Static Code Analysis - CERT C Secure Code Checking

Size: px
Start display at page:

Download "Static Code Analysis - CERT C Secure Code Checking"

Transcription

1 Static Code Analysis - CERT C Secure Code Checking Frozen Content Modified by on 6-Nov-2013 Related Videos CERT Code Checking The high-level C code written for an embedded software project can sometimes be as varied, in style and implementation, as the developer writing it. From an organization's perspective, it is often preferable if not required to write code that follows a set of defined coding guidelines. Style itself is not such an issue a coding template can be set up to constrain the formatting look and feel. Far more important, is the security of that code. Depending on the organization and/or where the code is to be deployed, it may be a necessary requirement that such code be resilient to external attack by parties attempting to exploit any weaknesses or programmatic errors contained within. To aid you in writing safe, quality C code, Altium Designer includes the ability to perform postcompilation static code analysis, testing against rules and/or recommendations provided by the CERT C Programming Language Secure Coding Standard. The coding checks implemented by this standard give you an edge when developing your software, helping you to deliver C source code containing fewer programming errors that result in exploitable vulnerabilities. The result is code of a much higher quality and that is more secure/robust in its deployed role within the marketed electronic product. CERT C secure code checking brings an invaluable addition to your static code analysis arsenal, alongside MISRA-C checking. Just as a writer has the reassurance of spelling and grammar checkers to produce high-quality documentation, think of these as intelligent 'code-checkers' for embedded developers working with the C programming language and you get the picture! It is important to note that using the static code analysis feature is intended to help detect common programming errors that can lead to insecure areas of code, or code that can exhibit undefined behavior. In simple terms, the analysis is analogous to ERC of source schematics or DRC on a PCB. It simply validates the code against all enabled rules/recommendations of the CERT standard. Passing these rules/recommendations will result in code that is far more secure, but passing these rules/recommendations is not a sole indicator that the resulting software system is 'cast-iron' (or impenetrable) in its security. Enabling Code Checking Code checking is enabled from the Compiler Options tab of the Project Options dialog for the embedded project (Project»Project Options). Click to expand the C Compiler entry on the lefthand side, then click on the CERT C Secure Code Checking entry.

2 Access CERT C Secure Code Checking as part of the C Compiler options. Use the drop-down field on the right-hand side of the tab to choose whether to enable checking and, if enabled, the level of checking. The following options are available: Disabled turn off code checking. Supported rules only check against only the rule-level code practices defined as part of the CERT C Programming Language Secure Coding Standard. Supported recommendations and rules check against both the rule-level and recommendation-level code practices defined as part of the CERT C Programming Language Secure Coding Standard. Custom configuration allows you to specify a customized set of rule-level and/or recommendation-level code practices to check against, from those defined as part of the CERT C Programming Language Secure Coding Standard. When the Custom configuration entry is chosen, you will have access to the Custom Configuration sub-page. The page lists the available rule and recommendations by section (within the standard). Enable/disable which rules/recommendations you wish to include as part of the static code analysis.

3 Enable checking at the individual rule and recommendation level to fine tune the analysis performed on your code. CERT C Secure Code Checking is applied to both C source (*.c) and C header (*.h) files. Interrogating Violations Any violation of an enabled CERT rule or recommendation check will appear as an entry in the Messages panel. Simply double-click on an entry to cross-probe to the line of code in the affected C source document or header file. The line of code will be highlighted and the cursor positioned at the offending point.

4 After performing a static code analysis, cross-probe to an offending line of code directly from the Messages panel. Supported Rules The following table summarizes the rule-level code practices from the CERT C Programming Language Secure Coding Standard, that are available for use in the static code analysis. In the following table, the rule identifier reflects that seen in the Project Options dialog. In the CERT documentation, a -C suffix is used to reflect that the rule is part of the CERT C Programming Language Secure Coding Standard, as various other standards exist dealing with other programming languages. Rule Identifier DCL30 DCL31 DCL32 DCL35 EXP30 EXP32 Section of Standard Rule Description Declare objects with appropriate storage durations Declare identifiers before using them Guarantee that mutually visible identifiers are unique Do not invoke a function using a type that does not match the function definition Do not depend on order of evaluation between sequence points Do not access a volatile object through a non-volatile reference EXP33 Do not reference uninitialized memory EXP34 Ensure a null pointer is not dereferenced EXP37 Call functions with the arguments intended by the API

