENV34-C
Miscellaneous (MSC) C++ FLP30-C
Miscellaneous (MSC) C++ FLP32-C
Miscellaneous (MSC) C++ FLP34-C
Miscellaneous (MSC) C++ FLP36-C
Miscellaneous (MSC) C++ FLP37-C
Miscellaneous (MSC) C++ MSC30-C
Miscellaneous (MSC) C++ MSC32-C
Miscellaneous (MSC) C++ MSC33-C
Miscellaneous (MSC) C++ MSC37-C
Miscellaneous (MSC) C++ MSC38-C
Miscellaneous (MSC) C++ MSC39-C
Miscellaneous (MSC) C++ MSC40-C
Miscellaneous (MSC) C++ MSC41-C
Miscellaneous (MSC) C++ MSC50-CPP
Miscellaneous (MSC) C++ MSC51-CPP
Miscellaneous (MSC) C++ MSC52-CPP
Miscellaneous (MSC) C++ MSC53-CPP
Miscellaneous (MSC) C++ PRE30-C
Miscellaneous (MSC) C++ PRE31-C
Miscellaneous (MSC) C++ PRE32-C
Miscellaneous (MSC) C++ SIG31-C
Miscellaneous (MSC) C++ SIG34-C
Miscellaneous (MSC) C++ SIG35-C
Object Oriented Programming (OOP) C++ OOP50-CPP
Object Oriented Programming (OOP) C++ OOP51-CPP
Object Oriented Programming (OOP) C++ OOP52-CPP
Object Oriented Programming (OOP) C++ OOP53-CPP
Object Oriented Programming (OOP) C++ OOP54-CPP
Object Oriented Programming (OOP) C++ OOP57-CPP
Object Oriented Programming (OOP) C++ OOP58-CPP
e supports.

Description
Do not attempt to modify string literals
Guarantee that storage for strings has sufficient space for character data and the null terminator
Do not pass a non-null-terminated character sequence to a library function that expects a string
Cast characters to unsigned char before converting to larger integer sizes
Arguments to character-handling functions must be representable as an unsigned char
Do not confuse narrow and wide character strings and functions
Guarantee that storage for strings has sufficient space for character data and the null terminator
Range check element access
Avoid race conditions when using library functions
Do not call signal() in a multithreaded program
Do not refer to an atomic variable twice in an expression
Wrap functions that can fail spuriously in a loop
Do not allow data races in multithreaded code
Do not destroy a mutex while it is locked
Prevent data races when accessing bit-fields from multiple threads
Avoid deadlock by locking in a predefined order
Wrap functions that can spuriously wake up in a loop
Do not form or use out-of-bounds pointers or array subscripts
Do not add or subtract an integer to a pointer to a non-array object
Guarantee that library functions do not form invalid pointers
Do not add or subtract a scaled integer to a pointer
Guarantee that container indices and iterators are within the valid range
Declare objects with appropriate storage durations
Avoid information leakage in structure padding
Do not create incompatible declarations of the same function or object
Do not define a C-style variadic function
Do not declare or define a reserved identifier
Never qualify a reference type with const or volatile
Do not write syntactically ambiguous declarations
Overload allocation and deallocation functions as a pair in the same scope
Do not let exceptions escape from destructors or deallocation functions
Do not modify the standard namespaces
Do not define an unnamed namespace in a header file
Obey the one-definition rule
Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indi
Do not rely on indeterminate values of errno
Detect and handle standard library errors
Detect errors when converting a string to a number
Do not abruptly terminate the program
Handle all exceptions
Do not use setjmp() or longjmp()
Do not reference base classes or class data members in a constructor or destructor function-try-block handler
Catch handlers should order their parameter types from most derived to least derived
Honor exception specifications
Handle all exceptions thrown before main() begins executing
Catch exceptions by lvalue reference
Do not dereference null pointers
Do not modify objects with temporary lifetime
Do not cast pointers into more strictly aligned pointer types
Call functions with the correct number and type of arguments
Do not access a variable through a pointer of an incompatible type
Do not compare padding data
Do not perform assignments in selection statements
Do not use a bitwise operator with a Boolean-like operand
Do not call va_arg with an argument of the incorrect type
Do not depend on the order of evaluation for side effects
Do not rely on side effects in unevaluated operands
Do not read uninitialized memory
Do not access an object outside of its lifetime
Do not access a cv-qualified object through a cv-unqualified type
Do not cast or delete pointers to incomplete classes
Pass an object of the correct type to va_start
Use offsetof() on valid types and members
A lambda object must not outlive any of its reference captured objects
Do not rely on the value of a moved-from object
Exclude user input from format strings
Do not perform operations on devices that are only appropriate for files
Distinguish between characters read from a file and EOF or WEOF
Do not assume that fgets() or fgetws() returns a nonempty string when successful
Do not copy a FILE object
Do not alternately input and output from a stream without an intervening flush or positioning call
Reset strings on fgets() or fgetws() failure
Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
Close files when they are no longer needed
Only use values for fsetpos() that are returned from fgetpos()
Avoid TOCTOU race conditions while accessing files
Do not access a closed file
Use valid format strings
Do not alternately input and output from a file stream without an intervening positioning call
Close files when they are no longer needed
Ensure that unsigned integer operations do not wrap
Ensure that integer conversions do not result in lost or misinterpreted data
Ensure that operations on signed integers do not result in overflow
Ensure that division and remainder operations do not result in divide-by-zero errors
Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operan
Use correct integer precisions
Converting a pointer to integer or integer to pointer
Do not access freed memory
Free dynamically allocated memory when no longer needed
Only free memory allocated dynamically
Allocate sufficient memory for an object
Do not modify the alignment of objects by calling realloc()
Do not access freed memory
Properly deallocate dynamically allocated resources
Detect and handle memory allocation errors
Provide placement new with properly aligned pointers to sufficient storage capacity
Honor replacement dynamic storage management requirements
Do not store an already-owned pointer value in an unrelated smart pointer
Avoid using default operator new for over-aligned types
Do not modify the object referenced by the return value of certain functions
Do not rely on an environment pointer following an operation that may invalidate it
All exit handlers must return normally
Do not call system()
Do not store pointers returned by certain functions
Do not use floating-point variables as loop counters
Prevent or detect domain and range errors in math functions
Ensure that floating-point conversions are within range of the new type
Preserve precision when converting integral values to floating-point type
Do not use object representations to compare floating-point values
Do not use the rand() function for generating pseudorandom numbers
Properly seed pseudorandom number generators
Do not pass invalid data to the asctime() function
Ensure that control never reaches the end of a non-void function
Do not treat a predefined identifier as an object if it might only be implemented as a macro
Do not call va_arg() on a va_list that has an indeterminate value
Do not violate constraints
Never hard code sensitive information
Do not use std::rand() for generating pseudorandom numbers
Ensure your random number generator is properly seeded
Value-returning functions must return a value from all exit paths
Do not return from a function declared [[noreturn]]
Do not create a universal character name through concatenation
Avoid side effects in arguments to unsafe macros
Do not use preprocessor directives in invocations of function-like macros
Do not access shared objects in signal handlers
Do not call signal() from within interruptible signal handlers
Do not return from a computational exception signal handler
Do not invoke virtual functions from constructors or destructors
Do not slice derived objects
Do not delete a polymorphic object without a virtual destructor
Write constructor member initializers in the canonical order
Gracefully handle self-copy assignment
Prefer special member functions and overloaded operators to C Standard Library functions
Copy operations must not mutate the source object
Your Notes
ISO/IEC TS 17961:2013
This tab lists ISO/IEC TS 17961:2013 coding rules that Polyspace supports.

Acronym
accfree
accsig
addrescape
alignconv
argcomp
asyncsig
boolasgn
chreof
chrsgnext
dblfree
diverr
fileclose
filecpy
funcdecl
insufmem
intoflow
intptrconv
inverrno
invfmtstr
invptr
ioileave
liberr
libmod
libptr
libuse
nonnullcs
nullref
padcomp
ptrcomp
ptrobj
resident
restrict
sigcall
signconv
sizeofptr
strmod
swtchdflt
syscall
taintformatio
taintnoproto
taintsink
taintstrcpy
uninitref
usrfmt
xfilepos
xfree
O/IEC TS 17961:2013
tab lists ISO/IEC TS 17961:2013 coding rules that Polyspace supports.

Description
Accessing freed memory
Accessing shared objects in signal handlers
Escaping of the address of an automatic object
Converting pointer values to more strictly aligned pointer types
Calling functions with incorrect arguments
Calling functions in the C Standard Library other than abort, _Exit, and signal from within a signal handler
No assignment in conditional expressions
Using character values that are indistinguishable from EOF
Passing arguments to character handling functions that are not representable as unsigned char
Freeing memory multiple times
Integer division errors
Failing to close files or free dynamic memory when they are no longer needed
Copying a FILE object
Declaring the same function or object in incompatible ways
Allocating insufficient memory
Overflowing signed integers
Converting a pointer to integer or integer to pointer
Incorrectly setting and using errno
Using invalid format strings
Forming or using out-ofbounds pointers or array subscripts
Interleaving stream inputs and outputs without a flush or positioning call
Failing to detect and handle standard library errors
Modifying the string returned by getenv, localeconv, setlocale, and strerror
Forming invalid pointers by library function
Using an object overwritten by getenv, localeconv, setlocale, and strerror
Passing a non-null-terminated character sequence to a library function
Dereferencing an out-of-domain pointer
Comparison of padding data
Accessing an object through a pointer to an incompatible type
Subtracting or comparing two pointers that do not refer to the same array
Using identifiers that are reserved for the implementation
Passing pointers into the same object as arguments to different restrict-qualified parameters
Calling signal from interruptible signal handlers
Conversion of signed characters to wider integer types before a check for EOF
Taking the size of a pointer to determine the size of the pointed-to type
Modifying string literals
Use of an implied default in a switch statement
Calling system
Using a tainted value to write to an object using a formatted input or output function
Using a tainted value as an argument to an unprototyped function pointer
Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink
Tainted strings are passed to a string copying function
Referencing uninitialized memory
Including tainted or out-of-domain input in a format string
Using a value for fsetpos other than a value returned from fgetpos
Reallocating or freeing memory that was not dynamically allocated
Your Notes
AUTOSAR C++14 Coding Standard
This tab lists AUTOSAR C++14 coding rules that Polyspace supports.

