# This file was generated from template 'codesonar/presets/certc.conf.in' # # enables warning classes related to the guidelines in the SEI CERT C # Coding Standard # # This part of this file was generated from 'cso_wcmanifest.py' # # At least one of the classes enabled by this preset requires unnormalized C ASTs RETAIN_UNNORMALIZED_C_AST = Yes # At least one of the classes enabled by this preset is incompatible with incremental analysis. INCREMENTAL_BUILD = No # CERT-C:PRE30-C: Do not create a universal character name through concatenation WARNING_FILTER += allow class="## Follows # Operator" # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Addition Overflow of Allocation Size" # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow WARNING_FILTER += allow class="Addition Overflow of Size" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Arctangent Domain Error" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Argument Too High" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Argument Too Low" # CERT-C:EXP37-C: Call functions with the correct number and type of arguments WARNING_FILTER += allow class="Array Parameter Mismatch" # CERT-C:ARR00-C: Understand how arrays work # CERT-C:EXP35-C: Do not modify objects with temporary lifetime WARNING_FILTER += allow class="Array to Pointer Conversion on Temporary Object" # "Assignment Result in Expression" is not enabled by this preset. # - All of its relevant categories are more closely related to other classes that are enabled by the preset. # - CERT-C:EXP45-C is better matched by "Assignment in Conditional" # CERT-C:EXP45-C: Do not perform assignments in selection statements WARNING_FILTER += allow class="Assignment in Conditional" # CERT-C:MSC09-C: Character encoding: Use subset of ASCII for safety WARNING_FILTER += allow class="Bad Token" # CERT-C:INT01-C: Use rsize_t or size_t for all integer values representing the size of an object WARNING_FILTER += allow class="Basic Numerical Type Used" # CERT-C:INT12-C: Do not make assumptions about the type of a plain int bit-field when used in an expression WARNING_FILTER += allow class="Bit-field Signedness Not Explicit" # CERT-C:CON05-C: Do not perform operations that can block while holding a lock # CERT-C:POS52-C: Do not perform operations that can block while holding a POSIX lock # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Blocking in Critical Section" # CERT-C:MSC20-C: Do not use a switch statement to transfer control into a complex block # This check is enabled by default for the language(s) C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Branch Into Handler" # CERT-C:MSC20-C: Do not use a switch statement to transfer control into a complex block # This check is enabled by default for the language(s) C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Branch Into try Block" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR38-C: Guarantee that library functions do not form invalid pointers # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:ENV01-C: Do not make assumptions about the size of an environment variable # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:MEM35-C: Allocate sufficient memory for an object # CERT-C:POS30-C: Use the readlink() function properly # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator # CERT-C:STR38-C: Do not confuse narrow and wide character strings and functions # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Buffer Overrun" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR38-C: Guarantee that library functions do not form invalid pointers # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:FIO37-C: Do not assume that fgets() or fgetws() returns a nonempty string when successful # CERT-C:MEM35-C: Allocate sufficient memory for an object # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Buffer Underrun" # CERT-C:API07-C: Enforce type safety # CERT-C:INT02-C: Understand integer conversion rules # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cast Alters Value" # CERT-C:DCL00-C: Const-qualify immutable objects # CERT-C:EXP05-C: Do not cast away a const qualification WARNING_FILTER += allow class="Cast Removes const Qualifier" # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data WARNING_FILTER += allow class="Cast: Arithmetic Type/Void Pointer" # CERT-C:EXP36-C: Do not cast pointers into more strictly aligned pointer types WARNING_FILTER += allow class="Cast: Object Pointers" # CERT-C:EXP36-C: Do not cast pointers into more strictly aligned pointer types WARNING_FILTER += allow class="Cast: Virtual Base to Derived" # CERT-C:API07-C: Enforce type safety # CERT-C:FIO34-C: Distinguish between characters read from a file and EOF or WEOF # CERT-C:INT02-C: Understand integer conversion rules # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Coercion Alters Value" # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data # CERT-C:INT36-C: Converting a pointer to integer or integer to pointer WARNING_FILTER += allow class="Coercion: Integer Constant to Pointer" # CERT-C:ENV33-C: Do not call system() # CERT-C:STR02-C: Sanitize data passed to complex subsystems # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Command Injection" # CERT-C:ARR36-C: Do not subtract or compare two pointers that do not refer to the same array # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Comparison of Unrelated Pointers" # "Condition Contains Side Effects" is not enabled by this preset. # - All of its relevant categories are more closely related to other classes that are enabled by the preset. # - CERT-C:EXP45-C is better matched by "Assignment in Conditional" # CERT-C:CON35-C: Avoid deadlock by locking in a predefined order # CERT-C:POS51-C: Avoid deadlock with POSIX threads by locking in predefined order WARNING_FILTER += allow class="Conflicting Lock Order" # CERT-C:DCL16-C: Use "L," not "l," to indicate a long value WARNING_FILTER += allow class="Confusing Literal Suffix" # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data # CERT-C:INT36-C: Converting a pointer to