Secure Coding Standard » History » Version 6
Andreas Steffen, 27.05.2013 20:43
Added some DCL rules
| 1 | 1 | Andreas Steffen | h1. Secure Coding Standard |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 5 | Andreas Steffen | The strongSwan project adheres to the following recommendations and rules recommended by the "CERT C Secure Coding Standard":https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard: |
| 4 | 1 | Andreas Steffen | |
| 5 | 1 | Andreas Steffen | h2. Preprocessor (PRE) |
| 6 | 1 | Andreas Steffen | |
| 7 | 2 | Andreas Steffen | h3. Full Adherence |
| 8 | 2 | Andreas Steffen | |
| 9 | 2 | Andreas Steffen | * "PRE03-C. Prefer typedefs to defines for encoding types":https://www.securecoding.cert.org/confluence/display/seccode/PRE03-C.+Prefer+typedefs+to+defines+for+encoding+types |
| 10 | 2 | Andreas Steffen | |
| 11 | 2 | Andreas Steffen | * "PRE04-C. Do not reuse a standard header file name":https://www.securecoding.cert.org/confluence/display/seccode/PRE04-C.+Do+not+reuse+a+standard+header+file+name |
| 12 | 2 | Andreas Steffen | |
| 13 | 3 | Andreas Steffen | * "PRE06-C. Enclose header files in an inclusion guard":https://www.securecoding.cert.org/confluence/display/seccode/PRE06-C.+Enclose+header+files+in+an+inclusion+guard |
| 14 | 3 | Andreas Steffen | |
| 15 | 4 | Andreas Steffen | * "PRE09-C. Do not replace secure functions with deprecated or obsolescent functions":https://www.securecoding.cert.org/confluence/display/seccode/PRE09-C.+Do+not+replace+secure+functions+with+deprecated+or+obsolescent+functions |
| 16 | 4 | Andreas Steffen | |
| 17 | 2 | Andreas Steffen | h3. Partial Adherence |
| 18 | 2 | Andreas Steffen | |
| 19 | 2 | Andreas Steffen | * "PRE00-C. Prefer inline or static functions to function-like macros ":https://www.securecoding.cert.org/confluence/display/seccode/PRE00-C.+Prefer+inline+or+static+functions+to+function-like+macros |
| 20 | 2 | Andreas Steffen | |
| 21 | 2 | Andreas Steffen | * "PRE01-C. Use parentheses within macros around parameter names":https://www.securecoding.cert.org/confluence/display/seccode/PRE01-C.+Use+parentheses+within+macros+around+parameter+names |
| 22 | 2 | Andreas Steffen | |
| 23 | 2 | Andreas Steffen | * "PRE02-C. Macro replacement lists should be parenthesized":https://www.securecoding.cert.org/confluence/display/seccode/PRE02-C.+Macro+replacement+lists+should+be+parenthesized |
| 24 | 3 | Andreas Steffen | |
| 25 | 3 | Andreas Steffen | h3. Check Adherence |
| 26 | 3 | Andreas Steffen | |
| 27 | 3 | Andreas Steffen | * "PRE05-C. Understand macro replacement when concatenating tokens or performing stringification":https://www.securecoding.cert.org/confluence/display/seccode/PRE05-C.+Understand+macro+replacement+when+concatenating+tokens+or+performing+stringification |
| 28 | 3 | Andreas Steffen | |
| 29 | 1 | Andreas Steffen | * "PRE07-C. Avoid using repeated question marks":https://www.securecoding.cert.org/confluence/display/seccode/PRE07-C.+Avoid+using+repeated+question+marks |
| 30 | 4 | Andreas Steffen | |
| 31 | 4 | Andreas Steffen | * "PRE10-C. Wrap multistatement macros in a do-while loop":https://www.securecoding.cert.org/confluence/display/seccode/PRE10-C.+Wrap+multistatement+macros+in+a+do-while+loop |
| 32 | 4 | Andreas Steffen | |
| 33 | 4 | Andreas Steffen | * "PRE11-C. Do not conclude macro definitions with a semicolon ":https://www.securecoding.cert.org/confluence/display/seccode/PRE11-C.+Do+not+conclude+macro+definitions+with+a+semicolon |
| 34 | 4 | Andreas Steffen | |