5 EXP38 Do not call offsetof() on bit-field members or invalid types INT30 Integers Ensure that unsigned integer operations do not wrap INT34 INT35 Integers Integers Do not shift a negative number of bits or more bits than exist in the operand Evaluate integer expressions in a larger size before comparing or assigning to that size FLP30 Floating Point Do not use floating point variables as loop counters FLP35 FLP36 Floating Point Floating Point Take granularity into account when comparing floating point values Beware of precision loss when converting integral types to floating point ARR34 Arrays Ensure that array types in expressions are compatible ARR35 Arrays Do not allow loops to iterate beyond the end of an array STR30 Characters and Strings Do not attempt to modify string literals STR33 Characters and Strings Size wide character strings correctly STR34 STR36 Characters and Strings Characters and Strings Cast characters to unsigned types before converting to larger integer sizes Do not specify the bound of a character array initialized with a string literal MEM30 Memory Management Do not access freed memory MEM31 Memory Management Free dynamically-allocated memory exactly once MEM32 Memory Management Detect and handle memory allocation errors MEM33 Memory Management Use the correct syntax for flexible array members MEM34 Memory Management Only free memory allocated dynamically MEM35 Memory Management Allocate sufficient memory for an object ENV32 Environment All atexit handlers must return normally SIG30 Signals Call only asynchronous-safe functions within signal handlers SIG32 Signals Do not call longjmp() from inside a signal handler MSC32 Miscellaneous Supported Recommendations Ensure your random number generator is properly seeded The following table summarizes the recommendation-level code practices from the CERT C Programming Language Secure Coding Standard, that are available for use in the static code analysis. In the following table, the recommendation identifier reflects that seen in the Project Options dialog. In the CERT documentation, a -C suffix is used to reflect that the recommendation is part of the CERT C Programming Language Secure Coding Standard, as various other standards exist dealing with

6 other programming languages. Recommendation Identifier PRE01 Section of Standard Preprocessor Recommendation Description Use parentheses within macros around parameter names PRE02 Preprocessor Macro replacement lists should be parenthesized PRE10 Preprocessor Wrap multi-statement macros in a do-while loop PRE11 EXP01 Preprocessor Do not conclude a single statement macro definition with a semi-colon Do not take the size of a pointer to determine the size of the pointed-to type EXP12 Do not ignore values returned by functions ARR01 MEM00 MEM08 Arrays Further Information Memory Management Memory Management Do not apply the sizeof operator to a pointer when taking the size of an array Allocate and free memory in the same module, at the same level of abstraction Use realloc() only to resize dynamicallyallocated arrays Detailed information on the CERT C Programming Language Secure Coding Standard can be found on the CERT Wiki. Source URL:

Synopsys Static Analysis Support for SEI CERT C Coding Standard

Synopsys Static Analysis Support for SEI CERT C Coding Standard Synopsys Static Analysis Support for SEI CERT C Coding Standard Fully ensure the safety, reliability, and security of software written in C The SEI CERT C Coding Standard is a list of rules for writing

More information

CERT C Rules implemented in the LDRA tool suite

CERT C Rules implemented in the LDRA tool suite CERT C Rules implemented in the LDRA tool suite This section lists a snapshot of the CERT C Coding Standard guidelines in 2014 that are automatically checked by version 9.5.1 of the LDRA tool suite. Guidelines

More information

PCB Rules and Violations

PCB Rules and Violations PCB Rules and Violations Old Content - visit altium.com/documentation Modified by on 6-Nov-2013 Parent page: Panels Browse, edit and interactively view design rules and their associated violations. Summary

More information

Coccinelle: Tool support for automated CERT C Secure Coding Standard certification

Coccinelle: Tool support for automated CERT C Secure Coding Standard certification Coccinelle: Tool support for automated CERT C Secure Coding Standard certification Mads Chr. Olesen a, René Rydhof Hansen a,, Julia L. Lawall b, Nicolas Palix b a Department of Computer Science, Aalborg

More information

Review of the C Programming Language for Principles of Operating Systems

Review of the C Programming Language for Principles of Operating Systems Review of the C Programming Language for Principles of Operating Systems Prof. James L. Frankel Harvard University Version of 7:26 PM 4-Sep-2018 Copyright 2018, 2016, 2015 James L. Frankel. All rights

More information

Review of the C Programming Language

Review of the C Programming Language Review of the C Programming Language Prof. James L. Frankel Harvard University Version of 11:55 AM 22-Apr-2018 Copyright 2018, 2016, 2015 James L. Frankel. All rights reserved. Reference Manual for the

More information

Secure Coding Initiative

Secure Coding Initiative Secure Coding Initiative Robert C. Seacord 2010 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE IS FURNISHED ON AN AS-IS" BASIS.

More information

Aalborg Universitet. Published in: Science of Computer Programming. DOI (link to publication from Publisher): /j.scico

Aalborg Universitet. Published in: Science of Computer Programming. DOI (link to publication from Publisher): /j.scico Downloaded from vbn.aau.dk on: marts 27, 2019 Aalborg Universitet Coccinelle Tool support for automated CERT C Secure Coding Standard certification Olesen, Mads Chr.; Hansen, Rene Rydhof; Lawall, Julia

More information

Motor Industry Software Reliability Association (MISRA) C:2012 Standard Mapping of MISRA C:2012 items to Goanna checks

Motor Industry Software Reliability Association (MISRA) C:2012 Standard Mapping of MISRA C:2012 items to Goanna checks Goanna 3.3.2 Standards Data Sheet for MISRA C:2012 misrac2012-datasheet.pdf Motor Industry Software Reliability Association (MISRA) C:2012 Standard Mapping of MISRA C:2012 items to Goanna checks The following

More information

Axivion Bauhaus Suite Technical Factsheet MISRA

Axivion Bauhaus Suite Technical Factsheet MISRA MISRA Contents 1. C... 2 1. Misra C 2004... 2 2. Misra C 2012 (including Amendment 1). 10 3. Misra C 2012 Directives... 18 2. C++... 19 4. Misra C++ 2008... 19 1 / 31 1. C 1. Misra C 2004 MISRA Rule Severity

