Reglas CERT C++
Lista y descripción de las reglas sobre el estándar CERT C++ compatibles con Polyspace®
CERT C++ es un conjunto de directrices de codificación destinadas a personal de desarrollo de software. Se centra en la codificación segura en el lenguaje C++. Estas directrices ayudan a eliminar construcciones con comportamiento indefinido, que pueden provocar resultados inesperados en tiempo de ejecución y exponer debilidades de seguridad. Para comprobar la cobertura de las reglas CERT C++ por parte de Polyspace, consulte Polyspace Support for Coding Standards. Polyspace Puede comprobar el código conforme al estándar CERT C++. Utilice la opción de análisis Comprobar SEI CERT-C++ (-cert-cpp) para activar subconjuntos de reglas.
Resultados de Polyspace
CERT C++: DCL30-C | Declare objects with appropriate storage durations |
CERT C++: DCL39-C | Avoid information leakage in structure padding |
CERT C++: DCL40-C | Do not create incompatible declarations of the same function or object |
CERT C++: DCL50-CPP | Do not define a C-style variadic function |
CERT C++: DCL51-CPP | Do not declare or define a reserved identifier |
CERT C++: DCL52-CPP | Never qualify a reference type with const or volatile |
CERT C++: DCL53-CPP | Do not write syntactically ambiguous declarations |
CERT C++: DCL54-CPP | Overload allocation and deallocation functions as a pair in the same scope |
CERT C++:
DCL55-CPP | Avoid information leakage when passing a class object across a trust boundary (Desde R2022b) |
CERT C++:
DCL56-CPP | Avoid cycles during initialization of static objects (Desde R2022b) |
CERT C++: DCL57-CPP | Do not let exceptions escape from destructors or deallocation functions |
CERT C++:
DCL58-CPP | Do not modify the standard namespaces |
CERT C++:
DCL59-CPP | Do not define an unnamed namespace in a header file |
CERT C++: DCL60-CPP | Obey the one-definition rule |
CERT C++: EXP34-C | Do not dereference null pointers |
CERT C++: EXP35-C | Do not modify objects with temporary lifetime |
CERT C++: EXP36-C | Do not cast pointers into more strictly aligned pointer types |
CERT C++: EXP37-C | Call functions with the correct number and type of arguments |
CERT C++: EXP39-C | Do not access a variable through a pointer of an incompatible type |
CERT C++: EXP42-C | Do not compare padding data |
CERT C++: EXP45-C | Do not perform assignments in selection statements |
CERT C++: EXP46-C | Do not use a bitwise operator with a Boolean-like operand |
CERT C++: EXP47-C | Do not call va_arg with an argument of the incorrect type |
CERT C++: EXP50-CPP | Do not depend on the order of evaluation for side effects |
CERT C++:
EXP51-CPP | Do not delete an array through a pointer of the incorrect type (Desde R2022b) |
CERT C++: EXP52-CPP | Do not rely on side effects in unevaluated operands |
CERT C++: EXP53-CPP | Do not read uninitialized memory |
CERT C++: EXP54-CPP | Do not access an object outside of its lifetime |
CERT C++: EXP55-CPP | Do not access a cv-qualified object through a cv-unqualified type |
CERT C++:
EXP56-CPP | Do not call a function with a mismatched language linkage (Desde R2023b) |
CERT C++: EXP57-CPP | Do not cast or delete pointers to incomplete classes |
CERT C++: EXP58-CPP | Pass an object of the correct type to va_start |
CERT C++: EXP59-CPP | Use offsetof() on valid types and members |
CERT C++:
EXP60-CPP | Do not pass a nonstandard-layout type object across execution boundaries (Desde R2023b) |
CERT C++:
EXP61-CPP | A lambda object must not outlive any of its reference captured objects |
CERT C++:
EXP62-CPP | Do not access the bits of an object representation that are not part of the object's value representation (Desde R2022b) |
CERT C++:
EXP63-CPP | Do not rely on the value of a moved-from object (Desde R2021a) |
CERT C++: INT30-C | Ensure that unsigned integer operations do not wrap |
CERT C++: INT31-C | Ensure that integer conversions do not result in lost or misinterpreted data |
CERT C++: INT32-C | Ensure that operations on signed integers do not result in overflow |
CERT C++: INT33-C | Ensure that division and remainder operations do not result in divide-by-zero errors |
CERT C++: INT34-C | Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand |
CERT C++: INT35-C | Use correct integer precisions |
CERT C++: INT36-C | Converting a pointer to integer or integer to pointer |
CERT C++:
INT50-CPP | Do not cast to an out-of-range enumeration value (Desde R2023b) |
CERT C++: ARR30-C | Do not form or use out-of-bounds pointers or array subscripts |
CERT C++: ARR37-C | Do not add or subtract an integer to a pointer to a non-array object |
CERT C++: ARR38-C | Guarantee that library functions do not form invalid pointers |
CERT C++: ARR39-C | Do not add or subtract a scaled integer to a pointer |
CERT C++: CTR50-CPP | Guarantee that container indices and iterators are within the valid range |
CERT C++:
CTR51-CPP | Use valid references, pointers, and iterators to reference elements of a container (Desde R2022a) |
CERT C++:
CTR52-CPP | Guarantee that library functions do not overflow (Desde R2022b) |
CERT C++:
CTR53-CPP | Use valid iterator ranges (Desde R2022b) |
CERT C++:
CTR54-CPP | Do not subtract iterators that do not refer to the same container (Desde R2022b) |
CERT C++:
CTR55-CPP | Do not use an additive operator on an iterator if the result would overflow (Desde R2022b) |
CERT C++:
CTR56-CPP | Do not use pointer arithmetic on polymorphic objects (Desde R2023a) |
CERT C++:
CTR57-CPP | Provide a valid ordering predicate (Desde R2022a) |
CERT C++:
CTR58-CPP | Predicate function objects should not be mutable (Desde R2022a) |
CERT C++: STR30-C | Do not attempt to modify string literals |
CERT C++: STR31-C | Guarantee that storage for strings has sufficient space for character data and the null terminator |
CERT C++: STR32-C | Do not pass a non-null-terminated character sequence to a library function that expects a string |
CERT C++: STR34-C | Cast characters to unsigned char before converting to larger integer sizes |
CERT C++: STR37-C | Arguments to character-handling functions must be representable as an unsigned char |
CERT C++: STR38-C | Do not confuse narrow and wide character strings and functions |
CERT C++: STR50-CPP | Guarantee that storage for strings has sufficient space for character data and the null terminator |
CERT C++:
STR51-CPP | Do not attempt to create a std::string from a null pointer (Desde R2022b) |
CERT C++:
STR52-CPP | Use valid references, pointers, and iterators to reference elements of a basic_string (Desde R2022b) |
CERT C++: STR53-CPP | Range check element access |
CERT C++: MEM30-C | Do not access freed memory |
CERT C++: MEM31-C | Free dynamically allocated memory when no longer needed |
CERT C++: MEM34-C | Only free memory allocated dynamically |
CERT C++: MEM35-C | Allocate sufficient memory for an object |
CERT C++: MEM36-C | Do not modify the alignment of objects by calling realloc() |
CERT C++: MEM50-CPP | Do not access freed memory |
CERT C++: MEM51-CPP | Properly deallocate dynamically allocated resources |
CERT C++: MEM52-CPP | Detect and handle memory allocation errors |
CERT C++:
MEM53-CPP | Explicitly construct and destruct objects when manually managing object lifetime (Desde R2022b) |
CERT C++: MEM54-CPP | Provide placement new with properly aligned pointers to sufficient storage capacity |
CERT C++: MEM55-CPP | Honor replacement dynamic storage management requirements |
CERT C++: MEM56-CPP | Do not store an already-owned pointer value in an unrelated smart pointer (Desde R2021a) |
CERT C++: MEM57-CPP | Avoid using default operator new for over-aligned types |
CERT C++: FIO30-C | Exclude user input from format strings |
CERT C++: FIO32-C | Do not perform operations on devices that are only appropriate for files |
CERT C++: FIO34-C | Distinguish between characters read from a file and EOF or WEOF |
CERT C++: FIO37-C | Do not assume that fgets() or fgetws() returns a nonempty string when successful |
CERT C++: FIO38-C | Do not copy a FILE object |
CERT C++: FIO39-C | Do not alternately input and output from a stream without an intervening flush or positioning call |
CERT C++: FIO40-C | Reset strings on fgets() or fgetws() failure |
CERT C++: FIO41-C | Do not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects |
CERT C++: FIO42-C | Close files when they are no longer needed |
CERT C++: FIO44-C | Only use values for fsetpos() that are returned from fgetpos() |
CERT C++: FIO45-C | Avoid TOCTOU race conditions while accessing files |
CERT C++: FIO46-C | Do not access a closed file |
CERT C++: FIO47-C | Use valid format strings |
CERT C++: FIO50-CPP | Do not alternately input and output from a file stream without an intervening positioning call |
CERT C++: FIO51-CPP | Close files when they are no longer needed |
CERT C++: ERR30-C | Set errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure |
CERT C++: ERR32-C | Do not rely on indeterminate values of errno |
CERT C++: ERR33-C | Detect and handle standard library errors |
CERT C++: ERR34-C | Detect errors when converting a string to a number |
CERT C++: ERR50-CPP | Do not abruptly terminate the program |
CERT C++: ERR51-CPP | Handle all exceptions |
CERT C++: ERR52-CPP | Do not use setjmp() or longjmp() |
CERT C++: ERR53-CPP | Do not reference base classes or class data members in a constructor or destructor function-try-block handler |
CERT C++: ERR54-CPP | Catch handlers should order their parameter types from most derived to least derived |
CERT C++:
ERR55-CPP | Honor exception specifications |
CERT C++:
ERR56-CPP | Guarantee exception safety (Desde R2022a) |
CERT C++:
ERR57-CPP | Do not leak resources when handling exceptions (Desde R2021a) |
CERT C++:
ERR58-CPP | Handle all exceptions thrown before main() begins executing |
CERT C++:
ERR59-CPP | Do not throw an exception across execution boundaries (Desde R2022b) |
CERT C++:
ERR60-CPP | Exception objects must be nothrow copy constructible (Desde R2021a) |
CERT C++: ERR61-CPP | Catch exceptions by lvalue reference |
CERT C++:
ERR62-CPP | Detect errors when converting a string to a number (Desde R2023b) |
CERT C++:
OOP50-CPP | Do not invoke virtual functions from constructors or destructors (Desde R2021a) |
CERT C++: OOP51-CPP | Do not slice derived objects |
CERT C++: OOP52-CPP | Do not delete a polymorphic object without a virtual destructor |
CERT C++:
OOP53-CPP | Write constructor member initializers in the canonical order |
CERT C++: OOP54-CPP | Gracefully handle self-copy assignment |
CERT C++: OOP55-CPP | Do not use pointer-to-member operators to access nonexistent members (Desde R2022a) |
CERT C++:
OOP56-CPP | Honor replacement handler requirements (Desde R2023b) |
CERT C++: OOP57-CPP | Prefer special member functions and overloaded operators to C Standard Library functions |
CERT C++: OOP58-CPP | Copy operations must not mutate the source object |
CERT C++: CON33-C | Avoid race conditions when using library functions |
CERT C++: CON37-C | Do not call signal() in a multithreaded program |
CERT C++: CON40-C | Do not refer to an atomic variable twice in an expression |
CERT C++: CON41-C | Wrap functions that can fail spuriously in a loop |
CERT C++: CON43-C | Do not allow data races in multithreaded code |
CERT C++: CON50-CPP | Do not destroy a mutex while it is locked |
CERT C++: CON51-CPP | Ensure actively held locks are released on exceptional conditions (Desde R2023b) |
CERT C++: CON52-CPP | Prevent data races when accessing bit-fields from multiple threads |
CERT C++: CON53-CPP | Avoid deadlock by locking in a predefined order |
CERT C++: CON54-CPP | Wrap functions that can spuriously wake up in a loop |
CERT C++: CON55-CPP | Preserve thread safety and liveness when using condition variables (Desde R2023b) |
CERT C++: CON56-CPP | Do not speculatively lock a non-recursive mutex that is already owned by the calling thread (Desde R2023b) |
CERT C++: ENV30-C | Do not modify the object referenced by the return value of certain functions |
CERT C++: ENV31-C | Do not rely on an environment pointer following an operation that may invalidate it |
CERT C++: ENV32-C | All exit handlers must return normally |
CERT C++: ENV33-C | Do not call system() |
CERT C++: ENV34-C | Do not store pointers returned by certain functions |
CERT C++: FLP30-C | Do not use floating-point variables as loop counters |
CERT C++: FLP32-C | Prevent or detect domain and range errors in math functions |
CERT C++: FLP34-C | Ensure that floating-point conversions are within range of the new type |
CERT C++: FLP36-C | Preserve precision when converting integral values to floating-point type |
CERT C++: FLP37-C | Do not use object representations to compare floating-point values |
CERT C++: MSC30-C | Do not use the rand() function for generating pseudorandom numbers |
CERT C++: MSC32-C | Properly seed pseudorandom number generators |
CERT C++: MSC33-C | Do not pass invalid data to the asctime() function |
CERT C++: MSC37-C | Ensure that control never reaches the end of a non-void function |
CERT C++: MSC38-C | Do not treat a predefined identifier as an object if it might only be implemented as a macro |
CERT C++: MSC39-C | Do not call va_arg() on a va_list that has an indeterminate value |
CERT C++: MSC40-C | Do not violate constraints |
CERT C++:
MSC41-C | Never hard code sensitive information |
CERT C++: MSC50-CPP | Do not use std::rand() for generating pseudorandom numbers |
CERT C++: MSC51-CPP | Ensure your random number generator is properly seeded |
CERT C++: MSC52-CPP | Value-returning functions must return a value from all exit paths |
CERT C++:
MSC53-CPP | Do not return from a function declared [[noreturn]] |
CERT C++:
MSC54-CPP | A signal handler must be a plain old function (Desde R2023b) |
CERT C++: PRE30-C | Do not create a universal character name through concatenation |
CERT C++: PRE31-C | Avoid side effects in arguments to unsafe macros |
CERT C++: PRE32-C | Do not use preprocessor directives in invocations of function-like macros |
CERT C++: SIG31-C | Do not access shared objects in signal handlers |
CERT C++: SIG34-C | Do not call signal() from within interruptible signal handlers |
CERT C++: SIG35-C | Do not return from a computational exception signal handler |
Temas
- Polyspace Support for Coding Standards
Check the Polyspace support for different coding standards.
- Check for and Review Coding Standard Violations
Check for violations of AUTOSAR C++14, CERT® C, CERT C++, CWE, MISRA C™, MISRA™ C++, JSF AV C++, or ISO-17961 standards with Polyspace Bug Finder.
MATLAB Command
You clicked a link that corresponds to this MATLAB command:
Run the command by entering it in the MATLAB Command Window. Web browsers do not support MATLAB commands.
Seleccione un país/idioma
Seleccione un país/idioma para obtener contenido traducido, si está disponible, y ver eventos y ofertas de productos y servicios locales. Según su ubicación geográfica, recomendamos que seleccione: .
También puede seleccionar uno de estos países/idiomas:
Cómo obtener el mejor rendimiento
Seleccione China (en idioma chino o inglés) para obtener el mejor rendimiento. Los sitios web de otros países no están optimizados para ser accedidos desde su ubicación geográfica.
América
- América Latina (Español)
- Canada (English)
- United States (English)
Europa
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)