Synopsys Static Analysis Support for SEI CERT C Coding Standard

Similar documents
CERT C Rules implemented in the LDRA tool suite

Static Code Analysis - CERT C Secure Code Checking

CERT-C++:2016 Standards Model Summary for C++

Coverity Static Analysis Support for MISRA Coding Standards

Secure Coding Initiative

Computer Security. Robust and secure programming in C. Marius Minea. 12 October 2017

Lecture 12 Integers. Computer and Network Security 19th of December Computer Science and Engineering Department

Coccinelle: Tool support for automated CERT C Secure Coding Standard certification

Introduction to Information Security. Secure Coding Sang Kil Cha

Motor Industry Software Reliability Association (MISRA) C:2012 Standard Mapping of MISRA C:2012 items to Goanna checks

C Programming. Course Outline. C Programming. Code: MBD101. Duration: 10 Hours. Prerequisites:

Aalborg Universitet. Published in: Science of Computer Programming. DOI (link to publication from Publisher): /j.scico

Axivion Bauhaus Suite Technical Factsheet MISRA

Category (see the category tab) Comment and rationale Proposed new text Record of Response. Initials #

CODE TIME TECHNOLOGIES. Abassi RTOS MISRA-C:2004. Compliance Report

Introduction. Background. Document: WG 14/N1619. Text for comment WFW-1 of N1618

Static Analysis in C/C++ code with Polyspace

Contents of Lecture 3

SOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE

Chapter 14 - Advanced C Topics

Programming languages - C

MISRA-C:2012 Standards Model Summary for C / C++

Systems Programming. 08. Standard I/O Library. Alexander Holupirek

EXP54-CPP. Do not access an object outside of its lifetime

Computers Programming Course 6. Iulian Năstac

IAR Embedded Workbench MISRA C:2004. Reference Guide

WP6. Apache Core & APR

Computers Programming Course 5. Iulian Năstac

Addressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1

Reserved Words and Identifiers

CON34-C. Declare objects shared between threads with appropriate storage durations

CSE P 501 Compilers. Java Implementation JVMs, JITs &c Hal Perkins Winter /11/ Hal Perkins & UW CSE V-1

Important From Last Time

Understanding Undefined Behavior

Page 1. Today. Important From Last Time. Is the assembly code right? Is the assembly code right? Which compiler is right?

CS313D: ADVANCED PROGRAMMING LANGUAGE

Important From Last Time

CSC209: Software tools. Unix files and directories permissions utilities/commands Shell programming quoting wild cards files

CSC209: Software tools. Unix files and directories permissions utilities/commands Shell programming quoting wild cards files. Compiler vs.

Expressions and Precedence. Last updated 12/10/18

XC Specification. 1 Lexical Conventions. 1.1 Tokens. The specification given in this document describes version 1.0 of XC.

Introduction to N1031. Components of N1031. Guiding Principles. Walk through, issues, and rationale


Instructor-led Training Course Catalog

CprE 288 Introduction to Embedded Systems Exam 1 Review. 1

Fixed-Point Math and Other Optimizations

CS201- Introduction to Programming Current Quizzes

Axivion Bauhaus Suite Technical Factsheet AUTOSAR

CSC209 Review. Yeah! We made it!

Unix System Programming - Chapter 2, part a

CSCI 2212: Intermediate Programming / C Review, Chapters 10 and 11

MISRA C:2012 Technical Corrigendum 1

C and C++ Secure Coding 4-day course. Syllabus

The New C Standard (Excerpted material)

Information technology Programming languages, their environments and system software interfaces C secure coding rules

Introduction to Information Security. Security Threat & Secure Coding Sang Kil Cha

Chapter 1 INTRODUCTION SYS-ED/ COMPUTER EDUCATION TECHNIQUES, INC.

Important From Last Time

P.G.TRB - COMPUTER SCIENCE. c) data processing language d) none of the above

CPSC 3740 Programming Languages University of Lethbridge. Data Types

Function Call Stack and Activation Records

QUIZ. What is wrong with this code that uses default arguments?

