Synopsys Static Analysis Support for SEI CERT C Coding Standard
|
|
- Sheryl Chandler
- 6 years ago
- Views:
Transcription
1 Synopsys Static Analysis Support for SEI CERT C Coding Standard Fully ensure the safety, reliability, and security of software written in C The SEI CERT C Coding Standard is a list of rules for writing secure code in the C programming language. It is an important milestone in introducing best practices for ensuring the safety, reliability, security, and integrity of software written in C. Notably, the standard is designed to be enforceable by software code analyzers using static analysis techniques. This greatly reduces the cost of compliance by way of automation. Adhering to coding standards is a crucial step in establishing best coding practices. This is particularly important in safety-critical, high-impact industries, such as automotive, medical, and networking. Software defects in products coming from these industries manifest themselves physically and tangibly often with lifethreatening consequences. Synopsys provides a comprehensive solution for the SEI CERT C Coding Standard. Synopsys Static Analysis (Coverity) implements the Rules category within the CERT C standard, as well as methods for managing violations and reporting on them. SEI CERT C Coding Standard (201 Edition) The SEI CERT C Coding Standard was developed specifically for the following versions of the C language: ISO/IEC 9899:2011: Information Technology Programming Languages C, rd ed. ISO/IEC 9899:2011/Cor 1:2012: Information Technology Programming Languages C Technical Corrigendum 1 These versions are commonly referred to as the C11 standard. The CERT C rules may also be applied to earlier versions of the C language, such as C99. The 201 edition of the CERT C standard contains 99 coding rules and reflects the C rules available on the CERT Secure Coding wiki as of March 0, 201. The CERT Secure Coding wiki is found here: SEI+CERT+C+Coding+Standard The SEI CERT C Coding Standard (201 Edition) may be obtained here: The CERT C wiki also documents 18 recommendations and two platform-specific annexes (POSIX and Windows). The recommendations and annexes are not part of the core secure coding standard. synopsys.com
2 coverage PRE Rules Section % coverage Supported All All DCL 8 8 EXP INT FLP ARR STR MEM FIO 1 1 ENV SIG 4 4 ERR CON MSC Supported rules Rule ARR0-C ARR2-C ARR-C ARR-C ARR8-C ARR9-C CON0-C CON1-C CON2-C CON-C CON4-C CON-C CON-C Do not form or use out-of-bounds pointers or array subscripts Ensure size arguments for variable length arrays are in a valid range Do not subtract or compare two pointers that do not refer to the same array Do not add or subtract an integer to a pointer to a non-array object Guarantee that library functions do not form invalid pointers Do not add or subtract a scaled integer to a pointer Clean up thread-specific storage Do not destroy a mutex while it is locked Prevent data races when accessing bit-fields from multiple threads Avoid race conditions when using library functions Declare objects shared between threads with appropriate storage durations Avoid deadlock by locking in a predefined order Wrap functions that can spuriously wake up in a loop
3 CON-C CON8-C CON9-C CON40-C CON41-C DCL0-C DCL1-C DCL-C DCL-C DCL8-C DCL9-C DCL40-C DCL41-C ENV0-C ENV1-C ENV2-C ENV-C ENV4-C ERR0-C ERR2-C ERR-C EXP0-C EXP2-C EXP-C EXP4-C EXP-C EXP-C EXP-C EXP9-C EXP40-C EXP42-C EXP4-C EXP44-C EXP4-C Do not call signal() in a multithreaded program Preserve thread safety and liveness when using condition variables Do not join or detach a thread that was previously joined or detached Do not refer to an atomic variable twice in an expression Wrap functions that can fail spuriously in a loop Declare objects with appropriate storage durations Declare identifiers before using them Do not declare an identifier with conflicting linkage classifications Do not declare or define a reserved identifier Use the correct syntax when declaring a flexible array member Avoid information leakage when passing a structure across a trust boundary Do not create incompatible declarations of the same function or object Do not declare variables inside a switch statement before the first case label Do not modify the object referenced by the return value of certain functions Do not rely on an environment pointer following an operation that may invalidate it All exit handlers must return normally Do not call system() Do not store pointers returned by certain functions Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure Do not rely on indeterminate values of errno Detect and handle standard library errors Do not depend on the order of evaluation for side effects Do not access a volatile object through a nonvolatile reference Do not read uninitialized memory Do not dereference null pointers Do not modify objects with temporary lifetime Do not cast pointers into more strictly aligned pointer types Call functions with the correct number and type of arguments Do not access a variable through a pointer of an incompatible type Do not modify constant objects Do not compare padding data Avoid undefined behavior when using restrict-qualified pointers Do not rely on side effects in operands to sizeof, _Alignof, or _Generic Do not perform assignments in selection statements