More information

CS201- Introduction to Programming Current Quizzes

CS201- Introduction to Programming Current Quizzes CS201- Introduction to Programming Current Quizzes Q.1 char name [] = Hello World ; In the above statement, a memory of characters will be allocated 13 11 12 (Ans) Q.2 A function is a block of statements

More information

CSCI 2212: Intermediate Programming / C Review, Chapters 10 and 11

CSCI 2212: Intermediate Programming / C Review, Chapters 10 and 11 ... 1/16 CSCI 2212: Intermediate Programming / C Review, Chapters 10 and 11 Alice E. Fischer February 3, 2016 ... 2/16 Outline Basic Types and Diagrams ... 3/16 Basic Types and Diagrams Types in C C has

More information

CERT-C++:2016 Standards Model Summary for C++

CERT-C++:2016 Standards Model Summary for C++ Version 9.7.1 Copyright 2017 Ltd. CERT-C++:2016 s Model Summary for C++ The tool suite is developed and certified to BS EN ISO 9001:2000 and SGS-TÜV Saar. This information is applicable to version 9.7.1

More information

by Pearson Education, Inc. All Rights Reserved.

by Pearson Education, Inc. All Rights Reserved. Let s improve the bubble sort program of Fig. 6.15 to use two functions bubblesort and swap. Function bubblesort sorts the array. It calls function swap (line 51) to exchange the array elements array[j]

More information

EL6483: Brief Overview of C Programming Language

EL6483: Brief Overview of C Programming Language EL6483: Brief Overview of C Programming Language EL6483 Spring 2016 EL6483 EL6483: Brief Overview of C Programming Language Spring 2016 1 / 30 Preprocessor macros, Syntax for comments Macro definitions

More information

Chapter 2: Introduction to C++

Chapter 2: Introduction to C++ Chapter 2: Introduction to C++ Copyright 2010 Pearson Education, Inc. Copyright Publishing as 2010 Pearson Pearson Addison-Wesley Education, Inc. Publishing as Pearson Addison-Wesley 2.1 Parts of a C++

More information

CODE TIME TECHNOLOGIES. Abassi RTOS MISRA-C:2004. Compliance Report

CODE TIME TECHNOLOGIES. Abassi RTOS MISRA-C:2004. Compliance Report CODE TIME TECHNOLOGIES Abassi RTOS MISRA-C:2004 Compliance Report Copyright Information This document is copyright Code Time Technologies Inc. 2012. All rights reserved. No part of this document may be

More information

Chapter 2: Special Characters. Parts of a C++ Program. Introduction to C++ Displays output on the computer screen

Chapter 2: Special Characters. Parts of a C++ Program. Introduction to C++ Displays output on the computer screen Chapter 2: Introduction to C++ 2.1 Parts of a C++ Program Copyright 2009 Pearson Education, Inc. Copyright 2009 Publishing Pearson as Pearson Education, Addison-Wesley Inc. Publishing as Pearson Addison-Wesley

More information

IAR Embedded Workbench MISRA C:2004. Reference Guide

IAR Embedded Workbench MISRA C:2004. Reference Guide IAR Embedded Workbench MISRA C:2004 Reference Guide COPYRIGHT NOTICE Copyright 2004 2008 IAR Systems. All rights reserved. No part of this document may be reproduced without the prior written consent of

More information

Fundamental Concepts and Definitions

Fundamental Concepts and Definitions Fundamental Concepts and Definitions Identifier / Symbol / Name These terms are synonymous: they refer to the name given to a programming component. Classes, variables, functions, and methods are the most

More information

In Java we have the keyword null, which is the value of an uninitialized reference type

In Java we have the keyword null, which is the value of an uninitialized reference type + More on Pointers + Null pointers In Java we have the keyword null, which is the value of an uninitialized reference type In C we sometimes use NULL, but its just a macro for the integer 0 Pointers are

More information

Lecture 12 Integers. Computer and Network Security 19th of December Computer Science and Engineering Department

Lecture 12 Integers. Computer and Network Security 19th of December Computer Science and Engineering Department Lecture 12 Integers Computer and Network Security 19th of December 2016 Computer Science and Engineering Department CSE Dep, ACS, UPB Lecture 12, Integers 1/40 Outline Data Types Representation Conversions

More information

CSC 211 Intermediate Programming. Arrays & Pointers

CSC 211 Intermediate Programming. Arrays & Pointers CSC 211 Intermediate Programming Arrays & Pointers 1 Definition An array a consecutive group of memory locations that all have the same name and the same type. To create an array we use a declaration statement.

More information

C Programming. Course Outline. C Programming. Code: MBD101. Duration: 10 Hours. Prerequisites:

C Programming. Course Outline. C Programming. Code: MBD101. Duration: 10 Hours. Prerequisites: C Programming Code: MBD101 Duration: 10 Hours Prerequisites: You are a computer science Professional/ graduate student You can execute Linux/UNIX commands You know how to use a text-editing tool You should

More information

This lists all known errors in The C Programming Language, Second Edition, by Brian Kernighan and Dennis Ritchie (Prentice-Hall, 1988).