Section Type Acronym

0 Language independent issues Required AUTOSAR C++14 M0-1-1
0 Language independent issues Required AUTOSAR C++14 M0-1-2
0 Language independent issues Required AUTOSAR C++14 M0-1-3
0 Language independent issues Required AUTOSAR C++14 M0-1-4
0 Language independent issues Required AUTOSAR C++14 A0-1-1
0 Language independent issues Required AUTOSAR C++14 A0-1-2
0 Language independent issues Required AUTOSAR C++14 M0-1-9
0 Language independent issues Advisory AUTOSAR C++14 M0-1-10
0 Language independent issues Required AUTOSAR C++14 A0-1-3
0 Language independent issues Required AUTOSAR C++14 A0-1-4
0 Language independent issues Required AUTOSAR C++14 A0-1-5
0 Language independent issues Advisory AUTOSAR C++14 A0-1-6
0 Language independent issues Required AUTOSAR C++14 M0-2-1
0 Language independent issues Required AUTOSAR C++14 M0-3-2
0 Language independent issues Required AUTOSAR C++14 A0-4-2
1 General Required AUTOSAR C++14 A1-1-1
10 Derived Classes Required AUTOSAR C++14 A10-1-1
10 Derived Classes Advisory AUTOSAR C++14 M10-1-1
10 Derived Classes Required AUTOSAR C++14 M10-1-2
10 Derived Classes Required AUTOSAR C++14 M10-1-3
10 Derived Classes Advisory AUTOSAR C++14 M10-2-1
10 Derived Classes Required AUTOSAR C++14 A10-2-1
10 Derived Classes Required AUTOSAR C++14 A10-3-1
10 Derived Classes Required AUTOSAR C++14 A10-3-2
10 Derived Classes Required AUTOSAR C++14 A10-3-3
10 Derived Classes Required AUTOSAR C++14 A10-3-5
10 Derived Classes Required AUTOSAR C++14 M10-3-3
11 Member access control Required AUTOSAR C++14 M11-0-1
11 Member access control Advisory AUTOSAR C++14 A11-0-1
11 Member access control Required AUTOSAR C++14 A11-0-2
11 Member access control Required AUTOSAR C++14 A11-3-1
12 Special member functions Required AUTOSAR C++14 A12-0-1
12 Special member functions Required AUTOSAR C++14 A12-0-2
12 Special member functions Required AUTOSAR C++14 A12-1-1
12 Special member functions Required AUTOSAR C++14 M12-1-1
12 Special member functions Required AUTOSAR C++14 A12-1-2
12 Special member functions Required AUTOSAR C++14 A12-1-4
12 Special member functions Required AUTOSAR C++14 A12-1-6
12 Special member functions Required AUTOSAR C++14 A12-4-1
12 Special member functions Advisory AUTOSAR C++14 A12-4-2
12 Special member functions Required AUTOSAR C++14 A12-6-1
12 Special member functions Required AUTOSAR C++14 A12-8-1
12 Special member functions Advisory AUTOSAR C++14 A12-8-2
12 Special member functions Required AUTOSAR C++14 A12-8-3
12 Special member functions Required AUTOSAR C++14 A12-8-4
12 Special member functions Required AUTOSAR C++14 A12-8-5
12 Special member functions Required AUTOSAR C++14 A12-8-6
12 Special member functions Advisory AUTOSAR C++14 A12-8-7
13 Overloading Required AUTOSAR C++14 A13-1-2
13 Overloading Required AUTOSAR C++14 A13-2-1
13 Overloading Required AUTOSAR C++14 A13-2-3
13 Overloading Required AUTOSAR C++14 A13-5-1
13 Overloading Required AUTOSAR C++14 A13-5-2
13 Overloading Advisory AUTOSAR C++14 A13-5-3
13 Overloading Required AUTOSAR C++14 A13-5-5
13 Overloading Required AUTOSAR C++14 A13-6-1
14 Templates Advisory AUTOSAR C++14 A14-5-2
14 Templates Advisory AUTOSAR C++14 A14-5-3
14 Templates Required AUTOSAR C++14 M14-5-3
14 Templates Required AUTOSAR C++14 M14-6-1
14 Templates Required AUTOSAR C++14 A14-7-2
14 Templates Required AUTOSAR C++14 A14-8-2
15 Exception handling Advisory AUTOSAR C++14 A15-1-1
15 Exception handling Required AUTOSAR C++14 A15-1-2
15 Exception handling Required AUTOSAR C++14 M15-0-3
15 Exception handling Required AUTOSAR C++14 M15-1-1
15 Exception handling Required AUTOSAR C++14 M15-1-2
15 Exception handling Required AUTOSAR C++14 M15-1-3
15 Exception handling Advisory AUTOSAR C++14 A15-1-3
15 Exception handling Required AUTOSAR C++14 A15-2-1
15 Exception handling Required AUTOSAR C++14 M15-3-1
15 Exception handling Required AUTOSAR C++14 A15-3-3
15 Exception handling Required AUTOSAR C++14 A15-3-4
15 Exception handling Required AUTOSAR C++14 M15-3-3
15 Exception handling Required AUTOSAR C++14 M15-3-4
15 Exception handling Required AUTOSAR C++14 A15-3-5
15 Exception handling Required AUTOSAR C++14 M15-3-6
15 Exception handling Required AUTOSAR C++14 M15-3-7
15 Exception handling Required AUTOSAR C++14 A15-4-1
15 Exception handling Required AUTOSAR C++14 A15-4-2
15 Exception handling Required AUTOSAR C++14 A15-4-3
15 Exception handling Required AUTOSAR C++14 A15-4-4
15 Exception handling Required AUTOSAR C++14 A15-5-1
15 Exception handling Required AUTOSAR C++14 A15-5-3
16 Preprocessing directives Required AUTOSAR C++14 A16-0-1
16 Preprocessing directives Required AUTOSAR C++14 M16-0-1
16 Preprocessing directives Required AUTOSAR C++14 M16-0-2
16 Preprocessing directives Required AUTOSAR C++14 M16-0-5
16 Preprocessing directives Required AUTOSAR C++14 M16-0-6
16 Preprocessing directives Required AUTOSAR C++14 M16-0-7
16 Preprocessing directives Required AUTOSAR C++14 M16-0-8
16 Preprocessing directives Required AUTOSAR C++14 M16-1-1
16 Preprocessing directives Required AUTOSAR C++14 M16-1-2
16 Preprocessing directives Required AUTOSAR C++14 M16-2-3
16 Preprocessing directives Required AUTOSAR C++14 A16-2-1
16 Preprocessing directives Required AUTOSAR C++14 M16-3-1
16 Preprocessing directives Advisory AUTOSAR C++14 M16-3-2
16 Preprocessing directives Required AUTOSAR C++14 A16-6-1
16 Preprocessing directives Required AUTOSAR C++14 A16-7-1
17 Library introduction Required AUTOSAR C++14 A17-0-1
17 Library introduction Required AUTOSAR C++14 M17-0-2
17 Library introduction Required AUTOSAR C++14 M17-0-3
17 Library introduction Required AUTOSAR C++14 M17-0-5
17 Library introduction Required AUTOSAR C++14 A17-6-1
18 Language support library Required AUTOSAR C++14 A18-0-1
18 Language support library Required AUTOSAR C++14 A18-0-2
18 Language support library Required AUTOSAR C++14 M18-0-3
18 Language support library Required AUTOSAR C++14 M18-0-4
18 Language support library Required AUTOSAR C++14 M18-0-5
18 Language support library Required AUTOSAR C++14 A18-0-3
18 Language support library Required AUTOSAR C++14 A18-1-1
18 Language support library Required AUTOSAR C++14 A18-1-2
18 Language support library Required AUTOSAR C++14 A18-1-3
18 Language support library Required AUTOSAR C++14 A18-1-6
18 Language support library Required AUTOSAR C++14 M18-2-1
18 Language support library Required AUTOSAR C++14 A18-5-1
18 Language support library Required AUTOSAR C++14 A18-5-2
18 Language support library Required AUTOSAR C++14 A18-5-3
18 Language support library Required AUTOSAR C++14 A18-5-4
18 Language support library Required AUTOSAR C++14 A18-5-9
18 Language support library Required AUTOSAR C++14 A18-5-10
18 Language support library Required AUTOSAR C++14 A18-5-11
18 Language support library Required AUTOSAR C++14 M18-7-1
18 Language support library Required AUTOSAR C++14 A18-9-1
18 Language support library Required AUTOSAR C++14 A18-9-2
18 Language support library Required AUTOSAR C++14 A18-9-3
18 Language support library Required AUTOSAR C++14 A18-9-4
19 Diagnostics library Required AUTOSAR C++14 M19-3-1
2 Lexical conventions Required AUTOSAR C++14 A2-3-1
2 Lexical conventions Required AUTOSAR C++14 A2-5-1
2 Lexical conventions Required AUTOSAR C++14 A2-5-2
2 Lexical conventions Required AUTOSAR C++14 M2-7-1
2 Lexical conventions Required AUTOSAR C++14 A2-7-1
2 Lexical conventions Required AUTOSAR C++14 A2-7-2
2 Lexical conventions Required AUTOSAR C++14 A2-7-3
2 Lexical conventions Required AUTOSAR C++14 A2-8-1
2 Lexical conventions Advisory AUTOSAR C++14 A2-8-2
2 Lexical conventions Required AUTOSAR C++14 M2-10-1
2 Lexical conventions Required AUTOSAR C++14 A2-10-1
2 Lexical conventions Required AUTOSAR C++14 A2-10-6
2 Lexical conventions Required AUTOSAR C++14 A2-10-4
2 Lexical conventions Advisory AUTOSAR C++14 A2-10-5
2 Lexical conventions Required AUTOSAR C++14 A2-11-1
2 Lexical conventions Required AUTOSAR C++14 A2-13-1
2 Lexical conventions Required AUTOSAR C++14 A2-13-6
2 Lexical conventions Advisory AUTOSAR C++14 A2-13-5
2 Lexical conventions Required AUTOSAR C++14 M2-13-2
2 Lexical conventions Required AUTOSAR C++14 M2-13-3
2 Lexical conventions Required AUTOSAR C++14 M2-13-4
2 Lexical conventions Required AUTOSAR C++14 A2-13-2
2 Lexical conventions Required AUTOSAR C++14 A2-13-3
2 Lexical conventions Required AUTOSAR C++14 A2-13-4
20 General utilities library Required AUTOSAR C++14 A20-8-1
20 General utilities library Required AUTOSAR C++14 A20-8-2
20 General utilities library Required AUTOSAR C++14 A20-8-3
20 General utilities library Required AUTOSAR C++14 A20-8-5
20 General utilities library Required AUTOSAR C++14 A20-8-6
21 Strings library Required AUTOSAR C++14 A21-8-1
23 Containers library Required AUTOSAR C++14 A23-0-1
25 Algorithms library Required AUTOSAR C++14 A26-5-1
25 Algorithms library Required AUTOSAR C++14 A26-5-2
27 Input/output library Required AUTOSAR C++14 M27-0-1
27 Input/output library Required AUTOSAR C++14 A27-0-4
27 Input/output library Advisory AUTOSAR C++14 A27-0-2
27 Input/output library Required AUTOSAR C++14 A27-0-3
3 Basic concepts Required AUTOSAR C++14 A3-1-1
3 Basic concepts Required AUTOSAR C++14 A3-1-2
3 Basic concepts Advisory AUTOSAR C++14 A3-1-3
3 Basic concepts Required AUTOSAR C++14 M3-1-2
3 Basic concepts Required AUTOSAR C++14 A3-1-4
3 Basic concepts Required AUTOSAR C++14 A3-1-5
3 Basic concepts Advisory AUTOSAR C++14 A3-1-6
3 Basic concepts Required AUTOSAR C++14 M3-2-1
3 Basic concepts Required AUTOSAR C++14 M3-2-2
3 Basic concepts Required AUTOSAR C++14 M3-2-3
3 Basic concepts Required AUTOSAR C++14 M3-2-4
3 Basic concepts Required AUTOSAR C++14 A3-3-1
3 Basic concepts Required AUTOSAR C++14 A3-3-2
3 Basic concepts Required AUTOSAR C++14 M3-3-2
3 Basic concepts Required AUTOSAR C++14 M3-4-1
3 Basic concepts Required AUTOSAR C++14 A3-8-1
3 Basic concepts Required AUTOSAR C++14 M3-9-1
3 Basic concepts Required AUTOSAR C++14 A3-9-1
3 Basic concepts Required AUTOSAR C++14 M3-9-3
4 Standard conversions Required AUTOSAR C++14 M4-5-1
4 Standard conversions Required AUTOSAR C++14 A4-5-1
4 Standard conversions Required AUTOSAR C++14 M4-5-3
4 Standard conversions Required AUTOSAR C++14 M4-10-1
4 Standard conversions Required AUTOSAR C++14 A4-10-1
4 Standard conversions Required AUTOSAR C++14 M4-10-2
5 Expressions Required AUTOSAR C++14 A5-0-1
5 Expressions Advisory AUTOSAR C++14 M5-0-2
5 Expressions Required AUTOSAR C++14 M5-0-3
5 Expressions Required AUTOSAR C++14 M5-0-4
5 Expressions Required AUTOSAR C++14 M5-0-5
5 Expressions Required AUTOSAR C++14 M5-0-6
5 Expressions Required AUTOSAR C++14 M5-0-7
5 Expressions Required AUTOSAR C++14 M5-0-8
5 Expressions Required AUTOSAR C++14 M5-0-9
5 Expressions Required AUTOSAR C++14 M5-0-10
5 Expressions Required AUTOSAR C++14 M5-0-11
5 Expressions Required AUTOSAR C++14 M5-0-12
5 Expressions Required AUTOSAR C++14 A5-0-2
5 Expressions Required AUTOSAR C++14 M5-0-14
5 Expressions Required AUTOSAR C++14 M5-0-15
5 Expressions Required AUTOSAR C++14 M5-0-16
5 Expressions Required AUTOSAR C++14 M5-0-17
5 Expressions Required AUTOSAR C++14 A5-0-4
5 Expressions Required AUTOSAR C++14 M5-0-18
5 Expressions Required AUTOSAR C++14 A5-0-3
5 Expressions Required AUTOSAR C++14 M5-0-20
5 Expressions Required AUTOSAR C++14 M5-0-21
5 Expressions Required AUTOSAR C++14 A5-1-1
5 Expressions Required AUTOSAR C++14 A5-1-2
5 Expressions Required AUTOSAR C++14 A5-1-3
5 Expressions Required AUTOSAR C++14 A5-1-4
5 Expressions Advisory AUTOSAR C++14 A5-1-6
5 Expressions Required AUTOSAR C++14 A5-1-7
5 Expressions Advisory AUTOSAR C++14 A5-1-8
5 Expressions Advisory AUTOSAR C++14 A5-1-9
5 Expressions Required AUTOSAR C++14 M5-2-2
5 Expressions Advisory AUTOSAR C++14 M5-2-3
5 Expressions Advisory AUTOSAR C++14 A5-2-1
5 Expressions Required AUTOSAR C++14 A5-2-2
5 Expressions Required AUTOSAR C++14 A5-2-3
5 Expressions Required AUTOSAR C++14 M5-2-6
5 Expressions Required AUTOSAR C++14 A5-2-4
5 Expressions Required AUTOSAR C++14 A5-2-6
5 Expressions Required AUTOSAR C++14 M5-2-8
5 Expressions Required AUTOSAR C++14 M5-2-9
5 Expressions Required AUTOSAR C++14 M5-2-10
5 Expressions Required AUTOSAR C++14 M5-2-11
5 Expressions Required AUTOSAR C++14 M5-2-12
5 Expressions Required AUTOSAR C++14 M5-3-1
5 Expressions Required AUTOSAR C++14 M5-3-2
5 Expressions Required AUTOSAR C++14 M5-3-3
5 Expressions Required AUTOSAR C++14 M5-3-4
5 Expressions Required AUTOSAR C++14 A5-3-1
5 Expressions Required AUTOSAR C++14 A5-3-2
5 Expressions Required AUTOSAR C++14 A5-3-3
5 Expressions Required AUTOSAR C++14 A5-6-1
5 Expressions Required AUTOSAR C++14 M5-8-1
5 Expressions Required AUTOSAR C++14 A5-10-1
5 Expressions Required AUTOSAR C++14 M5-14-1
5 Expressions Required AUTOSAR C++14 A5-16-1
5 Expressions Required AUTOSAR C++14 M5-18-1
5 Expressions Required AUTOSAR C++14 M5-19-1
6 Statements Required AUTOSAR C++14 M6-2-1
6 Statements Required AUTOSAR C++14 A6-2-1
6 Statements Required AUTOSAR C++14 M6-2-2
6 Statements Required AUTOSAR C++14 A6-2-2
6 Statements Required AUTOSAR C++14 M6-2-3
6 Statements Required AUTOSAR C++14 M6-3-1
6 Statements Required AUTOSAR C++14 M6-4-1
6 Statements Required AUTOSAR C++14 M6-4-2
6 Statements Required AUTOSAR C++14 M6-4-3
6 Statements Required AUTOSAR C++14 M6-4-4
6 Statements Required AUTOSAR C++14 M6-4-5
6 Statements Required AUTOSAR C++14 M6-4-6
6 Statements Required AUTOSAR C++14 M6-4-7
6 Statements Required AUTOSAR C++14 A6-4-1
6 Statements Required AUTOSAR C++14 A6-5-2
6 Statements Required AUTOSAR C++14 M6-5-2
6 Statements Required AUTOSAR C++14 M6-5-3
6 Statements Required AUTOSAR C++14 M6-5-4
6 Statements Required AUTOSAR C++14 M6-5-5
6 Statements Required AUTOSAR C++14 M6-5-6
6 Statements Advisory AUTOSAR C++14 A6-5-3
6 Statements Advisory AUTOSAR C++14 A6-5-4
6 Statements Required AUTOSAR C++14 A6-6-1
6 Statements Required AUTOSAR C++14 M6-6-1
6 Statements Required AUTOSAR C++14 M6-6-2
6 Statements Required AUTOSAR C++14 M6-6-3
7 Declaration Required AUTOSAR C++14 A7-1-1
7 Declaration Required AUTOSAR C++14 A7-1-2
7 Declaration Required AUTOSAR C++14 M7-1-2
7 Declaration Required AUTOSAR C++14 A7-1-3
7 Declaration Required AUTOSAR C++14 A7-1-4
7 Declaration Required AUTOSAR C++14 A7-1-5
7 Declaration Required AUTOSAR C++14 A7-1-6
7 Declaration Required AUTOSAR C++14 A7-1-7
7 Declaration Required AUTOSAR C++14 A7-1-8
7 Declaration Required AUTOSAR C++14 A7-1-9
7 Declaration Required AUTOSAR C++14 A7-2-2
7 Declaration Required AUTOSAR C++14 A7-2-3
7 Declaration Required AUTOSAR C++14 A7-2-4
7 Declaration Required AUTOSAR C++14 M7-3-1
7 Declaration Required AUTOSAR C++14 M7-3-2
7 Declaration Required AUTOSAR C++14 M7-3-3
7 Declaration Required AUTOSAR C++14 M7-3-4
7 Declaration Required AUTOSAR C++14 A7-3-1
7 Declaration Required AUTOSAR C++14 M7-3-6