4 EXP4-C FIO0-C FIO2-C FIO4-C FIO-C FIO8-C FIO9-C FIO40-C FIO41-C FIO42-C FIO44-C FIO4-C FIO4-C FIO4-C FLP0-C FLP2-C FLP4-C FLP-C FLP-C INT0-C INT1-C INT2-C INT-C INT4-C INT-C INT-C MEM0-C MEM1-C MEM-C MEM4-C MEM-C MEM-C MSC0-C MSC2-C Do not use a bitwise operator with a Boolean-like operand Exclude user input from format strings Do not perform operations on devices that are only appropriate for files Distinguish between characters read from a file and EOF or WEOF Do not assume that fgets() or fgetws() returns a nonempty string when successful Do not copy a FILE object Do not alternately input and output from a stream without an intervening flush or positioning call Reset strings on fgets() or fgetws() failure Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects Close files when they are no longer needed Only use values for fsetpos() that are returned from fgetpos() Avoid TOCTOU race conditions while accessing files Do not access a closed file Use valid format strings Do not use floating-point variables as loop counters Prevent or detect domain and range errors in math functions Ensure that floating-point conversions are within range of the new type Preserve precision when converting integral values to floating-point type Do not use object representations to compare floating-point values Ensure that unsigned integer operations do not wrap Ensure that integer conversions do not result in lost or misinterpreted data Ensure that operations on signed integers do not result in overflow Ensure that division and remainder operations do not result in divide-by-zero errors Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand Use correct integer precisions Converting a pointer to integer or integer to pointer Do not access freed memory Free dynamically allocated memory when no longer needed Allocate and copy structures containing a flexible array member dynamically Only free memory allocated dynamically Allocate sufficient memory for an object Do not modify the alignment of objects by calling realloc() Do not use the rand() function for generating pseudorandom numbers Properly seed pseudorandom number generators
5 MSC-C MSC-C MSC8-C MSC9-C MSC40-C PRE0-C PRE1-C PRE2-C SIG0-C SIG1-C SIG4-C SIG-C STR0-C STR1-C STR2-C STR4-C STR-C STR8-C Do not pass invalid data to the asctime() function Ensure that control never reaches the end of a non-void function Do not treat a predefined identifier as an object if it might only be implemented as a macro Do not call va_arg() on a va_list that has an indeterminate value Do not violate constraints Do not create a universal character name through concatenation Avoid side effects in arguments to unsafe macros Do not use preprocessor directives in invocations of function-like macros Call only asynchronous-safe functions within signal handlers Do not access shared objects in signal handlers Do not call signal() from within interruptible signal handlers Do not return from a computational exception signal handler Do not attempt to modify string literals Guarantee that storage for strings has sufficient space for character data and the null terminator Do not pass a non-null-terminated character sequence to a library function that expects a string Cast characters to unsigned char before converting to larger integer sizes Arguments to character-handling functions must be representable as an unsigned char Do not confuse narrow and wide character strings and functions The Synopsys difference Synopsys offers the most comprehensive solution for building integrity security and quality into your SDLC and supply chain. We ve united leading testing technologies, automated analysis, and experts to create a robust portfolio of products and services. This portfolio enables companies to develop customized programs for detecting and remediating defects and vulnerabilities early in the development process, minimizing risk and maximizing productivity. Synopsys, a recognized leader in application security testing, is uniquely positioned to adapt and apply best practices to new technologies and trends such as IoT, DevOps, CI/CD, and the Cloud. We don t stop when the test is over. We offer onboarding and deployment assistance, targeted remediation guidance, and a variety of training solutions that empower you to optimize your investment. Whether you re just starting your journey or well on your way, our platform will help ensure the integrity of the applications that power your business. For more information go to Synopsys, Inc. 18 Berry Street, Suite 00 San Francisco, CA 9410 USA U.S. Sales: International Sales: sig-info@synopsys.com 2018 Synopsys, Inc. All rights reserved. Synopsys is a trademark of Synopsys, Inc. in the United States and other countries. A list of Synopsys trademarks is available at All other names mentioned herein are trademarks or registered trademarks of their respective owners. 01/10/18.DS_CERT_
CERT C Rules implemented in the LDRA tool suite
CERT C Rules implemented in the LDRA tool suite This section lists a snapshot of the CERT C Coding Standard guidelines in 2014 that are automatically checked by version 9.5.1 of the LDRA tool suite. Guidelines
More informationStatic Code Analysis - CERT C Secure Code Checking
Static Code Analysis - CERT C Secure Code Checking Frozen Content Modified by on 6-Nov-2013 Related Videos CERT Code Checking The high-level C code written for an embedded software project can sometimes
More informationCERT-C++:2016 Standards Model Summary for C++
Version 9.7.1 Copyright 2017 Ltd. CERT-C++:2016 s Model Summary for C++ The tool suite is developed and certified to BS EN ISO 9001:2000 and SGS-TÜV Saar. This information is applicable to version 9.7.1
More informationCoverity Static Analysis Support for MISRA Coding Standards
Coverity Static Analysis Support for MISRA Coding Standards Fully ensure the safety, reliability, and security of software written in C and C++ Overview Software is eating the world. Industries that have
More informationSecure Coding Initiative
Secure Coding Initiative Robert C. Seacord 2010 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE IS FURNISHED ON AN AS-IS" BASIS.