This lists all known errors in The C Programming Language, Second Edition, by Brian Kernighan and Dennis Ritchie (Prentice-Hall, 1988). Errata for The C Programming Language, Second Edition This lists all known errors in The C Programming Language, Second Edition, by Brian Kernighan and Dennis Ritchie (Prentice-Hall, 1988). The pagination

More information

COMPUTER APPLICATION

COMPUTER APPLICATION Total No. of Printed Pages 16 HS/XII/A.Sc.Com/CAP/14 2 0 1 4 COMPUTER APPLICATION ( Science / Arts / Commerce ) ( Theory ) Full Marks : 70 Time : 3 hours The figures in the margin indicate full marks for

More information

FORM 2 (Please put your name and form # on the scantron!!!!)

FORM 2 (Please put your name and form # on the scantron!!!!) CS 161 Exam 2: FORM 2 (Please put your name and form # on the scantron!!!!) True (A)/False(B) (2 pts each): 1. Recursive algorithms tend to be less efficient than iterative algorithms. 2. A recursive function

More information

CS 261 Fall C Introduction. Variables, Memory Model, Pointers, and Debugging. Mike Lam, Professor

CS 261 Fall C Introduction. Variables, Memory Model, Pointers, and Debugging. Mike Lam, Professor CS 261 Fall 2017 Mike Lam, Professor C Introduction Variables, Memory Model, Pointers, and Debugging The C Language Systems language originally developed for Unix Imperative, compiled language with static

More information

At this time we have all the pieces necessary to allocate memory for an array dynamically. Following our example, we allocate N integers as follows:

At this time we have all the pieces necessary to allocate memory for an array dynamically. Following our example, we allocate N integers as follows: Pointers and Arrays Part II We will continue with our discussion on the relationship between pointers and arrays, and in particular, discuss how arrays with dynamical length can be created at run-time

More information

Fundamental Data Types. CSE 130: Introduction to Programming in C Stony Brook University

Fundamental Data Types. CSE 130: Introduction to Programming in C Stony Brook University Fundamental Data Types CSE 130: Introduction to Programming in C Stony Brook University Program Organization in C The C System C consists of several parts: The C language The preprocessor The compiler

More information

MISRA-C. Subset of the C language for critical systems

MISRA-C. Subset of the C language for critical systems MISRA-C Subset of the C language for critical systems SAFETY-CRITICAL SYSTEMS System is safety-critical if people might die due to software bugs Examples Automobile stability / traction control Medical

More information

CPSC 427: Object-Oriented Programming

CPSC 427: Object-Oriented Programming CPSC 427: Object-Oriented Programming Michael J. Fischer Lecture 12 October 8, 2018 CPSC 427, Lecture 12, October 8, 2018 1/24 Uses of Pointers Feedback on Programming Style CPSC 427, Lecture 12, October

More information

Appendix. Grammar. A.1 Introduction. A.2 Keywords. There is no worse danger for a teacher than to teach words instead of things.

Appendix. Grammar. A.1 Introduction. A.2 Keywords. There is no worse danger for a teacher than to teach words instead of things. A Appendix Grammar There is no worse danger for a teacher than to teach words instead of things. Marc Block Introduction keywords lexical conventions programs expressions statements declarations declarators

More information

4. Inputting data or messages to a function is called passing data to the function.

4. Inputting data or messages to a function is called passing data to the function. Test Bank for A First Book of ANSI C 4th Edition by Bronson Link full download test bank: http://testbankcollection.com/download/test-bank-for-a-first-book-of-ansi-c-4th-edition -by-bronson/ Link full

More information

LECTURE 02 INTRODUCTION TO C++

LECTURE 02 INTRODUCTION TO C++ PowerPoint Slides adapted from *Starting Out with C++: From Control Structures through Objects, 7/E* by *Tony Gaddis* Copyright 2012 Pearson Education Inc. COMPUTER PROGRAMMING LECTURE 02 INTRODUCTION

More information

Lecture 9 Assertions and Error Handling CS240

Lecture 9 Assertions and Error Handling CS240 Lecture 9 Assertions and Error Handling CS240 The C preprocessor The C compiler performs Macro expansion and directive handling Preprocessing directive lines, including file inclusion and conditional compilation,

More information

The SPL Programming Language Reference Manual

The SPL Programming Language Reference Manual The SPL Programming Language Reference Manual Leonidas Fegaras University of Texas at Arlington Arlington, TX 76019 fegaras@cse.uta.edu February 27, 2018 1 Introduction The SPL language is a Small Programming

More information

[0569] p 0318 garbage

[0569] p 0318 garbage A Pointer is a variable which contains the address of another variable. Declaration syntax: Pointer_type *pointer_name; This declaration will create a pointer of the pointer_name which will point to the

More information

Declaring Pointers. Declaration of pointers <type> *variable <type> *variable = initial-value Examples:

Declaring Pointers. Declaration of pointers <type> *variable <type> *variable = initial-value Examples: 1 Programming in C Pointer Variable A variable that stores a memory address Allows C programs to simulate call-by-reference Allows a programmer to create and manipulate dynamic data structures Must be