7 Declaration Required AUTOSAR C++14 A7-4-1
7 Declaration Required AUTOSAR C++14 M7-4-2
7 Declaration Required AUTOSAR C++14 M7-4-3
7 Declaration Required AUTOSAR C++14 M7-5-1
7 Declaration Required AUTOSAR C++14 M7-5-2
7 Declaration Required AUTOSAR C++14 A7-5-1
7 Declaration Required AUTOSAR C++14 A7-5-2
7 Declaration Required AUTOSAR C++14 A7-6-1
8 Declarators Required AUTOSAR C++14 M8-0-1
8 Declarators Required AUTOSAR C++14 A8-2-1
8 Declarators Required AUTOSAR C++14 M8-3-1
8 Declarators Required AUTOSAR C++14 A8-4-1
8 Declarators Required AUTOSAR C++14 M8-4-2
8 Declarators Required AUTOSAR C++14 A8-4-2
8 Declarators Required AUTOSAR C++14 M8-4-4
8 Declarators Advisory AUTOSAR C++14 A8-4-4
8 Declarators Required AUTOSAR C++14 A8-4-5
8 Declarators Required AUTOSAR C++14 A8-4-6
8 Declarators Required AUTOSAR C++14 A8-4-7
8 Declarators Required AUTOSAR C++14 A8-4-8
8 Declarators Required AUTOSAR C++14 A8-4-9
8 Declarators Required AUTOSAR C++14 A8-4-10
8 Declarators Required AUTOSAR C++14 A8-4-14
8 Declarators Required AUTOSAR C++14 A8-5-0
8 Declarators Required AUTOSAR C++14 A8-5-1
8 Declarators Required AUTOSAR C++14 M8-5-2
8 Declarators Required AUTOSAR C++14 A8-5-2
8 Declarators Required AUTOSAR C++14 A8-5-3
8 Declarators Advisory AUTOSAR C++14 A8-5-4
9 Classes Required AUTOSAR C++14 M9-3-1
9 Classes Required AUTOSAR C++14 A9-3-1
9 Classes Required AUTOSAR C++14 M9-3-3
9 Classes Required AUTOSAR C++14 A9-5-1
9 Classes Required AUTOSAR C++14 A9-6-1
9 Classes Required AUTOSAR C++14 M9-6-4
A project shall not contain unreachable code.
A project shall not contain infeasible paths.
A project shall not contain unused variables.
A project shall not contain non-volatile POD variables having only one use.
A project shall not contain instances of non-volatile variables being given values that are not subsequently used.
The value returned by a function having a non-void return type that is not an overloaded operator shall be used.
There shall be no dead code.
Every defined function should be called at least once.
Every function defined in an anonymous namespace, or static function with internal linkage, or private member function shall be
There shall be no unused named parameters in non-virtual functions.
There shall be no unused named parameters in the set of parameters for a virtual function and all the functions that override it.
There should be no unused type declarations.
An object shall not be assigned to an overlapping object.
If a function generates error information, then that error information shall be tested.
Type long double shall not be used.
All code shall conform to ISO/IEC 14882:2014 - Programming Language C++ and shall not use deprecated features.
Class shall not be derived from more than one base class which is not an interface class.
Classes should not be derived from virtual bases.
A base class shall only be declared virtual if it is used in a diamond hierarchy.
An accessible base class shall not be both virtual and non-virtual in the same hierarchy.
All accessible entity names within a multiple inheritance hierarchy should be unique.
Non-virtual public or protected member functions shall not be redefined in derived classes.
Virtual function declaration shall contain exactly one of the three specifiers: (1) virtual, (2) override, (3) final.
Each overriding virtual function shall be declared with the override or final specifier.
Virtual functions shall not be introduced in a final class.
A user-defined assignment operator shall not be virtual.
A virtual function shall only be overridden by a pure virtual function if it is itself declared as pure virtual.
Member data in non-POD class types shall be private.
A(3)
non-POD
not be atype
baseshould be defined
of another asclass,
struct or class.
(4) not inherit from another struct or class.
Friend declarations shall not be used.
If a class declares a copy or move operation, or a destructor, either via "=default", "=delete", or via a user-provided declaration,
Bitwise operations and operations that assume data representation in memory shall not be performed on objects.
Constructors shall explicitly initialize all virtual base classes, all direct non-virtual base classes and all non-static data members
An object's dynamic type shall not be used from the body of its constructor or destructor.
Both NSDMI and a non-static member initializer in a constructor shall not be used in the same type.
All constructors that are callable with a single argument of fundamental type shall be declared explicit.
Derived classes that do not need further explicit initialization and require all the constructors from the base class shall use inher
Destructor of a base class shall be public virtual, public override or protected non-virtual.
If a public destructor of a class is non-virtual, then the class should be declared final.
All class data members that are initialized by the constructor shall be initialized using member initializers.
Move and copy constructors shall move and respectively copy base classes and data members of a class, without any side effe
User-defined copy and move assignment operators should use user-defined no-throw swap function.
Moved-from object shall not be read-accessed.
Move constructor shall not initialize its class members and base classes using copy semantics.
A copy assignment and a move assignment operators shall handle self-assignment.
Copy and move constructors and copy assignment and move assignment operators shall be declared protected or defined "=de
Assignment operators should be declared with the ref-qualifier &.
User defined suffixes of the user defined literal operators shall start with underscore followed by one or more letters.
An assignment operator shall return a reference to "this".
A relational operator shall return a boolean value.
If "operator[]" is to be overloaded with a non-const version, const version shall also be implemented.
All user-defined conversion operators shall be defined explicit.
User-defined conversion operators should not be used.
Comparison operators
(2) for hexadecimal, shall2be
every non-member functions with identical parameter types and noexcept.
digits,
(3) for binary, every 4 digits.
Class members that are not dependent on template class parameters should be defined in a separate base class.
A non-member generic operator shall only be declared in a namespace that does not contain class (struct) type, enum type or u
A copy assignment operator shall be declared when there is a template assignment operator with a parameter that is a generic
In
(1)a as
class
thetemplate with a dependent base, any name that may be found in that dependent base shall be referred to using a qu
primary template
(2) as a user-defined type, for which the specialization is declared.
Explicit specializations of function templates shall not be used.
Only instances of types derived from std::exception should be thrown.
An exception object shall not be a pointer.
Control shall not be transferred into a try or catch block using a goto or a switch statement.
The assignment-expression of a throw statement shall not itself cause an exception to be thrown.
NULL shall not be thrown explicitly.
An empty throw (throw;) shall only be used in the compound statement of a catch handler.
All thrown exceptions should be unique.
Constructors that are not noexcept shall not be invoked before program startup.
Exceptions shall be raised only after start-up and before termination.
Main
(c) in function
functionsand
thataare
tasksupposed
main function shallindependent
to isolate catch at least: base classand
components exceptions from all third-party libraries used, std::excepti
(d) when calling third-party code that uses exceptions not according to AUTOSAR C++14 guidelines.
Handlers of a function-try-block implementation of a class constructor or destructor shall not reference non-static members from
Each exception explicitly thrown in the code shall have a handler of a compatible type in all call paths that could lead to that poi
A class type exception shall be caught by reference or const reference.
Where multiple handlers are provided in a single try-catch statement or function-try-block for a derived class and some or all of
Where multiple handlers are provided in a single try-catch statement or function-try-block, any ellipsis (catch-all) handler shall o
Dynamic exception-specification shall not be used.
If a function is declared to be noexcept, noexcept(true) or noexcept(<true condition>), then it shall not exit with an exception.
The noexcept specification of a function shall either be identical across all translation units, or identical or more restrictive betwe
A declaration of non-throwing function shall contain noexcept specification.
All user-provided class destructors, deallocation functions, move constructors, move assignment operators and swap functions
The
The std::terminate() function
pre-processor shall only shall not for
be used be unconditional
called implicitly.
and conditional file inclusion and include guards, and using the following
(1) #ifndef, (2) #ifdef, (3) #if, (4) #if defined, (5) #elif, (6) #else, (7) #define, (8) #endif, (9) #include.
#include directives in a file shall only be preceded by other pre-processor directives or comments.
Macros shall only be #define'd or #undef'd in the global namespace.
Arguments to a function-like macro shall not contain tokens that look like pre-processing directives.
In the definition of a function-like macro, each instance of a parameter shall be enclosed in parentheses, unless it is used as the
Undefined macro identifiers shall not be used in #if or #elif pre-processor directives, except as operands to the defined operato
If the # token appears as the first token on a line, then it shall be immediately followed by a pre-processing token.
The defined pre-processor operator shall only be used in one of the two standard forms.
All #else, #elif and #endif pre-processor directives shall reside in the same file as the #if or #ifdef directive to which they are rela
Include guards shall be provided.
The ', ", /*, //, \ characters shall not occur in a header file name or in #include directive.
There shall be at most one occurrence of the # or ## operators in a single macro definition.
The # and ## operators should not be used.
#error directive shall not be used.
The #pragma directive shall not be used.
Reserved identifiers, macros and functions in the C++ standard library shall not be defined, redefined or undefined.
The names of standard library macros and objects shall not be reused.
The names of standard library functions shall not be overridden.
The setjmp macro and the longjmp function shall not be used.
Non-standard entities shall not be added to standard namespaces.
The C library facilities shall only be accessed through C++ library headers.
The error state of a conversion from string to a numeric value shall be checked.
The library functions abort, exit, getenv and system from library <cstdlib> shall not be used.
The time handling functions of library <ctime> shall not be used.
The unbounded functions of library <cstring> shall not be used.
The library <clocale> (locale.h) and the setlocale function shall not be used.
C-style arrays shall not be used.
The std::vector<bool> specialization shall not be used.
The std::auto_ptr type shall not be used.
All std::hash specializations for user-defined types shall have a noexcept function call operator.
The macro offsetof shall not be used.
Functions malloc, calloc, realloc and free shall not be used.
Non-placement new or delete expressions shall not be used.
The form of the delete expression shall match the form of the new expression used to allocate the memory.
If a project has sized or unsized version of operator "delete" globally defined, then both sized and unsized versions shall be def
Custom implementations of dynamic memory allocation and deallocation functions shall meet the semantic requirements specif
Placement new shall be used only with properly aligned pointers to sufficient storage capacity.
"operator new" and "operator delete" shall be defined together.
The signal handling facilities of <csignal> shall not be used.
The std::bind shall
(1) std::move if thenot be used.
value is an rvalue reference,
(2) std::forward if the value is forwarding reference.
The std::move shall not be used on objects declared const or const&.
An argument to std::forward shall not be subsequently used.
The error indicator errno shall not be used.
Only those characters specified in the C++ Language Standard basic source character set shall be used in the source code.
Trigraphs shall not be used.
Digraphs shall not be used.
The character sequence /* shall not be used within a C-style comment.
The character \ shall not occur as a last character of a C++ comment.
Sections of code shall not be "commented out".
All declarations of "user-defined" types, static and non-static data members, functions and methods shall be preceded by docum
A header file name should reflect the logical entity for which it provides declarations.
An implementation file name should reflect the logical entity for which it provides definitions.
Different identifiers shall be typographically unambiguous.
An identifier declared in an inner scope shall not hide an identifier declared in an outer scope.
A class or enumeration name shall not be hidden by a variable, function or enumerator declaration in the same scope.
The identifier name of a non-member object with static storage duration or static function shall not be reused within a namespa
An identifier name of a function with static storage duration or a non-member object with external or internal linkage should not
Volatile keyword shall not be used.
Only those escape sequences that are defined in ISO/IEC 14882:2014 shall be used.
Universal character names shall be used only inside character or string literals.
Hexadecimal constants should be upper case.
Octal constants (other than zero) and octal escape sequences (other than "\0" ) shall not be used.
A "U" suffix shall be applied to all octal or hexadecimal integer literals of unsigned type.
Literal suffixes shall be upper case.
String literals with different encoding prefixes shall not be concatenated.
Type wchar_t shall not be used.
String literals shall not be assigned to non-constant pointers.
An already-owned pointer value shall not be stored in an unrelated smart pointer.
A std::unique_ptr shall be used to represent exclusive ownership.
A std::shared_ptr shall be used to represent shared ownership.
std::make_unique shall be used to construct objects owned by std::unique_ptr.
std::make_shared shall be used to construct objects owned by std::shared_ptr.