More informationComputer Security. Robust and secure programming in C. Marius Minea. 12 October 2017
Computer Security Robust and secure programming in C Marius Minea marius@cs.upt.ro 12 October 2017 In this lecture Write correct code minimizing risks with proper error handling avoiding security pitfalls
More informationLecture 12 Integers. Computer and Network Security 19th of December Computer Science and Engineering Department
Lecture 12 Integers Computer and Network Security 19th of December 2016 Computer Science and Engineering Department CSE Dep, ACS, UPB Lecture 12, Integers 1/40 Outline Data Types Representation Conversions
More informationCoccinelle: Tool support for automated CERT C Secure Coding Standard certification
Coccinelle: Tool support for automated CERT C Secure Coding Standard certification Mads Chr. Olesen a, René Rydhof Hansen a,, Julia L. Lawall b, Nicolas Palix b a Department of Computer Science, Aalborg
More informationIntroduction to Information Security. Secure Coding Sang Kil Cha
Introduction to Information Security Secure Coding Sang Kil Cha 1 Defensive Programming Making the software behave in a predictable manner despite unexpected inputs or user actions *. Secure coding is
More informationMotor Industry Software Reliability Association (MISRA) C:2012 Standard Mapping of MISRA C:2012 items to Goanna checks
Goanna 3.3.2 Standards Data Sheet for MISRA C:2012 misrac2012-datasheet.pdf Motor Industry Software Reliability Association (MISRA) C:2012 Standard Mapping of MISRA C:2012 items to Goanna checks The following
More informationC Programming. Course Outline. C Programming. Code: MBD101. Duration: 10 Hours. Prerequisites:
C Programming Code: MBD101 Duration: 10 Hours Prerequisites: You are a computer science Professional/ graduate student You can execute Linux/UNIX commands You know how to use a text-editing tool You should
More informationAalborg Universitet. Published in: Science of Computer Programming. DOI (link to publication from Publisher): /j.scico
Downloaded from vbn.aau.dk on: marts 27, 2019 Aalborg Universitet Coccinelle Tool support for automated CERT C Secure Coding Standard certification Olesen, Mads Chr.; Hansen, Rene Rydhof; Lawall, Julia
More informationAxivion Bauhaus Suite Technical Factsheet MISRA
MISRA Contents 1. C... 2 1. Misra C 2004... 2 2. Misra C 2012 (including Amendment 1). 10 3. Misra C 2012 Directives... 18 2. C++... 19 4. Misra C++ 2008... 19 1 / 31 1. C 1. Misra C 2004 MISRA Rule Severity
More informationCategory (see the category tab) Comment and rationale Proposed new text Record of Response. Initials #
ISO/IEC JTC 1/SC 22/WG 14 N1662 - Commenting Template To submit your comments, submit this spreadsheet using a filename with the following format: FML-yymmdd.xls where "FML" is your Commen Com Rule Subsectio
More informationCODE TIME TECHNOLOGIES. Abassi RTOS MISRA-C:2004. Compliance Report
CODE TIME TECHNOLOGIES Abassi RTOS MISRA-C:2004 Compliance Report Copyright Information This document is copyright Code Time Technologies Inc. 2012. All rights reserved. No part of this document may be
More informationIntroduction. Background. Document: WG 14/N1619. Text for comment WFW-1 of N1618
Document: WG 14/N1619 Text for comment WFW-1 of N1618 Introduction Background An essential element of secure coding in the C programming language is a set of well-documented and enforceable coding rules.