integer or integer to pointer WARNING_FILTER += allow class="Conversion: Pointer/Integer" # CERT-C:CON07-C: Ensure that compound operations on shared variables are atomic # CERT-C:CON32-C: Prevent data races when accessing bit-fields from multiple threads # CERT-C:CON43-C: Do not allow data races in multithreaded code # CERT-C:POS49-C: When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed # CERT-C:SIG31-C: Do not access shared objects in signal handlers WARNING_FILTER += allow class="Data Race" # CERT-C:MEM33-C: Allocate and copy structures containing a flexible array member dynamically WARNING_FILTER += allow class="Declaration of Flexible Array Member" # CERT-C:DCL37-C: Do not declare or define a reserved identifier WARNING_FILTER += allow class="Declaration of Reserved Name" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Declaration of Variable Length Array" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Declared but Not Referenced" # CERT-C:MSC32-C: Properly seed pseudorandom number generators WARNING_FILTER += allow class="Default Initialization of Random Number Generator" # CERT-C:MSC32-C: Properly seed pseudorandom number generators WARNING_FILTER += allow class="Default Seed in PRNG" # CERT-C:MSC24-C: Do not use deprecated or obsolescent functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Deprecated Entity" # CERT-C:EXP36-C: Do not cast pointers into more strictly aligned pointer types WARNING_FILTER += allow class="Derived Class From Virtual Base" # CERT-C:INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Division By Zero" # CERT-C:MEM00-C: Allocate and free memory in the same module, at the same level of abstraction # CERT-C:MEM01-C: Store a new value in pointers immediately after free() # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Double Free" # CERT-C:POS48-C: Do not unlock or destroy another POSIX thread's mutex # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Double Unlock" # CERT-C:DCL11-C: Understand the type issues associated with variadic functions WARNING_FILTER += allow class="Ellipsis" # CERT-C:EXP15-C: Do not place a semicolon on the same line as an if, for, or while statement # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty Branch Statement" # CERT-C:EXP15-C: Do not place a semicolon on the same line as an if, for, or while statement # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty for Statement" # CERT-C:EXP15-C: Do not place a semicolon on the same line as an if, for, or while statement # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty if Statement" # CERT-C:EXP15-C: Do not place a semicolon on the same line as an if, for, or while statement # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty switch Statement" # CERT-C:EXP15-C: Do not place a semicolon on the same line as an if, for, or while statement # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty while Statement" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Explicit Zero Alignment" # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size WARNING_FILTER += allow class="Expression Value Widened by Assignment" # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size WARNING_FILTER += allow class="Expression Value Widened by Other Operand" # CERT-C:FIO24-C: Do not open a file that is already open # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="File Open for Both Read and Write" # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO24-C: Do not open a file that is already open # CERT-C:FIO45-C: Avoid TOCTOU race conditions while accessing files # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="File System Race Condition" # CERT-C:INT33-C: Ensure that division and remainder operations do not result in divide-by-zero errors # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Float Division By Zero" # CERT-C:FLP00-C: Understand the limitations of floating-point numbers WARNING_FILTER += allow class="Float Multiplication Overflow" # CERT-C:FLP30-C: Do not use floating-point variables as loop counters WARNING_FILTER += allow class="Float-typed Loop Counter" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Floating Point Domain Error" # CERT-C:FLP00-C: Understand the limitations of floating-point numbers # CERT-C:FLP02-C: Avoid using floating-point numbers when precise computation is needed WARNING_FILTER += allow class="Floating Point Equality" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Floating Point Range Error" # CERT-C:FIO30-C: Exclude user input from format strings # CERT-C:FIO47-C: Use valid format strings # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format String" # CERT-C:FIO30-C: Exclude user input from format strings # CERT-C:FIO47-C: Use valid format strings # CERT-C:STR02-C: Sanitize data passed to complex subsystems # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format String Injection" # CERT-C:FIO47-C: Use valid format strings # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format String Type Error" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Function Call Has No Effect" # CERT-C:PRE00-C: Prefer inline or static functions to function-like macros # CERT-C:PRE31-C: Avoid side effects in arguments to unsafe macros WARNING_FILTER += allow class="Function-Like Macro" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # CERT-C:MSC23-C: Beware of vendor-specific library and language differences # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Gamma on Zero" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Global Variable Declared with Different Types" # CERT-C:API07-C: Enforce type safety # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="GlobalHandle on GMEM_FIXED Memory" # CERT-C:API07-C: Enforce type safety # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="GlobalLock on GMEM_FIXED Memory" # CERT-C:API07-C: Enforce type safety # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="GlobalUnlock on GMEM_FIXED Memory" # CERT-C:MSC18-C: Be careful while handling sensitive data, such as passwords, in program code # CERT-C:MSC41-C: Never hard code sensitive information # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Authentication" # CERT-C:MSC18-C: Be careful while handling sensitive data, such as passwords, in program code # CERT-C:MSC41-C: Never hard code sensitive information # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Crypto Key" # CERT-C:MSC18-C: Be careful while handling sensitive data, such as passwords, in program code # CERT-C:MSC41-C: Never hard code sensitive information # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Crypto Salt" # CERT-C:MSC41-C: Never hard code sensitive information WARNING_FILTER += allow class="Hardcoded DNS Name" # CERT-C:MSC32-C: Properly seed pseudorandom number generators # CERT-C:MSC41-C: Never hard code sensitive information # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Seed in PRNG" # CERT-C:MSC21-C: Use robust loop termination conditions WARNING_FILTER += allow class="High Risk Loop" # CERT-C:ERR33-C: Detect and handle standard library errors # CERT-C:EXP12-C: Do not ignore values returned by functions # CERT-C:POS54-C: Detect and handle POSIX library errors # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Ignored Return Value" # CERT-C:STR10-C: Do not concatenate different type of string literals WARNING_FILTER += allow class="Implicit Encoding in String Concatenation" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Implicit Function Declaration" # CERT-C:DCL07-C: Include the appropriate type information in function declarators # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Implicit int on main" # CERT-C:FLP34-C: Ensure that floating-point conversions are within range of the new type # CERT-C:FLP36-C: Preserve precision when converting integral values to floating-point type # CERT-C:STR04-C: Use plain char for characters in the basic character set WARNING_FILTER += allow class="Inappropriate Assignment Type" # CERT-C:CON33-C: Avoid race conditions when using library functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Inappropriate C Atomic Initialization" # CERT-C:CON36-C: Wrap functions that can spuriously wake up in a loop # CERT-C:CON41-C: Wrap functions that can fail spuriously in a loop # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Inappropriate Call Outside Loop" # CERT-C:STR04-C: Use plain char for characters in the basic character set WARNING_FILTER += allow class="Inappropriate Character Arithmetic" # CERT-C:FLP34-C: Ensure that floating-point conversions are within range of the new type # CERT-C:FLP36-C: Preserve precision when converting integral values to floating-point type # CERT-C:STR04-C: Use plain char for characters in the basic character set WARNING_FILTER += allow class="Inappropriate Numeric Assignment" # CERT-C:EXP46-C: Do not use a bitwise operator with a Boolean-like operand # CERT-C:INT07-C: Use only explicitly signed or unsigned char type for numeric values # CERT-C:INT13-C: Use bitwise operators only on unsigned operands # CERT-C:STR04-C: Use plain char for characters in the basic character set WARNING_FILTER += allow class="Inappropriate Operand Type" # CERT-C:CON34-C: Declare objects shared between threads with appropriate storage durations WARNING_FILTER += allow class="Inappropriate Storage Duration" # CERT-C:CON02-C: Do not use volatile as a synchronization primitive WARNING_FILTER += allow class="Inappropriate Volatile Declaration" # CERT-C:DCL07-C: Include the appropriate type information in function declarators # CERT-C:DCL20-C: Explicitly specify void when a function accepts no arguments # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Incomplete Function Prototype" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Inconsistent Alignment Specifications" # CERT-C:INT09-C: Ensure enumeration constants map to unique values WARNING_FILTER += allow class="Inconsistent Enumerator Initialization" # CERT-C:DCL40-C: Do not create incompatible declarations of the same function or object WARNING_FILTER += allow class="Inconsistent Function Declarations" # CERT-C:DCL40-C: Do not create incompatible declarations of the same function or object WARNING_FILTER += allow class="Inconsistent Object Declarations" # CERT-C:POS36-C: Observe correct revocation order while relinquishing privileges # CERT-C:POS37-C: Ensure that privilege relinquishment is successful WARNING_FILTER += allow class="Incorrect Privilege Assignment" # CERT-C:EXP10-C: Do not depend on the order of evaluation of subexpressions or the order in which side effects take place WARNING_FILTER += allow class="Indeterminate Order of Evaluation" # CERT-C:FIO39-C: Do not alternately input and output from a stream without an intervening flush or positioning call # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Input After Output Without Positioning" # CERT-C:ARR32-C: Ensure size arguments for variable length arrays are in a valid range # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow # CERT-C:MEM35-C: Allocate sufficient memory for an object # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Integer Overflow of Allocation Size" # CERT-C:STR02-C: Sanitize data passed to complex subsystems # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LDAP Injection" # CERT-C:CON30-C: Clean up thread-specific storage # CERT-C:FIO42-C: Close files when they are no longer needed # CERT-C:MEM00-C: Allocate and free memory in the same module, at the same level of abstraction # CERT-C:MEM11-C: Do not assume infinite heap space # CERT-C:MEM31-C: Free dynamically allocated memory when no longer needed # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Leak" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Library Function Override" # CERT-C:STR02-C: Sanitize data passed to complex subsystems # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Library Injection" # CERT-C:CON31-C: Do not destroy a mutex while it is locked # CERT-C:CON34-C: Declare objects shared between threads with appropriate storage durations # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Local Variable Passed to