Arguments to character-handling functions shall be representable as an unsigned char.
An iterator shall not be implicitly converted to const_iterator.
Pseudorandom numbers shall not be generated using std::rand().
Random number engines shall not be default-initialized.
The stream input/output library <cstdio> shall not be used.
C-style strings shall not be used.
A C-style string shall guarantee sufficient space for data and the null terminator.
Alternate input and output operations on a file stream shall not be used without an intervening flush or positioning call.
It shall be possible to include any header file in multiple translation units without violating the One Definition Rule.
Header files, that are defined locally in the project, shall have a file name extension of one of: ".h", ".hpp" or ".hxx".
Implementation files, that are defined locally in the project, should have a file name extension of ".cpp".
Functions shall not be declared at block scope.
When
(2) it isana array
memberwithfunction
externaltemplate
linkage is declared, its size shall be stated explicitly.
(3) it is a member function of a class template.
Trivial accessor and mutator functions should be inlined.
All declarations of an object or function shall have compatible types.
The One Definition Rule shall not be violated.
A type, object or function that is used in multiple translation units shall be declared in one and only one file.
An identifier with external linkage shall have exactly one definition.
Objects or functions with external linkage (including members of named namespaces) shall be declared in a header file.
Static and thread-local objects shall be constant-initialized.
If a function has internal linkage then all re-declarations shall include the static storage class specifier.
An identifier declared to be an object or type shall be defined in a block that minimizes its visibility.
An object shall not be accessed outside of its lifetime.
The types used for an object, a function return type, or a function parameter shall be token-for-token identical in all declarations
Fixed width integer types from <cstdint>, indicating the size and signedness, shall be used in place of the basic numerical types
The underlying bit representations of floating-point values shall not be used.
Expressions with type bool shall not be used as operands to built-in operators other than the assignment operator =, the logical
Expressions with type enum or enum class shall not be used as operands to built-in and overloaded operators other than the su
Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other than the assignment op
NULL shall not be used as an integer value.
Only nullptr literal shall be used as the null-pointer-constant.
Literal zero (0) shall not be used as the null-pointer-constant.
The value of an expression shall be the same under any order of evaluation that the standard permits.
Limited dependence should be placed on C++ operator precedence rules in expressions.
A cvalue expression shall not be implicitly converted to a different underlying type.
An implicit integral conversion shall not change the signedness of the underlying type.
There shall be no implicit floating-integral conversions.
An implicit integral or floating-point conversion shall not reduce the size of the underlying type.
There shall be no explicit floating-integral conversions of a cvalue expression.
An explicit integral or floating-point conversion shall not increase the size of the underlying type of a cvalue expression.
An explicit integral conversion shall not change the signedness of the underlying type of a cvalue expression.
If the bitwise operators ~and << are applied to an operand with an underlying type of unsigned char or unsigned short, the resu
The plain char type shall only be used for the storage and use of character values.
Signed char and unsigned char type shall only be used for the storage and use of numeric values.
The condition of an if-statement and the condition of an iteration statement shall have type bool.
The first operand of a conditional-operator shall have type bool.
Array indexing shall be the only form of pointer arithmetic.
A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same
Subtraction between pointers shall only be applied to pointers that address elements of the same array.
Pointer arithmetic shall not be used with pointers to non-final classes.
>, >=, <, <= shall not be applied to objects of pointer type, except where they point to the same array.
The declaration of objects shall contain no more than two levels of pointer indirection.
Non-constant operands to a binary bitwise operator shall have the same underlying type.
Bitwise operators shall only be applied to operands of unsigned underlying type.
Literal values shall not be used apart from type initialization, otherwise symbolic names shall be used instead.
Variables shall not be implicitly captured in a lambda expression.
Parameter list (possibly empty) shall be included in every lambda expression.
A lambda expression object shall not outlive any of its reference-captured objects.
Return type of a non-void return type lambda expression should be explicitly specified.
A lambda shall not be an operand to decltype or typeid.
Lambda expressions should not be defined inside another lambda expression.
Identical unnamed lambda expressions shall be replaced with a named function or a named lambda expression.
A pointer to a virtual base class shall only be cast to a pointer to a derived class by means of dynamic_cast.
Casts from a base class to a derived class should not be performed on polymorphic types.
dynamic_cast should not be used.
Traditional C-style casts shall not be used.
A cast shall not remove any const or volatile qualification from the type of a pointer or reference.
A cast shall not convert a pointer to a function to any other pointer type, including a pointer to function type.
reinterpret_cast shall not be used.
The operands of a logical && or || shall be parenthesized if the operands contain binary operators.
An object with integer type or pointer to void type shall not be converted to an object with pointer type.
A cast shall not convert a pointer type to an integral type.
The increment (++) and decrement (--) operators shall not be mixed with other operators in an expression.
The comma operator, && operator and the || operator shall not be overloaded.
An identifier with array type passed as a function argument shall not decay to a pointer.
Each operand of the ! operator, the logical && or the logical || operators shall have type bool.
The unary minus operator shall not be applied to an expression whose underlying type is unsigned.
The unary & operator shall not be overloaded.
Evaluation of the operand to the sizeof operator shall not contain side effects.
Evaluation of the operand to the typeid operator shall not contain side effects.
Null pointers shall not be dereferenced.
Pointers to incomplete class types shall not be deleted.
The right hand operand of the integer division or remainder operators shall not be equal to zero.
The right hand operand of a shift operator shall lie between zero and one less than the width in bits of the underlying type of the
A pointer to member virtual function shall only be tested for equality with null-pointer-constant.
The right hand operand of a logical &&, || operators shall not contain side effects.
The ternary conditional operator shall not be used as a sub-expression.
The comma operator shall not be used.
Evaluation of constant unsigned integer expressions shall not lead to wrap-around.
Assignment operators shall not be used in sub-expressions.
Move and copy assignment operators shall either move or respectively copy base classes and data members of a class, withou
Floating-point expressions shall not be directly or indirectly tested for equality or inequality.
Expression statements shall not be explicit calls to constructors of temporary objects only.
Before preprocessing, a null statement shall only occur on a line by itself; it may be followed by a comment, provided that the fi
The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement.
An if ( condition ) construct shall be followed by a compound statement. The else keyword shall be followed by either a compou
All if ... else if constructs shall be terminated with an else clause.
A switch statement shall be a well-formed switch statement.
A switch-label shall only be used when the most closely-enclosing compound statement is the body of a switch statement.
An unconditional throw or break statement shall terminate every non-empty switch-clause.
The final clause of a switch statement shall be the default-clause.
The condition of a switch statement shall not have bool type.
A switch statement shall have at least two case-clauses, distinct from the default label.
A for loop shall contain a single loop-counter which shall not have floating-point type.
If loop-counter is not modified by -- or ++, then, within condition, the loop-counter shall only be used as an operand to <=, <, > o
The loop-counter shall not be modified within condition or statement.
The loop-counter shall be modified by one of: --, ++, - = n, or + = n; where n remains constant for the duration of the loop.
A loop-control-variable other than the loop-counter shall not be modified within condition or expression.
A loop-control-variable other than the loop-counter which is modified in statement shall have type bool.
Do statements should not be used.
For-init-statement and expression should not perform actions other than loop-counter initialization and modification.
The goto statement shall not be used.
Any label referenced by a goto statement shall be declared in the same block, or in a block enclosing the goto statement.
The goto statement shall jump to a label declared later in the same function body.
The continue statement shall only be used within a well-formed for loop.
Constexpr or const specifiers shall be used for immutable data declaration.
The constexpr specifier shall be used for values that can be determined at compile time.
A pointer or reference parameter in a function shall be declared as pointer to const or reference to const if the corresponding ob
CV-qualifiers shall be placed on the right hand side of the type that is a typedef or a using name.
The register
(3) to declarekeyword shall of
parameters nota be used.lambda expression,
generic
(4) to declare a function template using trailing return type syntax.
The typedef specifier shall not be used.
Each expression statement and identifier declaration shall be placed on a separate line.
A non-type specifier shall be placed before a type specifier in a declaration.
A class, structure, or enumeration shall not be declared in the definition of its type.
Enumeration underlying base type shall be explicitly defined.
Enumerations shall be declared as scoped enum classes.
In an enumeration, either (1) none, (2) the first or (3) all enumerators shall be initialized.
The global namespace shall only contain main, namespace declarations and extern "C" declarations.
The identifier main shall not be used for a function other than the global function main.
There shall be no unnamed namespaces in header files.
Using-directives shall not be used.
All overloads of a function shall be visible from where it is called.
Using-directives and using-declarations (excluding class scope or function scope using-declarations) shall not be used in heade
The asm declaration shall not be used.
Assembler instructions shall only be introduced using the asm declaration.
Assembly language shall be encapsulated and isolated.
A function shall not return a reference or a pointer to an automatic variable (including parameters), defined within the function.
The address of an object with automatic storage shall not be assigned to another object that may persist after the first object ha
A function shall not return a reference or a pointer to a parameter that is passed by reference to const.
Functions shall not call themselves, either directly or indirectly.
Functions declared with the [[noreturn]] attribute shall not return.
An init-declarator-list or a member-declarator-list shall consist of a single init-declarator or member-declarator respectively.
When declaring function templates, the trailing return type syntax shall be used if the return type depends on the type of param
Parameters in an overriding virtual function shall either use the same default arguments as the function they override, or else sh
Functions shall not be defined using the ellipsis notation.
The identifiers used for the parameters in a re-declaration of a function shall be identical to those in the declaration.
All exit paths from a function with non-void return type shall have an explicit return statement with an expression.
A function identifier shall either be used to call the function or it shall be preceded by &.
Multiple output values from a function should be returned as a struct or tuple.
"consume" parameters declared as X && shall always be moved from.
"forward" parameters declared as T && shall always be forwarded.
"in" parameters for "cheap to copy" types shall be passed by value.
Output parameters shall not be used.
"in-out" parameters declared as T & shall be modified.
A parameter shall be passed by reference if it can't be NULL
Interfaces shall be precisely and strongly typed.
All
(2)memory shallclasses
direct base be initialized before
in left to right itorder
is read.
of inheritance list,
(3) non-static data members in the order they were declared in the class definition.
Braces shall be used to indicate and match the structure in the non-zero initialization of arrays and structures.
Braced-initialization {}, without equals sign, shall be used for variable initialization.
A variable of type auto shall not be initialized using {} or ={} braced-initialization.
If a class has a user-declared constructor that takes a parameter of type std::initializer_list, then it shall be the only constructor
Const member functions shall not return non-const pointers or references to class-data.
Member functions shall not return non-const "raw" pointers or references to private or protected data owned by the class.
If a member function can be made static then it shall be made static, otherwise if it can be made const then it shall be made con
Unions shall not be used.
Data types used for interfacing with hardware or conforming to communication protocols shall be trivial, standard-layout and on
Named bit-fields with signed integer type shall have a length of more than one bit.
Your Notes
Code Metrics
This tab lists code complexity metrics that Polyspace calculates, for instance, number of lines in code, cyclomatic complexity, an