More information

Important From Last Time

Important From Last Time Important From Last Time Volatile is tricky To write correct embedded C and C++, you have to understand what volatile does and does not do Ø What is the guarantee that it provides? Don t make the 8 mistakes

More information

Getting started with Java

Getting started with Java Getting started with Java Magic Lines public class MagicLines { public static void main(string[] args) { } } Comments Comments are lines in your code that get ignored during execution. Good for leaving

More information

CS 376b Computer Vision

CS 376b Computer Vision CS 376b Computer Vision 09 / 25 / 2014 Instructor: Michael Eckmann Today s Topics Questions? / Comments? Enhancing images / masks Cross correlation Convolution C++ Cross-correlation Cross-correlation involves

More information

EXP54-CPP. Do not access an object outside of its lifetime

EXP54-CPP. Do not access an object outside of its lifetime EXP54-CPP. Do not access an object outside of its lifetime Every object has a lifetime in which it can be used in a well-defined manner. The lifetime of an object begins when sufficient, properly aligned

More information

Fundamentals of Programming Session 20

Fundamentals of Programming Session 20 Fundamentals of Programming Session 20 Instructor: Reza Entezari-Maleki Email: entezari@ce.sharif.edu 1 Fall 2013 These slides have been created using Deitel s slides Sharif University of Technology Outlines

More information

The New C Standard (Excerpted material)

The New C Standard (Excerpted material) The New C Standard (Excerpted material) An Economic and Cultural Derek M. Jones derek@knosof.co.uk Copyright 2002-2008 Derek M. Jones. All rights reserved. 1103 6.5.3.3 Unary arithmetic operators 6.5.3.3

More information

C How to Program, 6/e by Pearson Education, Inc. All Rights Reserved.

C How to Program, 6/e by Pearson Education, Inc. All Rights Reserved. C How to Program, 6/e 1992-2010 by Pearson Education, Inc. 1992-2010 by Pearson Education, Inc. 1992-2010 by Pearson Education, Inc. This chapter serves as an introduction to the important topic of data

More information

2.1. Chapter 2: Parts of a C++ Program. Parts of a C++ Program. Introduction to C++ Parts of a C++ Program

2.1. Chapter 2: Parts of a C++ Program. Parts of a C++ Program. Introduction to C++ Parts of a C++ Program Chapter 2: Introduction to C++ 2.1 Parts of a C++ Program Copyright 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 2-1 Parts of a C++ Program Parts of a C++ Program // sample C++ program

More information

5.Coding for 64-Bit Programs

5.Coding for 64-Bit Programs Chapter 5 5.Coding for 64-Bit Programs This chapter provides information about ways to write/update your code so that you can take advantage of the Silicon Graphics implementation of the IRIX 64-bit operating

More information

JScript Reference. Contents

JScript Reference. Contents JScript Reference Contents Exploring the JScript Language JScript Example Altium Designer and Borland Delphi Run Time Libraries Server Processes JScript Source Files PRJSCR, JS and DFM files About JScript

More information

C Legacy Code Topics. Objectives. In this appendix you ll:

C Legacy Code Topics. Objectives. In this appendix you ll: cppfp2_appf_legacycode.fm Page 1 Monday, March 25, 2013 3:44 PM F C Legacy Code Topics Objectives In this appendix you ll: Redirect keyboard input to come from a file and redirect screen output to a file.

More information

Lecture 2 Tao Wang 1

Lecture 2 Tao Wang 1 Lecture 2 Tao Wang 1 Objectives In this chapter, you will learn about: Modular programs Programming style Data types Arithmetic operations Variables and declaration statements Common programming errors

More information

C Introduction. Comparison w/ Java, Memory Model, and Pointers

C Introduction. Comparison w/ Java, Memory Model, and Pointers CS 261 Fall 2018 Mike Lam, Professor C Introduction Comparison w/ Java, Memory Model, and Pointers Please go to socrative.com on your phone or laptop, choose student login and join room LAMJMU The C Language

More information

18-642: Code Style for Compilers

18-642: Code Style for Compilers 18-642: Code Style for Compilers 9/25/2017 1 Anti-Patterns: Coding Style: Language Use Code compiles with warnings Warnings are turned off or over-ridden Insufficient warning level set Language safety

More information

Lecture 2: C Programming Basic

Lecture 2: C Programming Basic ECE342 Introduction to Embedded Systems Lecture 2: C Programming Basic Ying Tang Electrical and Computer Engineering Rowan University 1 Facts about C C was developed in 1972 in order to write the UNIX

More information

Java Primer 1: Types, Classes and Operators

Java Primer 1: Types, Classes and Operators Java Primer 1 3/18/14 Presentation for use with the textbook Data Structures and Algorithms in Java, 6th edition, by M. T. Goodrich, R. Tamassia, and M. H. Goldwasser, Wiley, 2014 Java Primer 1: Types,

More information

ATOMS. 3.1 Interface. The Atom interface is simple: atom.h #ifndef ATOM_INCLUDED #define ATOM_INCLUDED

ATOMS. 3.1 Interface. The Atom interface is simple: atom.h #ifndef ATOM_INCLUDED #define ATOM_INCLUDED 3 ATOMS An atom is a pointer to a unique, immutable sequence of zero or more arbitrary bytes. Most atoms are pointers to null-terminated strings, but a pointer to any sequence of bytes can be an atom.