More informationStatic Analysis in C/C++ code with Polyspace
1 Static Analysis in C/C++ code with Polyspace Yongchool Ryu Application Engineer gary.ryu@mathworks.com 2016 The MathWorks, Inc. 2 Agenda Efficient way to find problems in Software Category of Static
More informationContents of Lecture 3
Contents of Lecture 3 Repetition of matrices double a[3][4]; double* b; double** c; Terminology Linkage Types Conversions Jonas Skeppstedt (js@cs.lth.se) Lecture 3 2014 1 / 33 A global matrix: double a[3][4]
More informationSOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE
Software Quality Objectives Page 1/21 Version 2.0 SOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE The MathWorks 2 rue de Paris 92196 Meudon France 01 41 14 87 00 http://www.mathworks.fr Revision table Index
More informationChapter 14 - Advanced C Topics
Chapter 14 - Advanced C Topics Outline 14.1 Introduction 14.2 Redirecting Input/Output on UNIX and DOS Systems 14.3 Variable-Length Argument Lists 14.4 Using Command-Line Arguments 14.5 Notes on Compiling
More informationProgramming languages - C
INTERNATIONAL STANDARD ISO/IEC 9899:1990 TECHNICAL CORRIGENDUM 1 Published 1994-09-15 Corrected and reprinted 1995-09-I 5 INTERNATIONAL ORGANIZATION FOR STANDARDIZATION*ME~~YHAPO~HAfl OPTAHM3ALWlfl I-IO
More informationMISRA-C:2012 Standards Model Summary for C / C++
Version 9.7.1 Copyright 2017 Ltd. MISRA-C:2012 s Model Summary for C / C++ The tool suite is developed and certified to BS EN ISO 9001:2000 and SGS-TÜV Saar. This information is applicable to version 9.7.1
More informationSystems Programming. 08. Standard I/O Library. Alexander Holupirek
Systems Programming 08. Standard I/O Library Alexander Holupirek Database and Information Systems Group Department of Computer & Information Science University of Konstanz Summer Term 2008 Last lecture:
More informationEXP54-CPP. Do not access an object outside of its lifetime
EXP54-CPP. Do not access an object outside of its lifetime Every object has a lifetime in which it can be used in a well-defined manner. The lifetime of an object begins when sufficient, properly aligned
More informationComputers Programming Course 6. Iulian Năstac
Computers Programming Course 6 Iulian Năstac Recap from previous course Data types four basic arithmetic type specifiers: char int float double void optional specifiers: signed, unsigned short long 2 Recap
More informationIAR Embedded Workbench MISRA C:2004. Reference Guide
IAR Embedded Workbench MISRA C:2004 Reference Guide COPYRIGHT NOTICE Copyright 2004 2008 IAR Systems. All rights reserved. No part of this document may be reproduced without the prior written consent of
More informationWP6. Apache Core & APR
WP6 DIGIT B1 - EP Pilot Project 645 Deliverable 1: Code Review Results Report Apache Core & APR Specific contract n 226 under Framework Contract n DI/07172 ABCIII September 2016 Author: Disclaimer The
More informationComputers Programming Course 5. Iulian Năstac
Computers Programming Course 5 Iulian Năstac Recap from previous course Classification of the programming languages High level (Ada, Pascal, Fortran, etc.) programming languages with strong abstraction
More informationAddressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1
Addressing Future Challenges in the Development of Safe and Secure Software Components 2016 The MathWorks, Inc. 1 Cybersecurity Emerging Topic in the Auto Industry Vehicle-to-Infrastructure Wifi Hotspot
More informationReserved Words and Identifiers
1 Programming in C Reserved Words and Identifiers Reserved word Word that has a specific meaning in C Ex: int, return Identifier Word used to name and refer to a data element or object manipulated by the
More informationCON34-C. Declare objects shared between threads with appropriate storage durations
CON34-C. Declare objects shared between threads with appropriate storage durations Accessing the automatic or thread-local variables of one thread from another thread is implementation-defined behavior
More informationCSE P 501 Compilers. Java Implementation JVMs, JITs &c Hal Perkins Winter /11/ Hal Perkins & UW CSE V-1
CSE P 501 Compilers Java Implementation JVMs, JITs &c Hal Perkins Winter 2008 3/11/2008 2002-08 Hal Perkins & UW CSE V-1 Agenda Java virtual machine architecture.class files Class loading Execution engines
More informationImportant From Last Time
Important From Last Time Embedded C Pros and cons Macros and how to avoid them Intrinsics Interrupt syntax Inline assembly Today Advanced C What C programs mean How to create C programs that mean nothing
More informationUnderstanding Undefined Behavior
Session Developer Tools #WWDC17 Understanding Undefined Behavior 407 Fred Riss, Clang Team Ryan Govostes, Security Engineering and Architecture Team Anna Zaks, Program Analysis Team 2017 Apple Inc. All
More informationPage 1. Today. Important From Last Time. Is the assembly code right? Is the assembly code right? Which compiler is right?