Category Acronym Code Metric Name

Project AP_CG_CYCLE Number of Recursions
Project AP_CG_DIRECT_CYCLE Number of Direct Recursions
Project FILES Number of Files
Project INCLUDES Number of Headers
Project PROG_MAX_STACK Program Maximum Stack Usage
Project PROG_MIN_STACK Program Minimum Stack Usage
Project PSHV Number of Protected Shared Variables
Project UNPSHV Number of Potentially Unprotected Shared Variables
Function CALLING Number of Calling Functions
Function CALLS Number of Called Functions
Function FLIN Number of Lines Within Body
Function FXLN Number of Executable Lines
Function GOTO Number of Goto Statements
Function LEVEL Number of Call Levels
Function LOCAL_STATIC_VARS Number of Local Static Variables
Function LOCAL_VARS Number of Local Non-Static Variables
Function LOCAL_VARS_MAX Higher Estimate of Size of Local Variables
Function LOCAL_VARS_MIN Lower Estimate of Size of Local Variables
Function MAX_STACK Maximum Stack Usage
Function MIN_STACK Minimum Stack Usage
Function NCALLS Number of Call Occurrences
Function PARAM Number of Function Parameters
Function PATH Number of Paths
Function RETURN Number of Return Statements
Function STMT Number of Instructions
Function VG Cyclomatic Complexity
Function VOCF Language Scope
File COMF Comment Density
File FCO Estimated Function Coupling
File LINES_WITHOUT_CMT Number of Lines Without Comment
File TOTAL_LINES Number of Lines
lines in code, cyclomatic complexity, and estimates of local variable size.

Your Notes
Guidelines
This tab lists Guidelines.

Category Acronym Description

Software Complexity SC01 Number of lines exceeds threshold
Software Complexity SC02 Comment density falls below threshold
Software Complexity SC03 Call tree complexity exceeds threshold
Software Complexity SC04 Number of calling functions exceeds threshold
Software Complexity SC05 Number of called functions exceeds threshold
Software Complexity SC06 Number of function calls exceeds threshold
Software Complexity SC07 Number of function parameters exceeds threshold
Software Complexity SC08 Number of local non-static variables exceeds threshold
Software Complexity SC09 Number of local static variables exceeds threshold
Software Complexity SC10 Number of lines in function body exceeds threshold
Software Complexity SC11 Number of executable lines in function body exceeds threshold
Software Complexity SC12 Number of statements exceeds threshold
Software Complexity SC13 Number of goto statements exceeds threshold
Software Complexity SC14 Depth of call nesting exceeds threshold
Software Complexity SC15 Number of static paths exceeds threshold
Software Complexity SC16 Number of return statements exceeds threshold
Software Complexity SC17 Cyclomatic complexity exceeds threshold
Software Complexity SC18 Language scope exceeds threshold
Your Notes
Common Weakness Enumeration
This tab lists Common Weakness Enumeration (CWE) coding rules that Polyspace supports.