Thread" # CERT-C:API07-C: Enforce type safety # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LocalHandle on LMEM_FIXED Memory" # CERT-C:API07-C: Enforce type safety # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LocalLock on LMEM_FIXED Memory" # CERT-C:API07-C: Enforce type safety # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LocalUnlock on LMEM_FIXED Memory" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logarithm on Negative Value" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logarithm on Zero" # CERT-C:PRE05-C: Understand macro replacement when concatenating tokens or performing stringification WARNING_FILTER += allow class="Macro Argument is both Mixed and Expanded" # CERT-C:PRE02-C: Macro replacement lists should be parenthesized # CERT-C:PRE11-C: Do not conclude macro definitions with a semicolon WARNING_FILTER += allow class="Macro Does Not End With } or )" # CERT-C:PRE02-C: Macro replacement lists should be parenthesized WARNING_FILTER += allow class="Macro Does Not Start With { or (" # CERT-C:PRE05-C: Understand macro replacement when concatenating tokens or performing stringification WARNING_FILTER += allow class="Macro Uses # Operator" # CERT-C:PRE05-C: Understand macro replacement when concatenating tokens or performing stringification # CERT-C:PRE30-C: Do not create a universal character name through concatenation WARNING_FILTER += allow class="Macro Uses ## Operator" # CERT-C:DCL41-C: Do not declare variables inside a switch statement before the first case label WARNING_FILTER += allow class="Malformed switch Statement" # CERT-C:FLP06-C: Convert integers to floating point for floating-point operations # CERT-C:STR04-C: Use plain char for characters in the basic character set WARNING_FILTER += allow class="Mismatched Operand Types" # CERT-C:MSC20-C: Do not use a switch statement to transfer control into a complex block WARNING_FILTER += allow class="Misplaced case" # CERT-C:DCL07-C: Include the appropriate type information in function declarators # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Declaration Specifiers" # CERT-C:DCL36-C: Do not declare an identifier with conflicting linkage classifications WARNING_FILTER += allow class="Missing External Declaration" # CERT-C:CON01-C: Acquire and release synchronization primitives in the same module, at the same level of abstraction WARNING_FILTER += allow class="Missing Lock Acquisition" # CERT-C:CON01-C: Acquire and release synchronization primitives in the same module, at the same level of abstraction WARNING_FILTER += allow class="Missing Lock Release" # CERT-C:EXP00-C: Use parentheses for precedence of operation WARNING_FILTER += allow class="Missing Parentheses" # CERT-C:MSC37-C: Ensure that control never reaches the end of a non-void function # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Return Statement" # CERT-C:ERR33-C: Detect and handle standard library errors # CERT-C:POS54-C: Detect and handle POSIX library errors WARNING_FILTER += allow class="Missing Test of Error Code" # CERT-C:DCL07-C: Include the appropriate type information in function declarators # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Type Specifier" # CERT-C:MSC17-C: Finish every set of statements associated with a case label with a break statement WARNING_FILTER += allow class="Missing break" # CERT-C:STR10-C: Do not concatenate different type of string literals # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Mixed Encodings in String Concatenation" # CERT-C:CON32-C: Prevent data races when accessing bit-fields from multiple threads # CERT-C:CON40-C: Do not refer to an atomic variable twice in an expression # CERT-C:CON43-C: Do not allow data races in multithreaded code # CERT-C:POS49-C: When data must be accessed by multiple threads, provide a mutex and guarantee no adjacent data is also accessed WARNING_FILTER += allow class="Multiple Accesses of Atomic" # CERT-C:DCL04-C: Do not declare more than one variable per declaration WARNING_FILTER += allow class="Multiple Declarations On Line" # CERT-C:ARR32-C: Ensure size arguments for variable length arrays are in a valid range # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow # CERT-C:MEM07-C: Ensure that the arguments to calloc(), when multiplied, do not wrap # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Multiplication Overflow of Allocation Size" # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow WARNING_FILTER += allow class="Multiplication Overflow of Size" # CERT-C:INT05-C: Do not use input functions to convert character data if they cannot handle all possible inputs # CERT-C:STR00-C: Represent characters using an appropriate type # CERT-C:STR34-C: Cast characters to unsigned char before converting to larger integer sizes # CERT-C:STR37-C: Arguments to character-handling functions must be representable as an unsigned char # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Negative Character Value" # CERT-C:INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Negative Shift Amount" # CERT-C:STR03-C: Do not inadvertently truncate a string # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="No Space For Null Terminator" # CERT-C:STR05-C: Use pointers to const when referring to string literals WARNING_FILTER += allow class="Non-const String Literal" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-distinct Identifiers: External Names" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-distinct Identifiers: Macro/Macro" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-distinct Identifiers: Macro/Other" # CERT-C:DCL01-C: Do not reuse variable names in subscopes # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-distinct Identifiers: Nested Scope" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-distinct Identifiers: Same Scope" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-unique Identifiers: External Name" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-unique Identifiers: Internal Name" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-unique Identifiers: Tag" # CERT-C:DCL23-C: Guarantee that mutually visible identifiers are unique WARNING_FILTER += allow class="Non-unique Identifiers: Typedef" # CERT-C:ERR33-C: Detect and handle standard library errors # CERT-C:POS54-C: Detect and handle POSIX library errors WARNING_FILTER += allow class="Non-zero Error Code" # CERT-C:DCL07-C: Include the appropriate type information in function declarators # This check is enabled by default for the language(s) C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Nonstandard Implicit Integer" # CERT-C:MSC00-C: Compile cleanly at high warning levels WARNING_FILTER += allow class="Not All Warnings Are Enabled" # CERT-C:MSC11-C: Incorporate diagnostic tests using assertions WARNING_FILTER += allow class="Not Enough Assertions" # CERT-C:EXP34-C: Do not dereference null pointers # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Pointer Dereference" # CERT-C:EXP34-C: Do not dereference null pointers # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Test After Dereference" # CERT-C:DCL18-C: Do not begin integer constants with 0 when specifying a decimal value WARNING_FILTER += allow class="Octal Constant" # CERT-C:FIO39-C: Do not alternately input and output from a stream without an intervening flush or positioning call # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Output After Input Without Positioning" # CERT-C:DCL39-C: Avoid information leakage when passing a structure across a trust boundary # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Padding Passed Across a Trust Boundary" # CERT-C:DCL07-C: Include the appropriate type information in function declarators # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Parameter Identifier List Needs Function Definition" # CERT-C:MSC18-C: Be careful while handling sensitive data, such as passwords, in program code # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Plaintext Storage of Password" # CERT-C:MSC18-C: Be careful while handling sensitive data, such as passwords, in program code # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Plaintext Transmission of Password" # CERT-C:DCL13-C: Declare function parameters that are pointers to values not changed by the function as const WARNING_FILTER += allow class="Pointed-to Type Could Be const" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Pointer Arithmetic" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Pointer Before Beginning of Object" # CERT-C:INT36-C: Converting a pointer to integer or integer to pointer # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Pointer Conversion Loses Bits" # CERT-C:INT36-C: Converting a pointer to integer or integer to pointer WARNING_FILTER += allow class="Pointer Conversion to Same Size Integer" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Pointer Past End of Object" # CERT-C:DCL05-C: Use typedefs of non-pointer types only WARNING_FILTER += allow class="Pointer Type Inside Typedef" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Pointer to Variably-modified Array Type" # CERT-C:API07-C: Enforce type safety # CERT-C:WIN30-C: Properly pair allocation and deallocation functions # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Pool Mismatch" # CERT-C:MSC21-C: Use robust loop termination conditions WARNING_FILTER += allow class="Potential Unbounded Loop" # CERT-C:MSC32-C: Properly seed pseudorandom number generators # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Predictable Seed in PRNG" # CERT-C:PRE32-C: Do not use preprocessor directives in invocations of function-like macros WARNING_FILTER += allow class="Preprocessing Directives in Macro Argument" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Raises FE_INVALID" # CERT-C:ERR30-C: Take care when reading errno # CERT-C:MSC07-C: Detect and remove dead code # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Redundant Condition" # CERT-C:EXP43-C: Avoid undefined behavior when using restrict-qualified pointers WARNING_FILTER += allow class="Restrict Qualifier Used" # CERT-C:DCL30-C: Declare objects with appropriate storage durations # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Return Pointer to Local" # CERT-C:SIG35-C: Do not return from a computational exception signal handler WARNING_FILTER += allow class="Return from Computational Exception Signal Handler" # CERT-C:DCL00-C: Const-qualify immutable objects # CERT-C:ENV30-C: Do not modify the object referenced by the return value of certain functions WARNING_FILTER += allow class="Returned Pointer Not Treated as const" # CERT-C:EXP14-C: Beware of integer promotion when performing bitwise operations on integer types smaller than int WARNING_FILTER += allow class="Risky Integer Promotion" # CERT-C:STR02-C: Sanitize data passed to complex subsystems # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="SQL Injection" # CERT-C:DCL15-C: Declare file-scope objects or functions that do not need external linkage as static # CERT-C:DCL19-C: Minimize the scope of variables and functions WARNING_FILTER += allow class="Scope Could Be File Static" # CERT-C:DCL19-C: Minimize the scope of variables and functions WARNING_FILTER += allow class="Scope Could Be Local Static" # CERT-C:INT34-C: Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand # CERT-C:INT35-C: Use correct integer precisions # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Shift Amount Exceeds Bit Width" # CERT-C:EXP44-C: Do not rely on side effects in operands to sizeof, _Alignof, or _Generic WARNING_FILTER += allow class="Side Effects in C Generic Selection" # CERT-C:EXP30-C: Do not depend on the order of evaluation for side effects # CERT-C:PRE31-C: Avoid side effects in arguments to unsafe macros WARNING_FILTER += allow class="Side Effects in Expression with Decrement" # CERT-C:EXP30-C: Do not depend on the order of evaluation for side effects # CERT-C:PRE31-C: Avoid side effects in arguments to unsafe macros WARNING_FILTER += allow class="Side Effects in Expression with Increment" # CERT-C:EXP30-C: Do not depend on the order of evaluation for side effects WARNING_FILTER += allow