Important From Last Time Today Embedded C Pros and cons Macros and how to avoid them Intrinsics Interrupt syntax Inline assembly Advanced C What C programs mean How to create C programs that mean nothing
More informationCS313D: ADVANCED PROGRAMMING LANGUAGE
CS313D: ADVANCED PROGRAMMING LANGUAGE Computer Science department Lecture 2 : C# Language Basics Lecture Contents 2 The C# language First program Variables and constants Input/output Expressions and casting
More informationImportant From Last Time
Important From Last Time Embedded C Ø Pros and cons Macros and how to avoid them Intrinsics Interrupt syntax Inline assembly Today Advanced C What C programs mean How to create C programs that mean nothing
More informationCSC209: Software tools. Unix files and directories permissions utilities/commands Shell programming quoting wild cards files
CSC209 Review CSC209: Software tools Unix files and directories permissions utilities/commands Shell programming quoting wild cards files ... and systems programming C basic syntax functions arrays structs
More informationCSC209: Software tools. Unix files and directories permissions utilities/commands Shell programming quoting wild cards files. Compiler vs.
CSC209 Review CSC209: Software tools Unix files and directories permissions utilities/commands Shell programming quoting wild cards files... and systems programming C basic syntax functions arrays structs
More informationExpressions and Precedence. Last updated 12/10/18
Expressions and Precedence Last updated 12/10/18 Expression: Sequence of Operators and Operands that reduce to a single value Simple and Complex Expressions Subject to Precedence and Associativity Six
More informationXC Specification. 1 Lexical Conventions. 1.1 Tokens. The specification given in this document describes version 1.0 of XC.
XC Specification IN THIS DOCUMENT Lexical Conventions Syntax Notation Meaning of Identifiers Objects and Lvalues Conversions Expressions Declarations Statements External Declarations Scope and Linkage
More informationIntroduction to N1031. Components of N1031. Guiding Principles. Walk through, issues, and rationale
Introduction to N1031 Walk through, issues, and rationale Components of N1031 New functions that protect against buffer overflow and always produce null terminated strings New reentrant versions of old
More informationAbout Codefrux While the current trends around the world are based on the internet, mobile and its applications, we try to make the most out of it. As for us, we are a well established IT professionals
More informationInstructor-led Training Course Catalog
Instructor-led Training Course Catalog January 2018 800.873.8193 sig-info@synopsys.com synopsys.com/software GENERAL DISCLAIMER This document presents details about the training offerings from Synopsys
More informationCprE 288 Introduction to Embedded Systems Exam 1 Review. 1
CprE 288 Introduction to Embedded Systems Exam 1 Review http://class.ece.iastate.edu/cpre288 1 Overview of Today s Lecture Announcements Exam 1 Review http://class.ece.iastate.edu/cpre288 2 Announcements
More informationFixed-Point Math and Other Optimizations
Fixed-Point Math and Other Optimizations Embedded Systems 8-1 Fixed Point Math Why and How Floating point is too slow and integers truncate the data Floating point subroutines: slower than native, overhead
More informationCS201- Introduction to Programming Current Quizzes
CS201- Introduction to Programming Current Quizzes Q.1 char name [] = Hello World ; In the above statement, a memory of characters will be allocated 13 11 12 (Ans) Q.2 A function is a block of statements
More informationAxivion Bauhaus Suite Technical Factsheet AUTOSAR
Version 6.9.1 upwards Axivion Bauhaus Suite Technical Factsheet AUTOSAR Version 6.9.1 upwards Contents 1. C++... 2 1. Autosar C++14 Guidelines (AUTOSAR 17.03)... 2 2. Autosar C++14 Guidelines (AUTOSAR
More informationCSC209 Review. Yeah! We made it!
CSC209 Review Yeah! We made it! 1 CSC209: Software tools Unix files and directories permissions utilities/commands Shell programming quoting wild cards files 2 ... and C programming... C basic syntax functions
More informationUnix System Programming - Chapter 2, part a
Unix System Programming - Chapter 2, part a Neal Nelson The Evergreen State College Mar 23, 2010 USP Chapter 2.1 to 2.6 Processes and Threads Program Storage and Linkage Library Function Calls Error Handling
More informationCSCI 2212: Intermediate Programming / C Review, Chapters 10 and 11
... 1/16 CSCI 2212: Intermediate Programming / C Review, Chapters 10 and 11 Alice E. Fischer February 3, 2016 ... 2/16 Outline Basic Types and Diagrams ... 3/16 Basic Types and Diagrams Types in C C has
More informationMISRA C:2012 Technical Corrigendum 1
MISRA C:2012 Technical Corrigendum 1 Technical clarification of MISRA C:2012 June 2017 First published June 2017 by HORIBA MIRA Limited Watling Street Nuneaton Warwickshire CV10 0TU UK www.misra.org.uk
More informationC and C++ Secure Coding 4-day course. Syllabus
C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course
More informationThe New C Standard (Excerpted material)
The New C Standard (Excerpted material) An Economic and Cultural Derek M. Jones derek@knosof.co.uk Copyright 2002-2008 Derek M. Jones. All rights reserved. 1103 6.5.3.3 Unary arithmetic operators 6.5.3.3
More informationInformation technology Programming languages, their environments and system software interfaces C secure coding rules
TECHNICAL SPECIFICATION ISO/IEC TS 17961 First edition 2013-11-15 Information technology Programming languages, their environments and system software interfaces C secure coding rules Technologies de l
More informationIntroduction to Information Security. Security Threat & Secure Coding Sang Kil Cha
Introduction to Information Security Security Threat & Secure Coding Sang Kil Cha 1 Security Threats 2 Security Threats Image from https://www.owasp.org/images/8/86/2010-t10-architecturediagram.png 3 Threat
More informationChapter 1 INTRODUCTION SYS-ED/ COMPUTER EDUCATION TECHNIQUES, INC.
hapter 1 INTRODUTION SYS-ED/ OMPUTER EDUATION TEHNIQUES, IN. Objectives You will learn: Java features. Java and its associated components. Features of a Java application and applet. Java data types. Java
More informationImportant From Last Time
Important From Last Time Volatile is tricky To write correct embedded C and C++, you have to understand what volatile does and does not do Ø What is the guarantee that it provides? Don t make the 8 mistakes
More informationP.G.TRB - COMPUTER SCIENCE. c) data processing language d) none of the above
P.G.TRB - COMPUTER SCIENCE Total Marks : 50 Time : 30 Minutes 1. C was primarily developed as a a)systems programming language b) general purpose language c) data processing language d) none of the above
More informationCPSC 3740 Programming Languages University of Lethbridge. Data Types
Data Types A data type defines a collection of data values and a set of predefined operations on those values Some languages allow user to define additional types Useful for error detection through type
More informationFunction Call Stack and Activation Records
71 Function Call Stack and Activation Records To understand how C performs function calls, we first need to consider a data structure (i.e., collection of related data items) known as a stack. Students
More informationQUIZ. What is wrong with this code that uses default arguments?
QUIZ What is wrong with this code that uses default arguments? Solution The value of the default argument should be placed in either declaration or definition, not both! QUIZ What is wrong with this code
More informationC Language Part 1 Digital Computer Concept and Practice Copyright 2012 by Jaejin Lee
C Language Part 1 (Minor modifications by the instructor) References C for Python Programmers, by Carl Burch, 2011. http://www.toves.org/books/cpy/ The C Programming Language. 2nd ed., Kernighan, Brian,
More informationPage 1. Stuff. Last Time. Today. Safety-Critical Systems MISRA-C. Terminology. Interrupts Inline assembly Intrinsics
Stuff Last Time Homework due next week Lab due two weeks from today Questions? Interrupts Inline assembly Intrinsics Today Safety-Critical Systems MISRA-C Subset of C language for critical systems System
More informationAmsterdam Compiler Kit-ANSI C compiler compliance statements
Amsterdam Compiler Kit-ANSI C compiler compliance statements Hans van Eck Dept. of Mathematics and Computer Science Vrije Universiteit Amsterdam, The Netherlands This document specifies the implementation-defined
More informationC Legacy Code Topics. Objectives. In this appendix you ll:
cppfp2_appf_legacycode.fm Page 1 Monday, March 25, 2013 3:44 PM F C Legacy Code Topics Objectives In this appendix you ll: Redirect keyboard input to come from a file and redirect screen output to a file.
More informationSecure software guidelines for ARMv8-M. for ARMv8-M. Version 0.1. Version 2.0. Copyright 2017 ARM Limited or its affiliates. All rights reserved.
Connect Secure software User Guide guidelines for ARMv8-M Version 0.1 Version 2.0 Page 1 of 19 Revision Information The following revisions have been made to this User Guide. Date Issue Confidentiality
More informationModel Viva Questions for Programming in C lab
Model Viva Questions for Programming in C lab Title of the Practical: Assignment to prepare general algorithms and flow chart. Q1: What is a flowchart? A1: A flowchart is a diagram that shows a continuous
More informationThis lists all known errors in The C Programming Language, Second Edition, by Brian Kernighan and Dennis Ritchie (Prentice-Hall, 1988).
Errata for The C Programming Language, Second Edition This lists all known errors in The C Programming Language, Second Edition, by Brian Kernighan and Dennis Ritchie (Prentice-Hall, 1988). The pagination
More informationPage 1. Today. Last Time. Is the assembly code right? Is the assembly code right? Which compiler is right? Compiler requirements CPP Volatile
Last Time Today Compiler requirements CPP Volatile Advanced C What C programs mean int my_loop (int base) { int index, count = 0; for (index = base; index < (base+10); index++) count++; urn count; my_loop:
More informationUNIT- 3 Introduction to C++
UNIT- 3 Introduction to C++ C++ Character Sets: Letters A-Z, a-z Digits 0-9 Special Symbols Space + - * / ^ \ ( ) [ ] =!= . $, ; : %! &? _ # = @ White Spaces Blank spaces, horizontal tab, carriage
More informationadvanced data types (2) typedef. today advanced data types (3) enum. mon 23 sep 2002 defining your own types using typedef
today advanced data types (1) typedef. mon 23 sep 2002 homework #1 due today homework #2 out today quiz #1 next class 30-45 minutes long one page of notes topics: C advanced data types dynamic memory allocation
More informationReview of the C Programming Language for Principles of Operating Systems
Review of the C Programming Language for Principles of Operating Systems Prof. James L. Frankel Harvard University Version of 7:26 PM 4-Sep-2018 Copyright 2018, 2016, 2015 James L. Frankel. All rights
More informationCERT C++ COMPLIANCE ENFORCEMENT
CERT C++ COMPLIANCE ENFORCEMENT AUTOMATED SOURCE CODE ANALYSIS TO MAINTAIN COMPLIANCE SIMPLIFY AND STREAMLINE CERT C++ COMPLIANCE The CERT C++ compliance module reports on dataflow problems, software defects,
More informationby Pearson Education, Inc. All Rights Reserved.
Let s improve the bubble sort program of Fig. 6.15 to use two functions bubblesort and swap. Function bubblesort sorts the array. It calls function swap (line 51) to exchange the array elements array[j]
More informationGuidelines for Writing C Code
Guidelines for Writing C Code Issue 01-bugfix Martin Becker Institute for Real-Time Computer Systems (RCS) Technische Universität München becker@rcs.ei.tum.de June 9, 2014 Contents 1 Introduction 1 2 Pragmatic
More informationPointers. 1 Background. 1.1 Variables and Memory. 1.2 Motivating Pointers Massachusetts Institute of Technology
Introduction to C++ Massachusetts Institute of Technology ocw.mit.edu 6.096 Pointers 1 Background 1.1 Variables and Memory When you declare a variable, the computer associates the variable name with a
More informationReview of the C Programming Language
Review of the C Programming Language Prof. James L. Frankel Harvard University Version of 11:55 AM 22-Apr-2018 Copyright 2018, 2016, 2015 James L. Frankel. All rights reserved. Reference Manual for the
More informationA flow chart is a graphical or symbolic representation of a process.
Q1. Define Algorithm with example? Answer:- A sequential solution of any program that written in human language, called algorithm. Algorithm is first step of the solution process, after the analysis of
More informationWhy Pointers. Pointers. Pointer Declaration. Two Pointer Operators. What Are Pointers? Memory address POINTERVariable Contents ...