Section
External Control of System or Configuration Setting
Relative Path Traversal
Absolute Path Traversal
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Argument Injection or Modification
Process Control
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Buffer Underwrite ('Buffer Underflow')
Out-of-bounds Read
Wrap-around Error
Improper Validation of Array Index
Incorrect Calculation of Buffer Size
Uncontrolled Format String
Incorrect Calculation of Multi-Byte String Length
Improper Null Termination
Reliance on Data/Memory Layout
Integer Overflow or Wraparound
Integer Underflow (Wrap or Wraparound)
Unexpected Sign Extension
Numeric Truncation Error
Use of Incorrect Byte Ordering
Sensitive Information Uncleared Before Release
Use of Inherently Dangerous Function
Unchecked Return Value
Incorrect Check of Function Return Value
Improper Check for Dropped Privileges
Missing Critical Step in Authentication
Missing Encryption of Sensitive Data
Cleartext Storage of Sensitive Information
Use of Hard-coded Cryptographic Key
Key Exchange without Entity Authentication
Missing Required Cryptographic Step
Use of a Broken or Risky Cryptographic Algorithm
Reversible One-Way Hash
Same Seed in PRNG
Predictable Seed in PRNG
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Missing Support for Integrity Check
Improper Validation of Integrity Check Value
Signal Handler Race Condition
Race Condition within a Thread
Time-of-check Time-of-use (TOCTOU) Race Condition
Divide By Zero
Incomplete Internal State Distinction
Returning a Mutable Object to an Untrusted Caller
Insecure Temporary File
Unchecked Error Condition
Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Improper Resource Shutdown or Release
Improper Resource Locking
Use After Free
Uncontrolled Search Path Element
Missing Initialization of a Variable
Return of Pointer Value Outside of Expected Range
Incorrect Pointer Scaling
Use of Pointer Subtraction to Determine Size
Modification of Assumed-Immutable Data (MAID)
Use of Function with Inconsistent Implementations
Undefined Behavior for Input to API
NULL Pointer Dereference
Use of Obsolete Functions
Use of Incorrect Operator
Omitted Break Statement in Switch
Insufficiently Protected Credentials
Return of Stack Variable Address
Assignment of a Fixed Address to a Pointer
Unchecked Input for Loop Condition
Function Call with Incorrectly Specified Arguments
Use of a Non-reentrant Function in a Concurrent Context
Improper Initialization
Operation on Resource in Wrong Phase of Lifetime
Improper Locking
Operation on a Resource after Expiration or Release
Use of Potentially Dangerous Function
Incorrect Conversion between Numeric Types
Use of a One-Way Hash without a Salt
Allocation of Resources Without Limits or Throttling
Missing Release of Resource after Effective Lifetime
Access of Memory Location Before Start of Buffer
Out-of-bounds Write
Buffer Access with Incorrect Length Value
Untrusted Pointer Dereference
Use of Out-of-range Pointer Offset
Access of Uninitialized Pointer
Expired Pointer Dereference
Premature Release of Resource During Expected Lifetime
Signal Handler with Functionality that is not Asynchronous-Safe
Unlock of a Resource that is not Locked
Deadlock
Access of Resource Using Incompatible Type ('Type Confusion')
Use of Uninitialized Resource
Use of Expired File Descriptor
Numeric Errors
Integer Coercion Error
Often Misused: String Management
Cryptographic Issues
Key Management Errors
Signal Errors
Pointer Issues
CERT C++ Secure Coding Section 04 - Integers (INT)
CERT C++ Secure Coding Section 05 - Floating Point Arithmetic (FLP)
Improper Input Validation
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Improper Restriction of Operations within the Bounds of a Memory Buffer
Improper Fulfillment of API Contract ('API Abuse')
Execution with Unnecessary Privileges
Improper Authentication
Inadequate Encryption Strength
Use of Insufficiently Random Values
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Indicator of Poor Code Quality
Improper Following of Specification by Caller
Improper Control of a Resource Through its Lifetime
Duplicate Operations on Resource
Incorrect Calculation
Insufficient Control Flow Management
Protection Mechanism Failure
Incorrect Behavior Order
Improper Check or Handling of Exceptional Conditions
Incorrect Type Conversion or Cast
Incorrect Control Flow Scoping
Coding Standards Violation
Incorrect Permission Assignment for Critical Resource
Improper Check for Unusual or Exceptional Conditions
Improper Handling of Exceptional Conditions
Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Insecure Storage of Sensitive Information
Untrusted Search Path
Unchecked Return Value to NULL Pointer Dereference
Improper Handling of Windows Device Names
Stack-based Buffer Overflow
Heap-based Buffer Overflow
Buffer Over-read
Buffer Under-read
Improper Handling of Length Parameter Inconsistency
Signed to Unsigned Conversion Error
Unsigned to Signed Conversion Error
Improper Handling of Inconsistent Structural Elements
Creation of chroot Jail Without Changing Working Directory
Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Improper Validation of Certificate with Host Mismatch
Cleartext Storage of Sensitive Information in Memory
Not Using a Random IV with CBC Mode
Double Free
Use of Uninitialized Variable
Use of sizeof() on a Pointer Type
Missing Default Case in Switch Statement
Signal Handler Use of a Non-reentrant Function
Assigning instead of Comparing
Comparing instead of Assigning
Incorrect Block Delimitation
Information Exposure Through Log Files
Information Exposure Through Debug Log Files
Information Exposure Through Shell Error Message
Use of Hard-coded, Security-relevant Constants
Use of getlogin() in Multithreaded Application
Use of umask() with chmod-style Argument
Dead Code
Free of Memory not on the Heap
Function Call With Incorrect Order of Arguments
Function Call With Incorrect Number of Arguments
Function Call With Incorrect Argument Type
Function Call With Incorrectly Specified Argument Value
Mismatched Memory Management Routines
Multiple Locks of a Critical Resource
Multiple Unlocks of a Critical Resource
Access to Critical Private Variable via Public Method
Use of RSA Algorithm without OAEP
Operator Precedence Logic Error
Use of Path Manipulation Function without Maximum-sized Buffer
Uncontrolled Memory Allocation
 Type Acronym
Base CWE-15
Base CWE-23
Base CWE-36
Base CWE-78
Base CWE-88
Base CWE-114
Base CWE-120
Base CWE-124
Base CWE-125
Base CWE-128
Base CWE-129
Base CWE-131
Base CWE-134
Base CWE-135
Base CWE-170
Base CWE-188
Base CWE-190
Base CWE-191
Base CWE-194
Base CWE-197
Base CWE-198
Base CWE-226
Base CWE-242
Base CWE-252
Base CWE-253
Base CWE-273
Base CWE-304
Base CWE-311
Base CWE-312
Base CWE-321
Base CWE-322
Base CWE-325
Base CWE-327
Base CWE-328
Base CWE-336
Base CWE-337
Base CWE-338
Base CWE-353
Base CWE-354
Base CWE-364
Base CWE-366
Base CWE-367
Base CWE-369
Base CWE-372
Base CWE-375
Base CWE-377
Base CWE-391
Base CWE-401
Base CWE-404
Base CWE-413
Base CWE-416
Base CWE-427
Base CWE-456
Base CWE-466
Base CWE-468
Base CWE-469
Base CWE-471
Base CWE-474
Base CWE-475
Base CWE-476
Base CWE-477
Base CWE-480
Base CWE-484
Base CWE-522
Base CWE-562
Base CWE-587
Base CWE-606
Base CWE-628
Base CWE-663
Base CWE-665
Base CWE-666
Base CWE-667
Base CWE-672
Base CWE-676
Base CWE-681
Base CWE-759
Base CWE-770
Base CWE-772
Base CWE-786
Base CWE-787
Base CWE-805
Base CWE-822
Base CWE-823
Base CWE-824
Base CWE-825
Base CWE-826
Base CWE-828
Base CWE-832
Base CWE-833
Base CWE-843
Base CWE-908
Base CWE-910
Category CWE-189
Category CWE-192
Category CWE-251
Category CWE-310
Category CWE-320
Category CWE-387
Category CWE-465
Category CWE-872
Category CWE-873
Class CWE-20
Class CWE-22
Class CWE-77
Class CWE-119
Class CWE-227
Class CWE-250
Class CWE-287
Class CWE-326
Class CWE-330
Class CWE-362
Class CWE-398
Class CWE-573
Class CWE-664
Class CWE-675
Class CWE-682
Class CWE-691
Class CWE-693
Class CWE-696
Class CWE-703
Class CWE-704
Class CWE-705
Class CWE-710
Class CWE-732
Class CWE-754
Class CWE-755
Class CWE-758
Class CWE-922
Compound_Element CWE-426
Compound_Element CWE-690
Variant CWE-67
Variant CWE-121
Variant CWE-122
Variant CWE-126
Variant CWE-127
Variant CWE-130
Variant CWE-195
Variant CWE-196
Variant CWE-240
Variant CWE-243
Variant CWE-244
Variant CWE-297
Variant CWE-316
Variant CWE-329
Variant CWE-415
Variant CWE-457
Variant CWE-467
Variant CWE-478
Variant CWE-479
Variant CWE-481
Variant CWE-482
Variant CWE-483
Variant CWE-532
Variant CWE-534
Variant CWE-535
Variant CWE-547
Variant CWE-558
Variant CWE-560
Variant CWE-561
Variant CWE-590
Variant CWE-683
Variant CWE-685
Variant CWE-686
Variant CWE-687
Variant CWE-762
Variant CWE-764
Variant CWE-765
Variant CWE-767
Variant CWE-780
Variant CWE-783
Variant CWE-785
Variant CWE-789
One or more system settings or configuration elements can be externally controlled by a user.
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly ne
The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly ne
The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it do
The software does not sufficiently delimit the arguments being passed to a component in another control sphere, allowing altern
Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of th
The software writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
The software reads data past the end, or before the beginning, of the intended buffer.
Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" t
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly valid
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
The software uses externally-controlled format strings in printf-style functions, which can lead to buffer overflows or data repres
The software does not correctly calculate the length of strings that can contain wide or multi-byte characters.
The software does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.
The software makes invalid assumptions about how protocol data or memory is organized at a lower level, resulting in unintend
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resu
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which prod
The software performs an operation on a number that causes it to be sign extended when it is transformed into a larger data typ
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.
The software receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-en
The software does not fully clear previously used information in a data structure, file, or other resource, before making that reso
The program calls a function that can never be guaranteed to work safely.
The software does not check the return value from a method or function, which can prevent it from detecting unexpected states
The software incorrectly checks a return value from a function, which prevents the software from detecting errors or exceptiona
The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
The software implements an authentication technique, but it skips a step that weakens the technique.
The software does not encrypt sensitive or critical information before storage or transmission.
The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.
The software performs a key exchange with an actor without verifying the identity of that actor.
The software does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised b
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive informa
The product uses a hashing algorithm that produces a hash value that can be used to determine the original input, or to find an
A PRNG uses the same seed each time the product is initialized. If an attacker can guess (or knows) the seed, then he/she ma
A PRNG is initialized from a predictable seed, e.g. using process ID or system time.
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG is not cryptographically st
The software uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during trans
The software does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may preve
The software uses a signal handler that introduces a race condition.
If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid,
The software checks the state of a resource before using that resource, but the resource's state can change between the check
The product divides a value by zero.
The software does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, ca
Sending non-cloned mutable data as a return value may result in that data being altered or deleted by the calling function.
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
The software does not sufficiently track and release allocated memory after it has been used, which slowly consumes remainin
The program does not release or incorrectly releases a resource before it is made available for re-use.
The software does not lock or does not correctly lock a resource when the software must have exclusive access to the resource
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the co
The software does not initialize critical variables, which causes the execution environment to use unexpected values.
A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference.
In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicit
The application subtracts one pointer from another in order to determine size, but this calculation can be incorrect if the pointers
The software does not properly protect an assumed-immutable element from being modified by an attacker.
The code uses a function that has inconsistent implementations across operating systems and versions.
The behavior of this function is undefined unless its control parameter is set to a specific value.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typicall
The code uses deprecated or obsolete functions, which suggests that the code has not been actively reviewed or maintained.
The programmer accidentally uses the wrong operator, which changes the application logic in security-relevant ways.
The program omits a break statement within a switch or similar construct, causing code associated with multiple conditions to e
This weakness occurs when the application transmits or stores authentication credentials and uses an insecure method that is
A function returns the address of a stack variable, which will cause unintended program behavior, typically in the form of a cras
The software sets a pointer to a specific address other than NULL or 0.
The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service because
The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect b
The software calls a non-reentrant function in a concurrent context in which a competing code sequence (e.g. thread or signal h
The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when
The software performs an operation on a resource at the wrong phase of the resource's lifecycle, which can lead to unexpected
The software does not properly acquire a lock on a resource, or it does not properly release a lock on a resource, leading to un
The software uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
The program invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produc
The software uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the so
The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on how
The software does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
The software reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of th
The software writes data past the end, or before the beginning, of the intended buffer.
The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access
The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.
The program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of
The program accesses or uses a pointer that has not been initialized.
The program dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
The program releases a resource that is still intended to be used by the program itself or another actor.
The software defines a signal handler that contains code sequences that are not asynchronous-safe, i.e., the functionality is no
The software attempts to unlock a resource that is not locked.
The software contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resu
The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that re
The software uses a resource that has not been properly initialized.
The software uses or accesses a file descriptor after it has been closed.
Weaknesses in this category are related to improper calculation or conversion of numbers.
Integer coercion refers to a set of flaws pertaining to the type casting, extension, or truncation of primitive data types.
Functions that manipulate strings encourage buffer overflows.
Weaknesses in this category are related to the use of cryptography.
Weaknesses in this category are related to errors in the management of cryptographic keys.
Weaknesses in this category are related to the improper handling of signals.
Weaknesses in this category are related to improper handling of pointers.
Weaknesses in this category are related to rules in the Integers (INT) section of the CERT C++ Secure Coding Standard. Since
Weaknesses in this category are related to rules in the Floating Point Arithmetic (FLP) section of the CERT C++ Secure Coding
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneat
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does no
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the i
The software uses an API in a manner contrary to its intended use.
The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weak
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough
The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.
The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary,
The code has features that do not directly introduce a weakness or vulnerability, but indicate that the product has not been care
The software does not follow or incorrectly follows the specifications as required by the implementation language, environment,
The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and rele
The product performs the same operation on a resource two or more times, when the operation should only be applied once.
The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decision
The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be mo
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks a
The software performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produ
The software does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the softw
The software does not correctly convert an object, resource or structure from one type to a different type.
The software does not properly return control flow to the proper location after it has completed a task or detected an unusual co
The software does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the sev
The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by u
The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequen
The software does not handle or incorrectly handles an exceptional condition.
The software uses an API function, data structure, or other entity in a way that relies on properties that are not always guarante
The software stores sensitive information without properly limiting read or write access by unauthorized actors.
The application searches for critical resources using an externally-supplied search path that can point to resources that are not
The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which lea
The software constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a Win
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a loca
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memo
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations
The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is incons
The software uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if t
The software uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if t
The software does not handle or incorrectly handles when two or more structural elements should be consistent, but are not.
The program uses the chroot() system call to create a jail, but does not change the working directory afterward. This does not p
Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because
The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate
The application stores sensitive information in cleartext in memory.
Not using a random initialization Vector (IV) with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dic
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
The code calls sizeof() on a malloced pointer type, which always returns the wordsize/8. This can produce an unexpected resul
The code does not have a default case in a switch statement, which might lead to complex logical errors and resultant weaknes
The program defines a signal handler that calls a non-reentrant function.
The code uses an operator for assignment when the intention was to perform a comparison.
The code uses an operator for comparison when the intention was to perform an assignment.
The code does not explicitly delimit a block that is intended to contain 2 or more statements, creating a logic error.
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user in
The application does not sufficiently restrict access to a log file that is used for debugging.
A command shell error message indicates that there exists an unhandled exception in the web application code. In many cases
The program uses hard-coded constants instead of symbolic names for security-critical values, which increases the likelihood o
The application uses the getlogin() function in a multithreaded context, potentially causing it to return incorrect values.
The product calls umask() with an incorrect argument that is specified as if it is an argument to chmod().
The software contains dead code, which can never be executed.
The application calls free() on a pointer to memory that was not allocated using associated heap allocation functions such as m
The software calls a function, procedure, or routine, but the caller specifies the arguments in an incorrect order, leading to resu
The software calls a function, procedure, or routine, but the caller specifies too many arguments, or too few arguments, which m
The software calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may
The software calls a function, procedure, or routine, but the caller specifies an argument that contains the wrong value, which m
The application attempts to return a memory resource to the system, but it calls a release function that is not compatible with th
The software locks a critical resource more times than intended, leading to an unexpected state in the system.
The software unlocks a critical resource more times than intended, leading to an unexpected state in the system.
The software defines a public method that reads or modifies a private variable.
The software uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might w
The program uses an expression in which operator precedence causes incorrect logic to be used.
The software invokes a function for normalizing paths or file names, but it provides an output buffer that is smaller than the max
The product allocates memory based on an untrusted size value, but it does not validate or incorrectly validates the size, allowi
TAINTED_ENV_VARIABLE TAINTED_HOSTID
PATH_TRAVERSAL
PATH_TRAVERSAL
TAINTED_EXTERNAL_CMD UNSAFE_SYSTEM_CALL
TAINTED_EXTERNAL_CMD UNSAFE_SYSTEM_CALL
RELATIVE_PATH_CMD RELATIVE_PATH_LIB TAINTED_EXTERNAL_CMD TAINTED_PATH_CMD TAINTED_PATH_LIB
MEM_STD_LIB STR_STD_LIB TAINTED_STRING
STR_FORMAT_BUFFER_OVERFLOW STRLIB_BUFFER_UNDERFLOW TAINTED_ARRAY_INDEX TAINTED_PTR_OFFSE
STR_FORMAT_BUFFER_OVERFLOW STRLIB_BUFFER_OVERFLOW TAINTED_ARRAY_INDEX
INT_OVFL INT_CONSTANT_OVFL UINT_OVFL UINT_CONSTANT_OVFL INT_CONV_OVFL UINT_CONV_OVFL TAINTED_
TAINTED_ARRAY_INDEX TAINTED_PTR_OFFSET
UINT_OVFL UINT_CONV_OVFL TAINTED_SIGN_CHANGE TAINTED_MEMORY_ALLOC_SIZE TAINTED_VLA_SIZE OUT_
TAINTED_STRING_FORMAT
NARROW_WIDE_STR_MISUSE PTR_CAST STRLIB_BUFFER_OVERFLOW
MISSING_NULL_CHAR READLINK_MISUSE TAINTED_STRING
INVALID_MEMORY_ASSUMPTION MEMCMP_PADDING_DATA MEMCMP_STRINGS OUT_BOUND_PTR MISSING_BYTES
INT_CONV_OVFL INT_OVFL INT_CONSTANT_OVFL SHIFT_OVFL TAINTED_INT_DIVISION UINT_CONV_OVFL UINT_OV
INT_CONV_OVFL INT_OVFL INT_CONSTANT_OVFL UINT_CONV_OVFL UINT_OVFL UINT_CONSTANT_OVFL
SIGN_CHANGE TAINTED_SIGN_CHANGE
FLOAT_CONV_OVFL INT_CONV_OVFL UINT_CONV_OVFL
MISSING_BYTESWAP
SENSITIVE_STACK_NOT_CLEARED
DANGEROUS_STD_FUNC
RETURN_NOT_CHECKED
RETURN_NOT_CHECKED ERRNO_NOT_CHECKED MISSING_ERRNO_RESET UNPROTECTED_MEMORY_ALLOCATION
MISSING_PRIVILEGE_DROP_CHECK
CRYPTO_SSL_NO_ROLE
CRYPTO_CIPHER_NO_DATA CRYPTO_CIPHER_NO_FINAL
SENSITIVE_STACK_NOT_CLEARED SENSITIVE_HEAP_NOT_CLEARED
CRYPTO_CIPHER_CONSTANT_KEY
CRYPTO_SSL_NO_ROLE
CRYPTO_CIPHER_NO_DATA CRYPTO_CIPHER_NO_FINAL CRYPTO_PKEY_NO_DATA CRYPTO_PKEY_NO_PARAMS C
UNSAFE_STD_CRYPT CRYPTO_CIPHER_WEAK_CIPHER CRYPTO_CIPHER_WEAK_MODE CRYPTO_PKEY_WEAK_PA
CRYPTO_MD_WEAK_HASH
RAND_SEED_CONSTANT
RAND_SEED_PREDICTABLE
CRYPTO_CIPHER_PREDICTABLE_IV CRYPTO_CIPHER_PREDICTABLE_KEY VULNERABLE_PRNG
CRYPTO_MD_WEAK_HASH CRYPTO_MD_BAD_FUNCTION
CRYPTO_MD_BAD_FUNCTION
SIG_HANDLER_SHARED_OBJECT SIG_HANDLER_ASYNC_UNSAFE SIG_HANDLER_ASYNC_UNSAFE_STRICT
DATA_RACE DATA_RACE_ALL DATA_RACE_STD_LIB
TOCTOU
FLOAT_STD_LIB FLOAT_ZERO_DIV INT_STD_LIB INT_ZERO_DIV TAINTED_INT_DIVISION TAINTED_INT_MOD
CRYPTO_CIPHER_BAD_FUNCTION CRYPTO_CIPHER_NO_DATA CRYPTO_CIPHER_NO_FINAL CRYPTO_PKEY_NO_P
BREAKING_DATA_ENCAPSULATION
NON_SECURE_TEMP_FILE
ERRNO_NOT_CHECKED
MEM_LEAK THREAD_MEM_LEAK
BAD_DELETE BAD_FREE MEM_LEAK THREAD_MEM_LEAK WIN_MISMATCH_DEALLOC
DATA_RACE DATA_RACE_ALL DATA_RACE_STD_LIB SIG_HANDLER_SHARED_OBJECT SIG_HANDLER_ASYNC_UNS
FREED_PTR MISSING_FREED_PTR_RESET
RELATIVE_PATH_CMD RELATIVE_PATH_LIB
MISSING_ERRNO_RESET NON_INIT_MEMBER NON_INIT_PTR NON_INIT_VAR
BAD_INT_PTR_CAST OUT_BOUND_ARRAY OUT_BOUND_PTR
BAD_PTR_SCALING
PTR_TO_DIFF_ARRAY
CONSTANT_OBJECT_WRITE
OBSOLETE_STD_FUNC SIG_HANDLER_CALLING_SIGNAL
OVERLAPPING_COPY
NULL_PTR TAINTED_STRING
OBSOLETE_STD_FUNC
BAD_EQUAL_USE BAD_EQUAL_EQUAL_USE
MISSING_SWITCH_BREAK
UNSAFE_STD_CRYPT CRYPTO_SSL_WEAK_PROTOCOL CRYPTO_PKEY_WEAK_PARAMS CRYPTO_RSA_LOW_EXPO
LOCAL_ADDR_ESCAPE PUTENV_AUTO_VAR
BAD_INT_PTR_CAST FUNC_PTR_ABSOLUTE_ADDR
TAINTED_LOOP_BOUNDARY
BAD_FILE_ACCESS_MODE_STATUS INVALID_VA_LIST_ARG OVERLAPPING_COPY STD_FUNC_ARG_MISMATCH WRI
UNSAFE_STD_CRYPT UNSAFE_STD_FUNC SIG_HANDLER_ASYNC_UNSAFE SIG_HANDLER_ASYNC_UNSAFE_STRIC
IMPROPER_ARRAY_INIT MEMSET_INVALID_SIZE MEMSET_INVALID_VALUE OVERLAPPING_ASSIGN
BAD_NETWORK_CONNECT_ORDER
BAD_LOCK DESTROY_LOCKED BLOCKING_WHILE_LOCKED
CLOSED_RESOURCE_USE DOUBLE_RESOURCE_CLOSE
DANGEROUS_STD_FUNC UNSAFE_STR_TO_NUMERIC
FLOAT_CONV_OVFL INT_TO_FLOAT_PRECISION_LOSS
CRYPTO_MD_NO_SALT
TAINTED_VLA_SIZE
RESOURCE_LEAK
STRLIB_BUFFER_UNDERFLOW
STRLIB_BUFFER_OVERFLOW STRLIB_BUFFER_UNDERFLOW
HARD_CODED_MEM_SIZE
TAINTED_PTR TAINTED_STRING
OUT_BOUND_PTR TAINTED_PTR_OFFSET
NON_INIT_PTR
DOUBLE_DEALLOCATION FREED_PTR LOCAL_ADDR_ESCAPE TEMP_OBJECT_ACCESS INVALID_ENV_POINTER PUT
DESTROY_LOCKED CLOSED_RESOURCE_USE DOUBLE_RESOURCE_CLOSE
SIG_HANDLER_ASYNC_UNSAFE SIG_HANDLER_ASYNC_UNSAFE_STRICT
BAD_UNLOCK
DEADLOCK
PTR_CAST
NON_INIT_MEMBER NON_INIT_PTR NON_INIT_VAR
CLOSED_RESOURCE_USE DOUBLE_RESOURCE_CLOSE STD_FUNC_ARG_MISMATCH
INT_CONV_OVFL INT_OVFL INT_CONSTANT_OVFL SHIFT_OVFL SHIFT_NEG UINT_CONV_OVFL UINT_OVFL UINT_CO
INT_CONV_OVFL INT_OVFL UINT_CONV_OVFL UINT_OVFL SIGN_CHANGE TAINTED_SIGN_CHANGE
STRLIB_BUFFER_OVERFLOW
CRYPTO_CIPHER_CONSTANT_IV CRYPTO_CIPHER_CONSTANT_KEY CRYPTO_CIPHER_NO_ALGORITHM CRYPTO_C
CRYPTO_CIPHER_CONSTANT_KEY CRYPTO_CIPHER_NO_KEY CRYPTO_PKEY_NO_PUBLIC_KEY CRYPTO_PKEY_NO
SIG_HANDLER_COMP_EXCP_RETURN SIG_HANDLER_CALLING_SIGNAL SIG_HANDLER_ASYNC_UNSAFE SIG_HAND
BAD_INT_PTR_CAST
INT_STD_LIB
BAD_FLOAT_OP FLOAT_ABSORPTION FLOAT_OVFL FLOAT_STD_LIB
UNSAFE_STR_TO_NUMERIC
PATH_TRAVERSAL
TAINTED_EXTERNAL_CMD
OUT_BOUND_ARRAY OUT_BOUND_PTR
CONSTANT_OBJECT_WRITE FLOAT_STD_LIB INT_STD_LIB MEM_STD_LIB OTHER_STD_LIB STR_STD_LIB
BAD_PRIVILEGE_DROP_ORDER MISSING_PRIVILEGE_DROP_CHECK
CRYPTO_SSL_CERT_NOT_CHECKED
CRYPTO_CIPHER_CONSTANT_IV CRYPTO_CIPHER_CONSTANT_KEY CRYPTO_CIPHER_NO_IV CRYPTO_CIPHER_PR
CRYPTO_CIPHER_PREDICTABLE_IV CRYPTO_CIPHER_PREDICTABLE_KEY RAND_SEED_CONSTANT RAND_SEED_P
DOUBLE_RESOURCE_OPEN FILE_EXPOSURE_TO_CHILD
USELESS_WRITE
WRITE_INTERNAL_BUFFER_RETURNED_FROM_STD_FUNC CRYPTO_CIPHER_NO_ALGORITHM CRYPTO_CIPHER_N
CRYPTO_CIPHER_BAD_FUNCTION CRYPTO_CIPHER_NO_DATA CRYPTO_CIPHER_NO_FINAL CRYPTO_CIPHER_NO_
DOUBLE_RESOURCE_OPEN
BAD_PLAIN_CHAR_USE BITWISE_NEG FLOAT_ABSORPTION FLOAT_OVFL FLOAT_STD_LIB INT_STD_LIB TAINTED_IN
SETJMP_LONGJMP_USE
CRYPTO_SSL_WEAK_PROTOCOL
BAD_PRIVILEGE_DROP_ORDER
ERRNO_MISUSE MISSING_ERRNO_RESET
CHAR_EOF_CONFUSED CHARACTER_MISUSE OBJECT_SIZE_MISMATCH PTR_CAST QUALIFIER_MISMATCH INT_TO
EXIT_ABNORMAL_HANDLER
BITWISE_ARITH_MIX
DANGEROUS_PERMISSIONS
RETURN_NOT_CHECKED
EXCP_HANDLER_HIDDEN
BAD_INT_PTR_CAST BAD_PLAIN_CHAR_USE BITWISE_NEG
BAD_UMASK CHROOT_MISUSE DANGEROUS_PERMISSIONS NON_SECURE_TEMP_FILE
TAINTED_PATH_CMD TAINTED_PATH_LIB
UNPROTECTED_MEMORY_ALLOCATION RETURN_NOT_CHECKED NULL_PTR TAINTED_PTR TAINTED_STRING MEM
INAPPROPRIATE_IO_ON_DEVICE
STRLIB_BUFFER_OVERFLOW TAINTED_ARRAY_INDEX
TAINTED_PTR_OFFSET
STR_FORMAT_BUFFER_OVERFLOW
STR_FORMAT_BUFFER_OVERFLOW
DATA_LENGTH_MISMATCH
SIGN_CHANGE TAINTED_SIGN_CHANGE
SIGN_CHANGE
DATA_LENGTH_MISMATCH
CHROOT_MISUSE
SENSITIVE_HEAP_NOT_CLEARED
CRYPTO_SSL_HOSTNAME_NOT_CHECKED
SENSITIVE_STACK_NOT_CLEARED SENSITIVE_HEAP_NOT_CLEARED
CRYPTO_CIPHER_CONSTANT_IV CRYPTO_CIPHER_NO_IV CRYPTO_CIPHER_PREDICTABLE_IV
DOUBLE_DEALLOCATION MISSING_FREED_PTR_RESET
NON_INIT_MEMBER NON_INIT_PTR NON_INIT_VAR
PTR_SIZEOF_MISMATCH SIZEOF_MISUSE
MISSING_SWITCH_CASE
SIG_HANDLER_ASYNC_UNSAFE SIG_HANDLER_ASYNC_UNSAFE_STRICT
BAD_EQUAL_USE
BAD_EQUAL_EQUAL_USE
INCORRECT_INDENTATION SEMICOLON_CTRL_STMT_SAME_LINE
SENSITIVE_DATA_PRINT
SENSITIVE_DATA_PRINT
SENSITIVE_DATA_PRINT
HARD_CODED_BUFFER_SIZE HARD_CODED_LOOP_BOUNDARY
UNSAFE_STD_FUNC
BAD_UMASK
DEAD_CODE UNCALLED_FUNC UNREACHABLE
BAD_FREE
STRING_FORMAT MEMSET_INVALID_VALUE
DECL_MISMATCH STD_FUNC_ARG_MISMATCH STRING_FORMAT TOO_MANY_VA_ARG_CALLS
BAD_FILE_ACCESS_MODE_STATUS CONSTANT_OBJECT_WRITE DECL_MISMATCH STD_FUNC_ARG_MISMATCH ST
NON_POSITIVE_VLA_SIZE OVERLAPPING_COPY STD_FUNC_ARG_MISMATCH
BAD_FREE WIN_MISMATCH_DEALLOC
DOUBLE_LOCK
DOUBLE_UNLOCK
BREAKING_DATA_ENCAPSULATION
CRYPTO_RSA_NO_PADDING CRYPTO_RSA_WEAK_PADDING
OPERATOR_PRECEDENCE
PATH_BUFFER_OVERFLOW
TAINTED_MEMORY_ALLOC_SIZE TAINTED_VLA_SIZE UNPROTECTED_MEMORY_ALLOCATION
Your Notes
PHER_WEAK_MODE CRYPTO_PKEY_NO_PUBLIC_KEY CRYPTO_PKEY_NO_PEER CRYPTO_PKEY_NO_PRIVATE_KEY CRYPTO_P

