DATASHEET

TS 17961 Rule Enforcement

(ISO/IEC TS 17961 Information Technology — Programming languages, their environments and system software interfaces — C Secure Coding Rules)

ENFORCEMENT HELIX QAC 2023.4

  

Total

a

Total Number of Rules

46

b

Total Number of ‘Not Statically Enforceable’ Rules (Assisted/Unassisted)

0

c

Total Number of Enforceable Rules (a-b)

46

d

Total Number of Enforced Rules

45

e

Total Number of Unenforced Rules

1

f

Enforce Rules Percentage (d/c)

98%

g

Unenforced Rules Percentage (e/c)

2%

Rule

Rule Description

Enforced

5.01

Accessing an object through a pointer to an incompatible type [ptrcomp].

Yes

5.02

Accessing freed memory [accfree].

Yes

5.03

Accessing shared objects in signal handlers [accsig].

Yes

5.04

No assignment in conditional expressions [boolasgn].

Yes

5.05

Calling functions in the C Standard Library other than abort, _Exit, and signal from within a signal handler [asyncsig].

Yes

5.06

Calling functions with incorrect arguments [argcomp].

Yes

5.07

Calling signal from interruptible signal handlers [sigcall].

Yes

5.08

Calling system [syscall].

Yes

5.09

Comparison of padding data [padcomp].

Yes

5.1

Converting a pointer to integer or integer to pointer [intptrconv].

Yes

5.11

Converting pointer values to more strictly aligned pointer types [alignconv].

Yes

5.12

Copying a FILE object [filecpy].

Yes

5.13

Declaring the same function or object in incompatible ways [funcdecl].

Yes

5.14

Dereferencing an out-ofdomain pointer [nullref].

Yes

5.15

Escaping of the address of an automatic object [addrescape].

Yes

5.16

Conversion of signed characters to wider integer types before a check for EOF [signconv].

Yes

5.17

Use of an implied default in a switch statement [swtchdflt].

Yes

5.18

Failing to close files or free dynamic memory when they are no longer needed [fileclose].

Yes

5.19

Failing to detect and handle standard library errors [liberr].

Yes

5.2

Forming invalid pointers by library function [libptr].

Yes

5.21

Allocating insufficient memory [insufmem].

Yes

5.22

Forming or using out-of-bounds pointers or array subscripts [invptr].

Yes

5.23

Freeing memory multiple times [dblfree].

Yes

5.24

Including tainted or out-of-domain input in a format string [usrfmt].

Yes

5.25

Incorrectly setting and using errno [inverrno].

Yes

5.26

Integer division errors [diverr].

Yes

5.27

Interleaving stream inputs and outputs without a flush or positioning call [ioileave].

Yes

5.28

Modifying string literals [strmod].

Yes

5.29

Modifying the string returned by getenv, localeconv, setlocale, and strerror [libmod].

Yes

5.3

Overflowing signed integers [intoflow].

Yes

5.31

Passing a non-null-terminated character sequence to a library function that expects a string [nonnullcs].

Yes

5.32

Passing arguments to character-handling functions that are not representable as unsigned char [chrsgnext].

Yes

5.33

Passing pointers into the same object as arguments to different restrict-qualified parameters [restrict].

Yes

5.34

Reallocating or freeing memory that was not dynamically allocated [xfree].

Yes

5.35

Referencing uninitialized memory [uninitref].

Yes

5.36

Subtracting or comparing two pointers that do not refer to the same array [ptrobj].

Yes

5.37

Tainted strings are passed to a string copying function [taintstrcpy].

Yes

5.38

Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr].

Yes

5.39

Using a tainted value as an argument to an unprototyped function pointer [taintnoproto].

No

5.4

Using a tainted value to write to an object using a formatted input or output function [taintformatio].

Yes

5.41

Using a value for fsetpos other than a value returned from fgetpos [xfilepos].

Yes

5.42

Using an object overwritten by getenv, localeconv, setlocale, and strerror [libuse].

Yes

5.43

Using character values that are indistinguishable from EOF [chreof]

Yes

5.44

Using identifiers that are reserved for the implementation [resident]..

Yes

5.45

Using invalid format strings [invfmtstr].

Yes

5.46

Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink [taintsink].

Yes