Why Pointers Pointers They provide the means by which functions can modify arguments in the calling function. They support dynamic memory allocation. They provide support for dynamic data structures, such
More informationContents. Preface. Introduction. Introduction to C Programming
c11fptoc.fm Page vii Saturday, March 23, 2013 4:15 PM Preface xv 1 Introduction 1 1.1 1.2 1.3 1.4 1.5 Introduction The C Programming Language C Standard Library C++ and Other C-Based Languages Typical
More informationJava Basic Programming Constructs
Java Basic Programming Constructs /* * This is your first java program. */ class HelloWorld{ public static void main(string[] args){ System.out.println( Hello World! ); A Closer Look at HelloWorld 2 This
More informationEL6483: Brief Overview of C Programming Language
EL6483: Brief Overview of C Programming Language EL6483 Spring 2016 EL6483 EL6483: Brief Overview of C Programming Language Spring 2016 1 / 30 Preprocessor macros, Syntax for comments Macro definitions
More informationC-LANGUAGE CURRICULAM
C-LANGUAGE CURRICULAM Duration: 2 Months. 1. Introducing C 1.1 History of C Origin Standardization C-Based Languages 1.2 Strengths and Weaknesses Of C Strengths Weaknesses Effective Use of C 2. C Fundamentals
More informationSpecial Topics for Embedded Programming
1 Special Topics for Embedded Programming ETH Zurich Fall 2018 Reference: The C Programming Language by Kernighan & Ritchie 1 2 Overview of Topics Microprocessor architecture Peripherals Registers Memory
More informationCS 31: Intro to Systems Pointers and Memory. Kevin Webb Swarthmore College October 2, 2018
CS 31: Intro to Systems Pointers and Memory Kevin Webb Swarthmore College October 2, 2018 Overview How to reference the location of a variable in memory Where variables are placed in memory How to make
More informationCS527 Software Security
Security Policies Purdue University, Spring 2018 Security Policies A policy is a deliberate system of principles to guide decisions and achieve rational outcomes. A policy is a statement of intent, and
More informationMISRA-C. Subset of the C language for critical systems
MISRA-C Subset of the C language for critical systems SAFETY-CRITICAL SYSTEMS System is safety-critical if people might die due to software bugs Examples Automobile stability / traction control Medical
More informationNAN propagation versus fault trapping in floating point code
NAN propagation versus fault trapping in floating point code By Agner Fog. Technical University of Denmark. Copyright 2018. Last updated 2018-05-24. Contents 1 Introduction... 1 2 Fault trapping... 1 3
More informationData Types, Variables and Arrays. OOC 4 th Sem, B Div Prof. Mouna M. Naravani
Data Types, Variables and Arrays OOC 4 th Sem, B Div 2016-17 Prof. Mouna M. Naravani Identifiers in Java Identifiers are the names of variables, methods, classes, packages and interfaces. Identifiers must
More informationJava Primer 1: Types, Classes and Operators
Java Primer 1 3/18/14 Presentation for use with the textbook Data Structures and Algorithms in Java, 6th edition, by M. T. Goodrich, R. Tamassia, and M. H. Goldwasser, Wiley, 2014 Java Primer 1: Types,
More informationA Short Summary of Javali
A Short Summary of Javali October 15, 2015 1 Introduction Javali is a simple language based on ideas found in languages like C++ or Java. Its purpose is to serve as the source language for a simple compiler
More informationME 461 C review Session Fall 2009 S. Keres
ME 461 C review Session Fall 2009 S. Keres DISCLAIMER: These notes are in no way intended to be a complete reference for the C programming material you will need for the class. They are intended to help
More informationCS 5523 Operating Systems: Midterm II - reivew Instructor: Dr. Tongping Liu Department Computer Science The University of Texas at San Antonio
CS 5523 Operating Systems: Midterm II - reivew Instructor: Dr. Tongping Liu Department Computer Science The University of Texas at San Antonio Fall 2017 1 Outline Inter-Process Communication (20) Threads
More informationReview Chapters 1 to 4. Instructor: Scott Kristjanson CMPT 125/125 SFU Burnaby, Fall 2013
Review Chapters 1 to 4 Instructor: Scott Kristjanson CMPT 125/125 SFU Burnaby, Fall 2013 Introduction to Java Chapters 1 and 2 The Java Language Section 1.1 Data & Expressions Sections 2.1 2.5 Instructor:
More informationChapter 1 GETTING STARTED. SYS-ED/ Computer Education Techniques, Inc.
Chapter 1 GETTING STARTED SYS-ED/ Computer Education Techniques, Inc. Objectives You will learn: Java platform. Applets and applications. Java programming language: facilities and foundation. Memory management
More informationBetter variadic functions in C
Better variadic functions in C Ben Klemens XXX I really dislike how C s variadic functions are implemented. I think they create lots of problems and don t fulfil their potential. So this is my effort to
More informationRM0327 Reference manual
Reference manual Multi-Target Trace API version 1.0 Overview Multi-Target Trace (MTT) is an application instrumentation library that provides a consistent way to embed instrumentation into a software application,
More informationC Programming Language (Chapter 2 of K&R) Variables and Constants
C Programming Language (Chapter 2 of K&R) Types, Operators and Expressions Variables and Constants Basic objects manipulated by programs Declare before use: type var1, var2, int x, y, _X, x11, buffer;
More informationOperators and Expressions
Operators and Expressions Conversions. Widening and Narrowing Primitive Conversions Widening and Narrowing Reference Conversions Conversions up the type hierarchy are called widening reference conversions
More information