More information

Axivion Bauhaus Suite Technical Factsheet AUTOSAR

Axivion Bauhaus Suite Technical Factsheet AUTOSAR Version 6.9.1 upwards Axivion Bauhaus Suite Technical Factsheet AUTOSAR Version 6.9.1 upwards Contents 1. C++... 2 1. Autosar C++14 Guidelines (AUTOSAR 17.03)... 2 2. Autosar C++14 Guidelines (AUTOSAR

More information

Security Coding Module - Buffer Overflow Data Gone Wild CS1

Security Coding Module - Buffer Overflow Data Gone Wild CS1 Security Coding Module - Buffer Overflow Data Gone Wild CS1 Background Summary: Buffer overflow occurs when data is input or written beyond the allocated bounds of an buffer, array, or other object causing

More information

Chapter 14 - Advanced C Topics

Chapter 14 - Advanced C Topics Chapter 14 - Advanced C Topics Outline 14.1 Introduction 14.2 Redirecting Input/Output on UNIX and DOS Systems 14.3 Variable-Length Argument Lists 14.4 Using Command-Line Arguments 14.5 Notes on Compiling

More information

Ch. 3: The C in C++ - Continued -

Ch. 3: The C in C++ - Continued - Ch. 3: The C in C++ - Continued - QUIZ What are the 3 ways a reference can be passed to a C++ function? QUIZ True or false: References behave like constant pointers with automatic dereferencing. QUIZ What

More information

Cpt S 122 Data Structures. Introduction to C++ Part II

Cpt S 122 Data Structures. Introduction to C++ Part II Cpt S 122 Data Structures Introduction to C++ Part II Nirmalya Roy School of Electrical Engineering and Computer Science Washington State University Topics Objectives Defining class with a member function

More information

M4.1-R3: PROGRAMMING AND PROBLEM SOLVING THROUGH C LANGUAGE

M4.1-R3: PROGRAMMING AND PROBLEM SOLVING THROUGH C LANGUAGE M4.1-R3: PROGRAMMING AND PROBLEM SOLVING THROUGH C LANGUAGE NOTE: 1. There are TWO PARTS in this Module/Paper. PART ONE contains FOUR questions and PART TWO contains FIVE questions. 2. PART ONE is to be

More information

printf( Please enter another number: ); scanf( %d, &num2);

printf( Please enter another number: ); scanf( %d, &num2); CIT 593 Intro to Computer Systems Lecture #13 (11/1/12) Now that we've looked at how an assembly language program runs on a computer, we're ready to move up a level and start working with more powerful

More information

Libgdb. Version 0.3 Oct Thomas Lord

Libgdb. Version 0.3 Oct Thomas Lord Libgdb Version 0.3 Oct 1993 Thomas Lord Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies.

More information

Structure of this course. C and C++ Past Exam Questions. Text books

Structure of this course. C and C++ Past Exam Questions. Text books Structure of this course C and C++ 1. Types Variables Expressions & Statements Alastair R. Beresford University of Cambridge Lent Term 2008 Programming in C: types, variables, expressions & statements

More information

C Language Programming

C Language Programming Experiment 2 C Language Programming During the infancy years of microprocessor based systems, programs were developed using assemblers and fused into the EPROMs. There used to be no mechanism to find what

More information

COAL (COmplex Arithmetic Language) Reference Manual

COAL (COmplex Arithmetic Language) Reference Manual COAL (COmplex Arithmetic Language) Reference Manual March 09, 2009 COMS W4115 Eliot Scull (CVN) e.scull@computer.org 1 Introduction This manual describes the COAL language (COmplex Arithmetic Language)

More information

In the CERTAINTY project, an application is defined as a network of independent processes with the following features:

In the CERTAINTY project, an application is defined as a network of independent processes with the following features: C/C++ Coding Guide G. Giannopoulou, P. Huang, N. Stoimenov, L. Thiele April 15, 2014 This document describes how to program DOL-Critical applications using C/C++ as programming language. To be able to

More information

Published on Online Documentation for Altium Products (https://www.altium.com/documentation)

Published on Online Documentation for Altium Products (https://www.altium.com/documentation) Published on Online Documentation for Altium Products (https://www.altium.com/documentation) Home > Sheet Symbol Using Altium Documentation Modified by Susan Riege on Apr 11, 2017 Parent page: Schematic

More information

Computers Programming Course 5. Iulian Năstac

Computers Programming Course 5. Iulian Năstac Computers Programming Course 5 Iulian Năstac Recap from previous course Classification of the programming languages High level (Ada, Pascal, Fortran, etc.) programming languages with strong abstraction

More information

Function Call Stack and Activation Records

Function Call Stack and Activation Records 71 Function Call Stack and Activation Records To understand how C performs function calls, we first need to consider a data structure (i.e., collection of related data items) known as a stack. Students

More information

Page 1. Stuff. Last Time. Today. Safety-Critical Systems MISRA-C. Terminology. Interrupts Inline assembly Intrinsics

Page 1. Stuff. Last Time. Today. Safety-Critical Systems MISRA-C. Terminology. Interrupts Inline assembly Intrinsics Stuff Last Time Homework due next week Lab due two weeks from today Questions? Interrupts Inline assembly Intrinsics Today Safety-Critical Systems MISRA-C Subset of C language for critical systems System

More information

MISRA-C:2012 Standards Model Summary for C / C++

MISRA-C:2012 Standards Model Summary for C / C++ Version 9.7.1 Copyright 2017 Ltd. MISRA-C:2012 s Model Summary for C / C++ The tool suite is developed and certified to BS EN ISO 9001:2000 and SGS-TÜV Saar. This information is applicable to version 9.7.1

More information

High Performance Computing in C and C++

High Performance Computing in C and C++ High Performance Computing in C and C++ Rita Borgo Computer Science Department, Swansea University Summary Introduction to C Writing a simple C program Compiling a simple C program Running a simple C program

More information

COMPILER DESIGN LECTURE NOTES

COMPILER DESIGN LECTURE NOTES COMPILER DESIGN LECTURE NOTES UNIT -1 1.1 OVERVIEW OF LANGUAGE PROCESSING SYSTEM 1.2 Preprocessor A preprocessor produce input to compilers. They may perform the following functions. 1. Macro processing:

More information

CSc 10200! Introduction to Computing. Lecture 2-3 Edgardo Molina Fall 2013 City College of New York

CSc 10200! Introduction to Computing. Lecture 2-3 Edgardo Molina Fall 2013 City College of New York CSc 10200! Introduction to Computing Lecture 2-3 Edgardo Molina Fall 2013 City College of New York 1 C++ for Engineers and Scientists Third Edition Chapter 2 Problem Solving Using C++ 2 Objectives In this

More information

Fundamentals of Programming Session 19

Fundamentals of Programming Session 19 Fundamentals of Programming Session 19 Instructor: Reza Entezari-Maleki Email: entezari@ce.sharif.edu 1 Fall 2013 These slides have been created using Deitel s slides Sharif University of Technology Outlines

More information

Overview of C. Basic Data Types Constants Variables Identifiers Keywords Basic I/O

Overview of C. Basic Data Types Constants Variables Identifiers Keywords Basic I/O Overview of C Basic Data Types Constants Variables Identifiers Keywords Basic I/O NOTE: There are six classes of tokens: identifiers, keywords, constants, string literals, operators, and other separators.

More information

Arrays. Returning arrays Pointers Dynamic arrays Smart pointers Vectors

Arrays. Returning arrays Pointers Dynamic arrays Smart pointers Vectors Arrays Returning arrays Pointers Dynamic arrays Smart pointers Vectors To declare an array specify the type, its name, and its size in []s int arr1[10]; //or int arr2[] = {1,2,3,4,5,6,7,8}; arr2 has 8

More information

CERTIFICATE IN WEB PROGRAMMING

CERTIFICATE IN WEB PROGRAMMING COURSE DURATION: 6 MONTHS CONTENTS : CERTIFICATE IN WEB PROGRAMMING 1. PROGRAMMING IN C and C++ Language 2. HTML/CSS and JavaScript 3. PHP and MySQL 4. Project on Development of Web Application 1. PROGRAMMING

More information

Lecture Notes on Generic Data Structures

Lecture Notes on Generic Data Structures Lecture Notes on Generic Data Structures 15-122: Principles of Imperative Computation Frank Pfenning Lecture 22 November 15, 2012 1 Introduction Using void* to represent pointers to values of arbitrary

More information

(heavily based on last year s notes (Andrew Moore) with thanks to Alastair R. Beresford. 1. Types Variables Expressions & Statements 2/23

(heavily based on last year s notes (Andrew Moore) with thanks to Alastair R. Beresford. 1. Types Variables Expressions & Statements 2/23 Structure of this course Programming in C: types, variables, expressions & statements functions, compilation, pre-processor pointers, structures extended examples, tick hints n tips Programming in C++:

More information

C Syntax Out: 15 September, 1995

C Syntax Out: 15 September, 1995 Burt Rosenberg Math 220/317: Programming II/Data Structures 1 C Syntax Out: 15 September, 1995 Constants. Integer such as 1, 0, 14, 0x0A. Characters such as A, B, \0. Strings such as "Hello World!\n",

More information

Guidelines for Writing C Code

Guidelines for Writing C Code Guidelines for Writing C Code Issue 01-bugfix Martin Becker Institute for Real-Time Computer Systems (RCS) Technische Universität München becker@rcs.ei.tum.de June 9, 2014 Contents 1 Introduction 1 2 Pragmatic

More information

CS201 Some Important Definitions

CS201 Some Important Definitions CS201 Some Important Definitions For Viva Preparation 1. What is a program? A program is a precise sequence of steps to solve a particular problem. 2. What is a class? We write a C++ program using data

More information

Fundamentals of Programming. Lecture 3: Introduction to C Programming

Fundamentals of Programming. Lecture 3: Introduction to C Programming Fundamentals of Programming Lecture 3: Introduction to C Programming Instructor: Fatemeh Zamani f_zamani@ce.sharif.edu Sharif University of Technology Computer Engineering Department Outline A Simple C