| 35 | 4 | Andreas Steffen | * "PRE12-C. Do not define unsafe macros":https://www.securecoding.cert.org/confluence/display/seccode/PRE12-C.+Do+not+define+unsafe+macros |
| 36 | 4 | Andreas Steffen | |
| 37 | 4 | Andreas Steffen | * "PRE30-C. Do not create a universal character name through concatenation":https://www.securecoding.cert.org/confluence/display/seccode/PRE30-C.+Do+not+create+a+universal+character+name+through+concatenation |
| 38 | 4 | Andreas Steffen | |
| 39 | 4 | Andreas Steffen | * "PRE31-C. Avoid side-effects in arguments to unsafe macros":https://www.securecoding.cert.org/confluence/display/seccode/PRE31-C.+Avoid+side-effects+in+arguments+to+unsafe+macros |
| 40 | 4 | Andreas Steffen | |
| 41 | 4 | Andreas Steffen | * "PRE32-C. Do not use preprocessor directives inside macro arguments":https://www.securecoding.cert.org/confluence/display/seccode/PRE32-C.+Do+not+use+preprocessor+directives+inside+macro+arguments |
| 42 | 3 | Andreas Steffen | |
| 43 | 3 | Andreas Steffen | h3. No Adherence |
| 44 | 3 | Andreas Steffen | |
| 45 | 3 | Andreas Steffen | * "PRE08-C. Guarantee that header file names are unique":https://www.securecoding.cert.org/confluence/display/seccode/PRE08-C.+Guarantee+that+header+file+names+are+unique |
| 46 | 2 | Andreas Steffen | |
| 47 | 1 | Andreas Steffen | h2. Declarations and Initialization (DCL) |
| 48 | 1 | Andreas Steffen | |
| 49 | 6 | Andreas Steffen | h3. Full Adherence |
| 50 | 6 | Andreas Steffen | |
| 51 | 6 | Andreas Steffen | * "DCL01-C. Do not reuse variable names in subscopes":https://www.securecoding.cert.org/confluence/display/seccode/DCL01-C.+Do+not+reuse+variable+names+in+subscopes |
| 52 | 6 | Andreas Steffen | |
| 53 | 6 | Andreas Steffen | * "DCL02-C. Use visually distinct identifiers":https://www.securecoding.cert.org/confluence/display/seccode/DCL02-C.+Use+visually+distinct+identifiers |
| 54 | 6 | Andreas Steffen | |
| 55 | 6 | Andreas Steffen | h3. No Adherence |
| 56 | 6 | Andreas Steffen | |
| 57 | 6 | Andreas Steffen | * "DCL00-C. Const-qualify immutable objects":https://www.securecoding.cert.org/confluence/display/seccode/DCL00-C.+Const-qualify+immutable+objects |
| 58 | 6 | Andreas Steffen | |
| 59 | 6 | Andreas Steffen | * "DCL03-C. Use a static assertion to test the value of a constant expression":https://www.securecoding.cert.org/confluence/display/seccode/DCL03-C.+Use+a+static+assertion+to+test+the+value+of+a+constant+expression |
| 60 | 6 | Andreas Steffen | |
| 61 | 1 | Andreas Steffen | h2. Expressions (EXP) |
| 62 | 1 | Andreas Steffen | |
| 63 | 1 | Andreas Steffen | h2. Integers (INT) |
| 64 | 1 | Andreas Steffen | |
| 65 | 1 | Andreas Steffen | h2. Floating Point (FLP) |
| 66 | 1 | Andreas Steffen | |
| 67 | 1 | Andreas Steffen | h2. Arrays (ARR) |
| 68 | 1 | Andreas Steffen | |
| 69 | 1 | Andreas Steffen | h2. Characters and Strings (STR) |
| 70 | 1 | Andreas Steffen | |
| 71 | 1 | Andreas Steffen | h2. Memory Management (MEM) |
| 72 | 1 | Andreas Steffen | |
| 73 | 1 | Andreas Steffen | h2. Input Output (FIO) |
| 74 | 1 | Andreas Steffen | |
| 75 | 1 | Andreas Steffen | h2. Environment (ENV) |
| 76 | 1 | Andreas Steffen | |
| 77 | 1 | Andreas Steffen | h2. Signals (SIG) |
| 78 | 1 | Andreas Steffen | |
| 79 | 1 | Andreas Steffen | h2. Error Handling (ERR) |
| 80 | 1 | Andreas Steffen | |
| 81 | 1 | Andreas Steffen | h2. Application Programming Interfaces (API) |
| 82 | 1 | Andreas Steffen | |
| 83 | 1 | Andreas Steffen | h2. Concurrency (CON) |
| 84 | 1 | Andreas Steffen | |
| 85 | 1 | Andreas Steffen | h2. Miscellaneous (MSC) |
| 86 | 1 | Andreas Steffen | |
| 87 | 1 | Andreas Steffen | h2. POSIX (POS) |