O_PADDING CRYPTO_RSA_WEAK_PADDING CRYPTO_RSA_LOW_EXPONENT

PTO_PKEY_INCORRECT_INIT CRYPTO_PKEY_INCORRECT_KEY CRYPTO_RSA_NO_BLINDING CRYPTO_RSA_BAD_PADDING CR

_INIT CRYPTO_RSA_BAD_PADDING CRYPTO_MD_BAD_FUNCTION
PRIVATE_KEY CRYPTO_PKEY_NO_PARAMS CRYPTO_PKEY_WEAK_PARAMS CRYPTO_RSA_LOW_EXPONENT CRYPTO_PKEY_N

_RSA_BAD_PADDING CRYPTO_MD_BAD_FUNCTION CRYPTO_MD_NO_ALGORITHM CRYPTO_SSL_BAD_ROLE CRYPTO_SSL_NO

XPONENT CRYPTO_PKEY_NO_DATA CRYPTO_PKEY_INCORRECT_KEY CRYPTO_PKEY_INCORRECT_INIT CRYPTO_RSA_NO_B

BAD_ROLE CRYPTO_SSL_NO_ROLE CRYPTO_MD_NO_FINAL CRYPTO_SSL_NO_PRIVATE_KEY

T_INIT CRYPTO_RSA_NO_BLINDING CRYPTO_RSA_NO_PADDING CRYPTO_RSA_WEAK_PADDING CRYPTO_RSA_BAD_PADDING
RYPTO_RSA_BAD_PADDING CRYPTO_MD_WEAK_HASH CRYPTO_MD_BAD_FUNCTION CRYPTO_SSL_WEAK_PROTOCOL CRYP
SL_WEAK_PROTOCOL CRYPTO_SSL_NO_CA CRYPTO_SSL_NO_CERTIFICATE