More information

C Language Part 1 Digital Computer Concept and Practice Copyright 2012 by Jaejin Lee

C Language Part 1 Digital Computer Concept and Practice Copyright 2012 by Jaejin Lee C Language Part 1 (Minor modifications by the instructor) References C for Python Programmers, by Carl Burch, 2011. http://www.toves.org/books/cpy/ The C Programming Language. 2nd ed., Kernighan, Brian,

More information

9/5/2018. Overview. The C Programming Language. Transitioning to C from Python. Why C? Hello, world! Programming in C

9/5/2018. Overview. The C Programming Language. Transitioning to C from Python. Why C? Hello, world! Programming in C Overview The C Programming Language (with material from Dr. Bin Ren, William & Mary Computer Science) Motivation Hello, world! Basic Data Types Variables Arithmetic Operators Relational Operators Assignments

More information

3. Except for strings, double quotes, identifiers, and keywords, C++ ignores all white space.

3. Except for strings, double quotes, identifiers, and keywords, C++ ignores all white space. Chapter 2: Problem Solving Using C++ TRUE/FALSE 1. Modular programs are easier to develop, correct, and modify than programs constructed in some other manner. ANS: T PTS: 1 REF: 45 2. One important requirement

More information

Static Analysis in C/C++ code with Polyspace

Static Analysis in C/C++ code with Polyspace 1 Static Analysis in C/C++ code with Polyspace Yongchool Ryu Application Engineer gary.ryu@mathworks.com 2016 The MathWorks, Inc. 2 Agenda Efficient way to find problems in Software Category of Static

More information

Word Introduction SBCUSD IT Training Program. Word Introduction. Page Setup, Paragraph Attributes, Printing and More.

Word Introduction SBCUSD IT Training Program. Word Introduction. Page Setup, Paragraph Attributes, Printing and More. SBCUSD IT Training Program Word Introduction Page Setup, Paragraph Attributes, Printing and More Revised 2/15/2018 SBCUSD IT Training Page 1 CONTENTS Cursor Movement... 4 Selecting Text... 5 Font/Typeset

More information

C and C++ Secure Coding 4-day course. Syllabus

C and C++ Secure Coding 4-day course. Syllabus C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course

More information

Chapter 1 GETTING STARTED. SYS-ED/ Computer Education Techniques, Inc.

Chapter 1 GETTING STARTED. SYS-ED/ Computer Education Techniques, Inc. Chapter 1 GETTING STARTED SYS-ED/ Computer Education Techniques, Inc. Objectives You will learn: Java platform. Applets and applications. Java programming language: facilities and foundation. Memory management

More information

Programming in C and C++

Programming in C and C++ Programming in C and C++ 1. Types Variables Expressions & Statements Dr. Anil Madhavapeddy University of Cambridge (based on previous years thanks to Alan Mycroft, Alastair Beresford and Andrew Moore)

More information

The C Programming Language. (with material from Dr. Bin Ren, William & Mary Computer Science)

The C Programming Language. (with material from Dr. Bin Ren, William & Mary Computer Science) The C Programming Language (with material from Dr. Bin Ren, William & Mary Computer Science) 1 Overview Motivation Hello, world! Basic Data Types Variables Arithmetic Operators Relational Operators Assignments

More information

Sprite an animation manipulation language Language Reference Manual

Sprite an animation manipulation language Language Reference Manual Sprite an animation manipulation language Language Reference Manual Team Leader Dave Smith Team Members Dan Benamy John Morales Monica Ranadive Table of Contents A. Introduction...3 B. Lexical Conventions...3

More information

advanced data types (2) typedef. today advanced data types (3) enum. mon 23 sep 2002 defining your own types using typedef

advanced data types (2) typedef. today advanced data types (3) enum. mon 23 sep 2002 defining your own types using typedef today advanced data types (1) typedef. mon 23 sep 2002 homework #1 due today homework #2 out today quiz #1 next class 30-45 minutes long one page of notes topics: C advanced data types dynamic memory allocation

More information

UNIT- 3 Introduction to C++

UNIT- 3 Introduction to C++ UNIT- 3 Introduction to C++ C++ Character Sets: Letters A-Z, a-z Digits 0-9 Special Symbols Space + - * / ^ \ ( ) [ ] =!= . $, ; : %! &? _ # = @ White Spaces Blank spaces, horizontal tab, carriage

More information

PIC 10A Pointers, Arrays, and Dynamic Memory Allocation. Ernest Ryu UCLA Mathematics

PIC 10A Pointers, Arrays, and Dynamic Memory Allocation. Ernest Ryu UCLA Mathematics PIC 10A Pointers, Arrays, and Dynamic Memory Allocation Ernest Ryu UCLA Mathematics Pointers A variable is stored somewhere in memory. The address-of operator & returns the memory address of the variable.

More information

C++ Undefined Behavior

C++ Undefined Behavior C++ Undefined Behavior What is it, and why should I care? A presentation originally by Marshal Clow Original: https://www.youtube.com/watch?v=uhclkb1vkay Original Slides: https://github.com/boostcon/cppnow_presentations_2014/blob/master/files/undefined-behavior.pdf

More information