C Language Part 1 Digital Computer Concept and Practice Copyright 2012 by Jaejin Lee

Page 1. Stuff. Last Time. Today. Safety-Critical Systems MISRA-C. Terminology. Interrupts Inline assembly Intrinsics

Amsterdam Compiler Kit-ANSI C compiler compliance statements

C Legacy Code Topics. Objectives. In this appendix you ll:

Secure software guidelines for ARMv8-M. for ARMv8-M. Version 0.1. Version 2.0. Copyright 2017 ARM Limited or its affiliates. All rights reserved.

Model Viva Questions for Programming in C lab

This lists all known errors in The C Programming Language, Second Edition, by Brian Kernighan and Dennis Ritchie (Prentice-Hall, 1988).

Page 1. Today. Last Time. Is the assembly code right? Is the assembly code right? Which compiler is right? Compiler requirements CPP Volatile

UNIT- 3 Introduction to C++

advanced data types (2) typedef. today advanced data types (3) enum. mon 23 sep 2002 defining your own types using typedef

Review of the C Programming Language for Principles of Operating Systems

CERT C++ COMPLIANCE ENFORCEMENT

by Pearson Education, Inc. All Rights Reserved.

Guidelines for Writing C Code

Pointers. 1 Background. 1.1 Variables and Memory. 1.2 Motivating Pointers Massachusetts Institute of Technology

Review of the C Programming Language

A flow chart is a graphical or symbolic representation of a process.

Why Pointers. Pointers. Pointer Declaration. Two Pointer Operators. What Are Pointers? Memory address POINTERVariable Contents ...

Contents. Preface. Introduction. Introduction to C Programming

Java Basic Programming Constructs

EL6483: Brief Overview of C Programming Language

C-LANGUAGE CURRICULAM

Special Topics for Embedded Programming

CS 31: Intro to Systems Pointers and Memory. Kevin Webb Swarthmore College October 2, 2018

CS527 Software Security

MISRA-C. Subset of the C language for critical systems

NAN propagation versus fault trapping in floating point code

Data Types, Variables and Arrays. OOC 4 th Sem, B Div Prof. Mouna M. Naravani

Java Primer 1: Types, Classes and Operators

A Short Summary of Javali

ME 461 C review Session Fall 2009 S. Keres

CS 5523 Operating Systems: Midterm II - reivew Instructor: Dr. Tongping Liu Department Computer Science The University of Texas at San Antonio

Review Chapters 1 to 4. Instructor: Scott Kristjanson CMPT 125/125 SFU Burnaby, Fall 2013

Chapter 1 GETTING STARTED. SYS-ED/ Computer Education Techniques, Inc.

Better variadic functions in C

RM0327 Reference manual

C Programming Language (Chapter 2 of K&R) Variables and Constants

Operators and Expressions

Transcription:

Synopsys Static Analysis Support for SEI CERT C Coding Standard Fully ensure the safety, reliability, and security of software written in C The SEI CERT C Coding Standard is a list of rules for writing secure code in the C programming language. It is an important milestone in introducing best practices for ensuring the safety, reliability, security, and integrity of software written in C. Notably, the standard is designed to be enforceable by software code analyzers using static analysis techniques. This greatly reduces the cost of compliance by way of automation. Adhering to coding standards is a crucial step in establishing best coding practices. This is particularly important in safety-critical, high-impact industries, such as automotive, medical, and networking. Software defects in products coming from these industries manifest themselves physically and tangibly often with lifethreatening consequences. Synopsys provides a comprehensive solution for the SEI CERT C Coding Standard. Synopsys Static Analysis (Coverity) implements the Rules category within the CERT C standard, as well as methods for managing violations and reporting on them. SEI CERT C Coding Standard (201 Edition) The SEI CERT C Coding Standard was developed specifically for the following versions of the C language: ISO/IEC 9899:2011: Information Technology Programming Languages C, rd ed. ISO/IEC 9899:2011/Cor 1:2012: Information Technology Programming Languages C Technical Corrigendum 1 These versions are commonly referred to as the C11 standard. The CERT C rules may also be applied to earlier versions of the C language, such as C99. The 201 edition of the CERT C standard contains 99 coding rules and reflects the C rules available on the CERT Secure Coding wiki as of March 0, 201. The CERT Secure Coding wiki is found here: https://www.securecoding.cert.org/confluence/display/c/ SEI+CERT+C+Coding+Standard The SEI CERT C Coding Standard (201 Edition) may be obtained here: https://www.cert.org/secure-coding/products-services/secure-coding-download.cfm The CERT C wiki also documents 18 recommendations and two platform-specific annexes (POSIX and Windows). The recommendations and annexes are not part of the core secure coding standard. synopsys.com