class="Side Effects in Initializer List" # CERT-C:EXP44-C: Do not rely on side effects in operands to sizeof, _Alignof, or _Generic WARNING_FILTER += allow class="Side Effects in sizeof" # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Subtraction Underflow of Allocation Size" # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow WARNING_FILTER += allow class="Subtraction Underflow of Size" # CERT-C:ARR36-C: Do not subtract or compare two pointers that do not refer to the same array # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Subtraction of Unrelated Pointers" # CERT-C:INT04-C: Enforce limits on integer values originating from tainted sources # CERT-C:MEM05-C: Avoid large stack allocations # CERT-C:MEM11-C: Do not assume infinite heap space # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Tainted Allocation Size" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:INT04-C: Enforce limits on integer values originating from tainted sources # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data # CERT-C:MEM35-C: Allocate sufficient memory for an object # CERT-C:POS30-C: Use the readlink() function properly # CERT-C:STR38-C: Do not confuse narrow and wide character strings and functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Buffer Access" # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO02-C: Canonicalize path names originating from tainted sources WARNING_FILTER += allow class="Tainted Filename" # CERT-C:INT04-C: Enforce limits on integer values originating from tainted sources WARNING_FILTER += allow class="Tainted Network Address" # CERT-C:CON39-C: Do not join or detach a thread that was previously joined or detached # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Thread is not Joinable" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Too Many Alignment Specifiers" # CERT-C:INT02-C: Understand integer conversion rules # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data # CERT-C:MEM35-C: Allocate sufficient memory for an object WARNING_FILTER += allow class="Truncation of Allocation Size" # CERT-C:INT02-C: Understand integer conversion rules # CERT-C:INT18-C: Evaluate integer expressions in a larger size before comparing or assigning to that size # CERT-C:INT31-C: Ensure that integer conversions do not result in lost or misinterpreted data WARNING_FILTER += allow class="Truncation of Size" # CERT-C:API07-C: Enforce type safety # CERT-C:MEM34-C: Only free memory allocated dynamically # CERT-C:WIN30-C: Properly pair allocation and deallocation functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Type Mismatch" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:ENV01-C: Do not make assumptions about the size of an environment variable # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:MEM35-C: Allocate sufficient memory for an object # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Type Overrun" # CERT-C:ARR30-C: Do not form or use out-of-bounds pointers or array subscripts # CERT-C:ARR37-C: Do not add or subtract an integer to a pointer to a non-array object # CERT-C:ARR39-C: Do not add or subtract a scaled integer to a pointer # CERT-C:EXP08-C: Ensure pointer arithmetic is used correctly # CERT-C:MEM35-C: Allocate sufficient memory for an object # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Type Underrun" # CERT-C:DCL02-C: Use visually distinct identifiers WARNING_FILTER += allow class="Typographically Ambiguous Identifiers" # CERT-C:API00-C: Functions should validate their parameters # CERT-C:EXP34-C: Do not dereference null pointers WARNING_FILTER += allow class="Unchecked Parameter Dereference" language=c # CERT-C:DCL07-C: Include the appropriate type information in function declarators # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Undeclared Parameter" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Undefined Power of Zero" # CERT-C:EXP33-C: Do not read uninitialized memory # CERT-C:FIO40-C: Reset strings on fgets() or fgetws() failure # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Uninitialized Variable" # CERT-C:MSC07-C: Detect and remove dead code # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unreachable Call" # CERT-C:MSC07-C: Detect and remove dead code # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unreachable Computation" # CERT-C:MSC07-C: Detect and remove dead code # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unreachable Conditional" # CERT-C:MSC07-C: Detect and remove dead code # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Unreachable Control Flow" # CERT-C:MSC07-C: Detect and remove dead code # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unreachable Data Flow" # CERT-C:ARR32-C: Ensure size arguments for variable length arrays are in a valid range # CERT-C:INT08-C: Verify that all integer values are in range # CERT-C:INT30-C: Ensure that unsigned integer operations do not wrap # CERT-C:INT32-C: Ensure that operations on signed integers do not result in overflow # CERT-C:MEM05-C: Avoid large stack allocations # CERT-C:MEM11-C: Do not assume infinite heap space # CERT-C:MEM35-C: Allocate sufficient memory for an object # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unreasonable Size Argument" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Unspecified Array Size with Designator Initialization" # CERT-C:POS30-C: Use the readlink() function properly # CERT-C:STR32-C: Do not pass a non-null-terminated character sequence to a library function that expects a string # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unterminated C String" # CERT-C:STR02-C: Sanitize data passed to complex subsystems WARNING_FILTER += allow class="Untrusted Library Load" # CERT-C:INT04-C: Enforce limits on integer values originating from tainted sources WARNING_FILTER += allow class="Untrusted Network Host" # CERT-C:INT04-C: Enforce limits on integer values originating from tainted sources WARNING_FILTER += allow class="Untrusted Network Port" # CERT-C:STR02-C: Sanitize data passed to complex subsystems WARNING_FILTER += allow class="Untrusted Process Creation" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Unused Label" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Unused Macro" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Unused Parameter" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Unused Tag" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Unused Type" # CERT-C:MSC13-C: Detect and remove unused values # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unused Value" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed WARNING_FILTER += allow class="Unused Variable" # CERT-C:FIO46-C: Do not access a closed file # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use After Close" # CERT-C:MEM01-C: Store a new value in pointers immediately after free() # CERT-C:MEM30-C: Do not access freed memory # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use After Free" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of Exception Handling Function" # CERT-C:EXP47-C: Do not call va_arg with an argument of the incorrect type # CERT-C:MSC38-C: Do not treat a predefined identifier as an object if it might only be implemented as a macro # CERT-C:MSC39-C: Do not call va_arg() on a va_list that has an indeterminate value WARNING_FILTER += allow class="Use of Feature" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of " # CERT-C:MSC33-C: Do not pass invalid data to the asctime() function WARNING_FILTER += allow class="Use of Time/Date Function" # CERT-C:WIN00-C: Be specific when dynamically loading libraries WARNING_FILTER += allow class="Use of AfxLoadLibrary" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of Alignas" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of Alignof" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of C Atomic" # CERT-C:WIN00-C: Be specific when dynamically loading libraries WARNING_FILTER += allow class="Use of CoLoadLibrary" # CERT-C:CON38-C: Preserve thread safety and liveness when using condition variables WARNING_FILTER += allow class="Use of Condition Variable Signal" # CERT-C:CON36-C: Wrap functions that can spuriously wake up in a loop WARNING_FILTER += allow class="Use of Condition Variable Wait" # CERT-C:FIO06-C: Create files with appropriate access permissions WARNING_FILTER += allow class="Use of CreateFile" # CERT-C:WIN02-C: Restrict privileges when spawning child processes WARNING_FILTER += allow class="Use of CreateProcess" # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO21-C: Do not create temporary files in shared directories # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of GetTempFileName" # CERT-C:WIN00-C: Be specific when dynamically loading libraries WARNING_FILTER += allow class="Use of LoadLibrary" # CERT-C:MSC24-C: Do not use deprecated or obsolescent functions WARNING_FILTER += allow class="Use of LoadModule" # CERT-C:MSC24-C: Do not use deprecated or obsolescent functions WARNING_FILTER += allow class="Use of MoveFile" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of Noreturn" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of OemToAnsi" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of OemToChar" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of StrCatChainW" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of Thread Local" # CERT-C:MSC25-C: Do not use insecure or weak cryptographic algorithms # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Weak Cryptographic Algorithm" # CERT-C:MSC24-C: Do not use deprecated or obsolescent functions WARNING_FILTER += allow class="Use of WinExec" # CERT-C:ENV32-C: All exit handlers must return normally WARNING_FILTER += allow class="Use of abort" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of abort_handler_s" # CERT-C:ERR34-C: Detect errors when converting a string to a number WARNING_FILTER += allow class="Use of atof" # CERT-C:ERR34-C: Detect errors when converting a string to a number WARNING_FILTER += allow class="Use of atoi" # CERT-C:ERR34-C: Detect errors when converting a string to a number WARNING_FILTER += allow class="Use of atol" # CERT-C:ERR34-C: Detect errors when converting a string to a number # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of atoll" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of bsearch_s" # CERT-C:POS05-C: Limit access to files by creating a jail WARNING_FILTER += allow class="Use of chroot" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of constraint_handler_t" # CERT-C:MSC24-C: Do not use deprecated or obsolescent functions WARNING_FILTER += allow class="Use of cuserid" # CERT-C:MSC24-C: Do not use deprecated or obsolescent functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of drem" # CERT-C:ENV32-C: All exit handlers must return normally WARNING_FILTER += allow class="Use of exit" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of fopen_s" # CERT-C:POS38-C: Beware of race conditions when using fork and file descriptors WARNING_FILTER += allow class="Use of fork" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of freopen_s" # CERT-C:MSC24-C: Do not use deprecated or obsolescent functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of gamma" # CERT-C:ENV30-C: Do not modify the object referenced by the return value of certain functions WARNING_FILTER += allow class="Use of getenv" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size WARNING_FILTER += allow class="Use of getopt" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size WARNING_FILTER += allow class="Use of getpass" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of gets" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of getwd" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of gmtime_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of ignore_handler_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of localtime_s" # CERT-C:ENV32-C: All exit handlers must return normally # CERT-C:MSC22-C: Use the setjmp(), longjmp() facility securely WARNING_FILTER += allow class="Use of longjmp" # CERT-C:EXP42-C: Do not compare padding data WARNING_FILTER += allow class="Use of memcmp" # CERT-C:MSC06-C: Beware of compiler optimizations WARNING_FILTER += allow class="Use of memset" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of memset_s" # CERT-C:FIO01-C: Be careful using functions that use file names for identification WARNING_FILTER += allow class="Use of mkstemp" # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO21-C: Do not create temporary files in shared directories # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of mktemp" # CERT-C:POS44-C: Do not use signals to terminate threads WARNING_FILTER += allow class="Use of pthread_kill" # CERT-C:POS34-C: Do not call putenv() with a pointer to an automatic variable as the argument WARNING_FILTER += allow class="Use of putenv" # CERT-C:CON33-C: Avoid race conditions when using library functions # CERT-C:MSC30-C: Do not use the rand() function for generating pseudorandom numbers WARNING_FILTER += allow class="Use of rand" # CERT-C:MEM36-C: Do not modify the alignment of objects by calling realloc() WARNING_FILTER += allow class="Use of realloc" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of realpath" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of set_constraint_handler_s" # CERT-C:MSC22-C: Use the setjmp(), longjmp() facility securely WARNING_FILTER += allow class="Use of setjmp" # CERT-C:CON37-C: Do not call signal() in a multithreaded program # CERT-C:SIG00-C: Mask signals handled by noninterruptible signal handlers # CERT-C:SIG01-C: Understand implementation-specific details regarding signal handler persistence # CERT-C:SIG02-C: Avoid using signals to implement normal functionality # CERT-C:SIG30-C: Call only asynchronous-safe functions within signal handlers # CERT-C:SIG34-C: Do not call signal() from within interruptible signal handlers WARNING_FILTER += allow class="Use of signal" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of snwprintf_s" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of strcat" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strchr" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strcmp" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strcoll" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of strcpy" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strcspn" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of strerrorlen_s" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strlen" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strpbrk" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strrchr" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strspn" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strstr" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation WARNING_FILTER += allow class="Use of strtok" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of strtok_s" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size # CERT-C:STR07-C: Use the bounds-checking interfaces for string manipulation # CERT-C:STR31-C: Guarantee that storage for strings has sufficient space for character data and the null terminator WARNING_FILTER += allow class="Use of strtrns" # CERT-C:API02-C: Functions that read or write to or from an array should take an argument to specify the source or target size WARNING_FILTER += allow class="Use of syslog" # CERT-C:ENV33-C: Do not call system() WARNING_FILTER += allow class="Use of system" # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO21-C: Do not create temporary files in shared directories # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of tmpfile" # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO21-C: Do not create temporary files in shared directories WARNING_FILTER += allow class="Use of tmpfile_s" # CERT-C:CON33-C: Avoid race conditions when using library functions # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO21-C: Do not create temporary files in shared directories # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of tmpnam" # CERT-C:FIO01-C: Be careful using functions that use file names for identification # CERT-C:FIO21-C: Do not create temporary files in shared directories WARNING_FILTER += allow class="Use of tmpnam_s" # CERT-C:CON33-C: Avoid race conditions when using library functions WARNING_FILTER += allow class="Use of ttyname" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of vfscanf_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of vfwscanf_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of vscanf_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of vsnwprintf_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of vsscanf_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of vswscanf_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of vwscanf_s" # CERT-C:MSC23-C: Beware of vendor-specific library and language differences WARNING_FILTER += allow class="Use of wcstok_s" # CERT-C:MSC12-C: Detect and remove code that has no effect or is never executed # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Useless Assignment" # CERT-C:DCL00-C: Const-qualify immutable objects WARNING_FILTER += allow class="Variable Could Be const" # CERT-C:MSC00-C: Compile cleanly at high warning levels WARNING_FILTER += allow class="Warnings Not Treated As Errors" # CERT-C:MSC25-C: Do not use insecure or weak cryptographic algorithms WARNING_FILTER += allow class="Weak Cryptography" # CERT-C:POS05-C: Limit access to files by creating a jail WARNING_FILTER += allow class="chroot without chdir" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="cosh on High Number" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="cosh on Low Number" # CERT-C:ARR01-C: Do not apply the sizeof operator to a pointer when taking the size of an array WARNING_FILTER += allow class="sizeof Array Parameter" # CERT-C:FLP32-C: Prevent or detect domain and range errors in math functions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="sqrt on Negative Value" # CERT-C:DCL06-C: Use meaningful symbolic constants to represent literal values WARNING_FILTER += allow class="switch With Non-enum Expression"