JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.
If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.
If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.
| CodeSonar® 9.2p0 | CONFIDENTIAL | CodeSecure Inc |
The categories list for each CodeSonar warning includes any relevant rule identifiers from ISO/IEC TS 17961 "C Secure Coding Rules Technical Specification".
A broader set of correspondences between ISO/IEC TS 17961 rule identifiers and CodeSonar warning classes is shown in Broad Mapping: ISO/IEC TS 17961.
A CSV version of this table is provided in TS17961-mapping.csv.
The categories list for each CodeSonar warning includes any relevant rule identifiers from ISO/IEC TS 17961 "C Secure Coding Rules Technical Specification".
This version of CodeSonar (9.2p0) uses ISO/IEC TS 17961:2013, published November, 2013.
The following table shows the CodeSonar warning classes that are associated with ISO/IEC TS 17961 rules.
| TS17961 | C Warning Classes |
|---|---|
| TS17961:5.1-ptrcomp Accessing an object through a pointer to an incompatible type |
|
| TS17961:5.2-accfree Accessing freed memory | |
| TS17961:5.3-accsig Accessing shared objects in signal handlers | |
| TS17961:5.4-boolasgn No assignment in conditional expressions | |
| TS17961:5.5-asyncsig Calling functions in the C Standard Library other than abort, _Exit, and signal from within a signal handler | |
| TS17961:5.6-argcomp Calling functions with incorrect arguments | |
| TS17961:5.7-sigcall Calling signal from interruptible signal handlers | |
| TS17961:5.8-syscall Calling system | |
| TS17961:5.9-padcomp Comparison of padding data | - |
| TS17961:5.10-intptrconv Converting a pointer to integer or integer to pointer | |
| TS17961:5.11-alignconv Converting pointer values to more strictly aligned pointer types | - |
| TS17961:5.12-filecpy Copying a FILE object | |
| TS17961:5.13-funcdecl Declaring the same function or object in incompatible ways | |
| TS17961:5.14-nullref Dereferencing an out-of-domain pointer | |
| TS17961:5.15-addrescape Escaping of the address of an automatic object | |
| TS17961:5.16-signconv Conversion of signed characters to wider integer types before a check for EOF | |
| TS17961:5.17-swtchdflt Use of an implied default in a switch statement | |
| TS17961:5.18-fileclose Failing to close files or free dynamic memory when they are no longer needed | |
| TS17961:5.19-liberr Failing to detect and handle standard library errors | |
| TS17961:5.20-libptr Forming invalid pointers by library function | - |
| TS17961:5.21-invptr Forming or using out-of-bounds pointers or array subscripts | |
| TS17961:5.22-dblfree Freeing memory multiple times | |
| TS17961:5.23-usrfmt Including tainted or out-of-domain input in a format string | |
| TS17961:5.24-inverrno Incorrectly setting and using errno | |
| TS17961:5.25-diverr Integer division errors | |
| TS17961:5.26-ioileave Interleaving stream inputs and outputs without a flush or positioning call | - |
| TS17961:5.27-strmod Modifying string literals | |
| TS17961:5.28-libmod Modifying the string returned by getenv, localeconv, setlocale, and strerror | |
| TS17961:5.29-intoflow Overflowing signed integers | |
| TS17961:5.30-nonnullstr Passing a non-null-terminated string to a library function | |
| TS17961:5.31-chrsgnext Passing arguments to character-handling functions that are not representable as unsigned char | |
| TS17961:5.32-restrict Passing pointers into the same object as arguments to different restrict-qualified parameters | |
| TS17961:5.33-xfree Reallocating or freeing memory that was not dynamically allocated | |
| TS17961:5.34-uninitref Referencing uninitialized memory | |
| TS17961:5.35-ptrobj Subtracting or comparing two pointers that do not refer to the same array | |
| TS17961:5.36-taintstrcpy Tainted strings are passed to a string copying function | |
| TS17961:5.37-sizeofptr Taking the size of a pointer to determine the size of the pointed-to type | |
| TS17961:5.38-taintnoproto Using a tainted value as an argument to an unprototyped function pointer | |
| TS17961:5.39-taintformatio Using a tainted value to write to an object using a formatted input or output function | |
| TS17961:5.40-xfilepos Using a value for fsetpos other than a value returned from fgetpos | - |
| TS17961:5.41-libuse Using an object overwritten by getenv, localeconv, setlocale, and strerror | - |
| TS17961:5.42-chreof Using character values that are indistinguishable from EOF | - |
| TS17961:5.43-resident Using identifiers that are reserved for the implementation | - |
| TS17961:5.44-invfmtstr Using invalid format strings | |
| TS17961:5.45-taintsink Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink |
|
CodeSonar ships with a taxonomy preset for TS17961 checks:
| ts17961 |
Enables warning classes such that a given class C is
enabled if all of the following are true.
|
You can apply the ts17961 preset to the CodeSonar build/analysis as shown in the following table.
| Command Line |
Specify -preset ts17961 as part of your
build/analysis command. For example:
codesonar analyze MyProj -preset ts17961 localhost:7340 make
|
|---|---|
| Define as a default preset | Copy ts17961.conf from $CSONAR/codesonar/presets/ to $CSONAR/codesonar/default_presets/. OR Use the CodeSonar Configuration Tool Modify Analysis Settings option. |
| Windows Build Wizard | Select ts17961 from the Preset list on screen 2. |
| Eclipse Plug-In | Select ts17961 from the Presets list in the Properties dialog. |
| Visual Studio Plug-In | Select ts17961 from the Presets list in the Project Properties dialog. |
To enable checks for all the warning classes associated with a specific ISO/IEC TS 17961 rule with number num and short name name, include the following in the project configuration file:
WARNING_FILTER += allow categories:"TS17961:num-name"
For example:
WARNING_FILTER += allow categories:"TS17961:5.1-ptrcomp"
To enable checks for several rules, include several WARNING_FILTER lines of this form.
To enable a single warning class check, follow the instructions in the documentation for the corresponding warning class. Warning class documentation links are provided above.
To report problems with this documentation, please visit https://support.codesecure.com/.