coverage PRE Rules Section % coverage Supported All All 99 99 DCL 8 8 EXP 14 14 INT FLP ARR STR MEM FIO 1 1 ENV SIG 4 4 ERR CON 12 12 MSC Supported rules Rule ARR0-C ARR2-C ARR-C ARR-C ARR8-C ARR9-C CON0-C CON1-C CON2-C CON-C CON4-C CON-C CON-C Do not form or use out-of-bounds pointers or array subscripts Ensure size arguments for variable length arrays are in a valid range Do not subtract or compare two pointers that do not refer to the same array Do not add or subtract an integer to a pointer to a non-array object Guarantee that library functions do not form invalid pointers Do not add or subtract a scaled integer to a pointer Clean up thread-specific storage Do not destroy a mutex while it is locked Prevent data races when accessing bit-fields from multiple threads Avoid race conditions when using library functions Declare objects shared between threads with appropriate storage durations Avoid deadlock by locking in a predefined order Wrap functions that can spuriously wake up in a loop

CON-C CON8-C CON9-C CON40-C CON41-C DCL0-C DCL1-C DCL-C DCL-C DCL8-C DCL9-C DCL40-C DCL41-C ENV0-C ENV1-C ENV2-C ENV-C ENV4-C ERR0-C ERR2-C ERR-C EXP0-C EXP2-C EXP-C EXP4-C EXP-C EXP-C EXP-C EXP9-C EXP40-C EXP42-C EXP4-C EXP44-C EXP4-C Do not call signal() in a multithreaded program Preserve thread safety and liveness when using condition variables Do not join or detach a thread that was previously joined or detached Do not refer to an atomic variable twice in an expression Wrap functions that can fail spuriously in a loop Declare objects with appropriate storage durations Declare identifiers before using them Do not declare an identifier with conflicting linkage classifications Do not declare or define a reserved identifier Use the correct syntax when declaring a flexible array member Avoid information leakage when passing a structure across a trust boundary Do not create incompatible declarations of the same function or object Do not declare variables inside a switch statement before the first case label Do not modify the object referenced by the return value of certain functions Do not rely on an environment pointer following an operation that may invalidate it All exit handlers must return normally Do not call system() Do not store pointers returned by certain functions Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure Do not rely on indeterminate values of errno Detect and handle standard library errors Do not depend on the order of evaluation for side effects Do not access a volatile object through a nonvolatile reference Do not read uninitialized memory Do not dereference null pointers Do not modify objects with temporary lifetime Do not cast pointers into more strictly aligned pointer types Call functions with the correct number and type of arguments Do not access a variable through a pointer of an incompatible type Do not modify constant objects Do not compare padding data Avoid undefined behavior when using restrict-qualified pointers Do not rely on side effects in operands to sizeof, _Alignof, or _Generic Do not perform assignments in selection statements

EXP4-C FIO0-C FIO2-C FIO4-C FIO-C FIO8-C FIO9-C FIO40-C FIO41-C FIO42-C FIO44-C FIO4-C FIO4-C FIO4-C FLP0-C FLP2-C FLP4-C FLP-C FLP-C INT0-C INT1-C INT2-C INT-C INT4-C INT-C INT-C MEM0-C MEM1-C MEM-C MEM4-C MEM-C MEM-C MSC0-C MSC2-C Do not use a bitwise operator with a Boolean-like operand Exclude user input from format strings Do not perform operations on devices that are only appropriate for files Distinguish between characters read from a file and EOF or WEOF Do not assume that fgets() or fgetws() returns a nonempty string when successful Do not copy a FILE object Do not alternately input and output from a stream without an intervening flush or positioning call Reset strings on fgets() or fgetws() failure Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects Close files when they are no longer needed Only use values for fsetpos() that are returned from fgetpos() Avoid TOCTOU race conditions while accessing files Do not access a closed file Use valid format strings Do not use floating-point variables as loop counters Prevent or detect domain and range errors in math functions Ensure that floating-point conversions are within range of the new type Preserve precision when converting integral values to floating-point type Do not use object representations to compare floating-point values Ensure that unsigned integer operations do not wrap Ensure that integer conversions do not result in lost or misinterpreted data Ensure that operations on signed integers do not result in overflow Ensure that division and remainder operations do not result in divide-by-zero errors Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand Use correct integer precisions Converting a pointer to integer or integer to pointer Do not access freed memory Free dynamically allocated memory when no longer needed Allocate and copy structures containing a flexible array member dynamically Only free memory allocated dynamically Allocate sufficient memory for an object Do not modify the alignment of objects by calling realloc() Do not use the rand() function for generating pseudorandom numbers Properly seed pseudorandom number generators

MSC-C MSC-C MSC8-C MSC9-C MSC40-C PRE0-C PRE1-C PRE2-C SIG0-C SIG1-C SIG4-C SIG-C STR0-C STR1-C STR2-C STR4-C STR-C STR8-C Do not pass invalid data to the asctime() function Ensure that control never reaches the end of a non-void function Do not treat a predefined identifier as an object if it might only be implemented as a macro Do not call va_arg() on a va_list that has an indeterminate value Do not violate constraints Do not create a universal character name through concatenation Avoid side effects in arguments to unsafe macros Do not use preprocessor directives in invocations of function-like macros Call only asynchronous-safe functions within signal handlers Do not access shared objects in signal handlers Do not call signal() from within interruptible signal handlers Do not return from a computational exception signal handler Do not attempt to modify string literals Guarantee that storage for strings has sufficient space for character data and the null terminator Do not pass a non-null-terminated character sequence to a library function that expects a string Cast characters to unsigned char before converting to larger integer sizes Arguments to character-handling functions must be representable as an unsigned char Do not confuse narrow and wide character strings and functions The Synopsys difference Synopsys offers the most comprehensive solution for building integrity security and quality into your SDLC and supply chain. We ve united leading testing technologies, automated analysis, and experts to create a robust portfolio of products and services. This portfolio enables companies to develop customized programs for detecting and remediating defects and vulnerabilities early in the development process, minimizing risk and maximizing productivity. Synopsys, a recognized leader in application security testing, is uniquely positioned to adapt and apply best practices to new technologies and trends such as IoT, DevOps, CI/CD, and the Cloud. We don t stop when the test is over. We offer onboarding and deployment assistance, targeted remediation guidance, and a variety of training solutions that empower you to optimize your investment. Whether you re just starting your journey or well on your way, our platform will help ensure the integrity of the applications that power your business. For more information go to www.synopsys.com/software. Synopsys, Inc. 18 Berry Street, Suite 00 San Francisco, CA 9410 USA U.S. Sales: 800.8.819 International Sales: +1 41.21.2 Email: sig-info@synopsys.com 2018 Synopsys, Inc. All rights reserved. Synopsys is a trademark of Synopsys, Inc. in the United States and other countries. A list of Synopsys trademarks is available at http://www.synopsys.com/copyright.html. All other names mentioned herein are trademarks or registered trademarks of their respective owners. 01/10/18.DS_CERT_011018.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback