Main Content

CERT C++ Rules

List and description of CERT C++ standard rules supported by Polyspace®

CERT C++ is a set of code guidelines for software developers. It focuses on secure coding in the C++ language. The guidelines help eliminate constructs that have undefined behavior, which can lead to unexpected results at runtime and expose security weaknesses. To check Polyspace coverage of CERT C++ rules, see Polyspace Support for Coding Standards. Polyspace can check your code against the CERT C++ standard. Use the Check SEI CERT-C++ (-cert-cpp) analysis option to activate subsets of the rules.

Polyspace Results

expand all

CERT C++: DCL30-CDeclare objects with appropriate storage durations
CERT C++: DCL39-CAvoid information leakage in structure padding
CERT C++: DCL40-CDo not create incompatible declarations of the same function or object
CERT C++: DCL50-CPPDo not define a C-style variadic function
CERT C++: DCL51-CPPDo not declare or define a reserved identifier
CERT C++: DCL52-CPPNever qualify a reference type with const or volatile
CERT C++: DCL53-CPPDo not write syntactically ambiguous declarations
CERT C++: DCL54-CPPOverload allocation and deallocation functions as a pair in the same scope
CERT C++: DCL55-CPPAvoid information leakage when passing a class object across a trust boundary (Since R2022b)
CERT C++: DCL56-CPPAvoid cycles during initialization of static objects (Since R2022b)
CERT C++: DCL57-CPPDo not let exceptions escape from destructors or deallocation functions
CERT C++: DCL58-CPPDo not modify the standard namespaces
CERT C++: DCL59-CPPDo not define an unnamed namespace in a header file
CERT C++: DCL60-CPPObey the one-definition rule
CERT C++: EXP34-CDo not dereference null pointers
CERT C++: EXP35-CDo not modify objects with temporary lifetime
CERT C++: EXP36-CDo not cast pointers into more strictly aligned pointer types
CERT C++: EXP37-CCall functions with the correct number and type of arguments
CERT C++: EXP39-CDo not access a variable through a pointer of an incompatible type
CERT C++: EXP42-CDo not compare padding data
CERT C++: EXP45-CDo not perform assignments in selection statements
CERT C++: EXP46-CDo not use a bitwise operator with a Boolean-like operand
CERT C++: EXP47-CDo not call va_arg with an argument of the incorrect type
CERT C++: EXP50-CPPDo not depend on the order of evaluation for side effects
CERT C++: EXP51-CPPDo not delete an array through a pointer of the incorrect type (Since R2022b)
CERT C++: EXP52-CPPDo not rely on side effects in unevaluated operands
CERT C++: EXP53-CPPDo not read uninitialized memory
CERT C++: EXP54-CPPDo not access an object outside of its lifetime
CERT C++: EXP55-CPPDo not access a cv-qualified object through a cv-unqualified type
CERT C++: EXP56-CPPDo not call a function with a mismatched language linkage (Since R2023b)
CERT C++: EXP57-CPPDo not cast or delete pointers to incomplete classes
CERT C++: EXP58-CPPPass an object of the correct type to va_start
CERT C++: EXP59-CPPUse offsetof() on valid types and members
CERT C++: EXP60-CPPDo not pass a nonstandard-layout type object across execution boundaries (Since R2023b)
CERT C++: EXP61-CPPA lambda object must not outlive any of its reference captured objects
CERT C++: EXP62-CPPDo not access the bits of an object representation that are not part of the object's value representation (Since R2022b)
CERT C++: EXP63-CPPDo not rely on the value of a moved-from object (Since R2021a)
CERT C++: INT30-CEnsure that unsigned integer operations do not wrap
CERT C++: INT31-CEnsure that integer conversions do not result in lost or misinterpreted data
CERT C++: INT32-CEnsure that operations on signed integers do not result in overflow
CERT C++: INT33-CEnsure that division and remainder operations do not result in divide-by-zero errors
CERT C++: INT34-CDo not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
CERT C++: INT35-CUse correct integer precisions
CERT C++: INT36-CConverting a pointer to integer or integer to pointer
CERT C++: INT50-CPPDo not cast to an out-of-range enumeration value (Since R2023b)
CERT C++: ARR30-CDo not form or use out-of-bounds pointers or array subscripts
CERT C++: ARR37-CDo not add or subtract an integer to a pointer to a non-array object
CERT C++: ARR38-CGuarantee that library functions do not form invalid pointers
CERT C++: ARR39-CDo not add or subtract a scaled integer to a pointer
CERT C++: CTR50-CPPGuarantee that container indices and iterators are within the valid range
CERT C++: CTR51-CPPUse valid references, pointers, and iterators to reference elements of a container (Since R2022a)
CERT C++: CTR52-CPPGuarantee that library functions do not overflow (Since R2022b)
CERT C++: CTR53-CPPUse valid iterator ranges (Since R2022b)
CERT C++: CTR54-CPPDo not subtract iterators that do not refer to the same container (Since R2022b)
CERT C++: CTR55-CPPDo not use an additive operator on an iterator if the result would overflow (Since R2022b)
CERT C++: CTR56-CPPDo not use pointer arithmetic on polymorphic objects (Since R2023a)
CERT C++: CTR57-CPPProvide a valid ordering predicate (Since R2022a)
CERT C++: CTR58-CPPPredicate function objects should not be mutable (Since R2022a)
CERT C++: STR30-CDo not attempt to modify string literals
CERT C++: STR31-CGuarantee that storage for strings has sufficient space for character data and the null terminator
CERT C++: STR32-CDo not pass a non-null-terminated character sequence to a library function that expects a string
CERT C++: STR34-CCast characters to unsigned char before converting to larger integer sizes
CERT C++: STR37-CArguments to character-handling functions must be representable as an unsigned char
CERT C++: STR38-CDo not confuse narrow and wide character strings and functions
CERT C++: STR50-CPPGuarantee that storage for strings has sufficient space for character data and the null terminator
CERT C++: STR51-CPPDo not attempt to create a std::string from a null pointer (Since R2022b)
CERT C++: STR52-CPPUse valid references, pointers, and iterators to reference elements of a basic_string (Since R2022b)
CERT C++: STR53-CPPRange check element access
CERT C++: MEM30-CDo not access freed memory
CERT C++: MEM31-CFree dynamically allocated memory when no longer needed
CERT C++: MEM34-COnly free memory allocated dynamically
CERT C++: MEM35-CAllocate sufficient memory for an object
CERT C++: MEM36-CDo not modify the alignment of objects by calling realloc()
CERT C++: MEM50-CPPDo not access freed memory
CERT C++: MEM51-CPPProperly deallocate dynamically allocated resources
CERT C++: MEM52-CPPDetect and handle memory allocation errors
CERT C++: MEM53-CPPExplicitly construct and destruct objects when manually managing object lifetime (Since R2022b)
CERT C++: MEM54-CPPProvide placement new with properly aligned pointers to sufficient storage capacity (Since R2020b)
CERT C++: MEM55-CPPHonor replacement dynamic storage management requirements (Since R2020b)
CERT C++: MEM56-CPPDo not store an already-owned pointer value in an unrelated smart pointer (Since R2021a)
CERT C++: MEM57-CPPAvoid using default operator new for over-aligned types
CERT C++: FIO30-CExclude user input from format strings
CERT C++: FIO32-CDo not perform operations on devices that are only appropriate for files
CERT C++: FIO34-CDistinguish between characters read from a file and EOF or WEOF
CERT C++: FIO37-CDo not assume that fgets() or fgetws() returns a nonempty string when successful
CERT C++: FIO38-CDo not copy a FILE object
CERT C++: FIO39-CDo not alternately input and output from a stream without an intervening flush or positioning call
CERT C++: FIO40-CReset strings on fgets() or fgetws() failure
CERT C++: FIO41-CDo not call getc(), putc(), getwc(), or putwc() with a stream argument that has side effects
CERT C++: FIO42-CClose files when they are no longer needed
CERT C++: FIO44-COnly use values for fsetpos() that are returned from fgetpos()
CERT C++: FIO45-CAvoid TOCTOU race conditions while accessing files
CERT C++: FIO46-CDo not access a closed file
CERT C++: FIO47-CUse valid format strings
CERT C++: FIO50-CPPDo not alternately input and output from a file stream without an intervening positioning call
CERT C++: FIO51-CPPClose files when they are no longer needed
CERT C++: ERR30-CSet errno to zero before calling a library function known to set errno, and check errno only after the function returns a value indicating failure
CERT C++: ERR32-CDo not rely on indeterminate values of errno
CERT C++: ERR33-CDetect and handle standard library errors
CERT C++: ERR34-CDetect errors when converting a string to a number
CERT C++: ERR50-CPPDo not abruptly terminate the program
CERT C++: ERR51-CPPHandle all exceptions
CERT C++: ERR52-CPPDo not use setjmp() or longjmp()
CERT C++: ERR53-CPPDo not reference base classes or class data members in a constructor or destructor function-try-block handler
CERT C++: ERR54-CPPCatch handlers should order their parameter types from most derived to least derived
CERT C++: ERR55-CPPHonor exception specifications (Since R2020b)
CERT C++: ERR56-CPPGuarantee exception safety (Since R2022a)
CERT C++: ERR57-CPPDo not leak resources when handling exceptions (Since R2021a)
CERT C++: ERR58-CPPHandle all exceptions thrown before main() begins executing (Since R2020b)
CERT C++: ERR59-CPPDo not throw an exception across execution boundaries (Since R2022b)
CERT C++: ERR60-CPPException objects must be nothrow copy constructible (Since R2021a)
CERT C++: ERR61-CPPCatch exceptions by lvalue reference
CERT C++: ERR62-CPPDetect errors when converting a string to a number (Since R2023b)
CERT C++: OOP50-CPPDo not invoke virtual functions from constructors or destructors (Since R2021a)
CERT C++: OOP51-CPPDo not slice derived objects
CERT C++: OOP52-CPPDo not delete a polymorphic object without a virtual destructor
CERT C++: OOP53-CPPWrite constructor member initializers in the canonical order (Since R2020a)
CERT C++: OOP54-CPPGracefully handle self-copy assignment
CERT C++: OOP55-CPPDo not use pointer-to-member operators to access nonexistent members (Since R2022a)
CERT C++: OOP56-CPPHonor replacement handler requirements (Since R2023b)
CERT C++: OOP57-CPPPrefer special member functions and overloaded operators to C Standard Library functions
CERT C++: OOP58-CPPCopy operations must not mutate the source object
CERT C++: CON33-CAvoid race conditions when using library functions
CERT C++: CON37-CDo not call signal() in a multithreaded program
CERT C++: CON40-CDo not refer to an atomic variable twice in an expression
CERT C++: CON41-CWrap functions that can fail spuriously in a loop
CERT C++: CON43-CDo not allow data races in multithreaded code
CERT C++: CON50-CPPDo not destroy a mutex while it is locked
CERT C++: CON51-CPPEnsure actively held locks are released on exceptional conditions (Since R2023b)
CERT C++: CON52-CPPPrevent data races when accessing bit-fields from multiple threads
CERT C++: CON53-CPPAvoid deadlock by locking in a predefined order
CERT C++: CON54-CPPWrap functions that can spuriously wake up in a loop
CERT C++: CON55-CPPPreserve thread safety and liveness when using condition variables (Since R2023b)
CERT C++: CON56-CPPDo not speculatively lock a non-recursive mutex that is already owned by the calling thread (Since R2023b)
CERT C++: ENV30-CDo not modify the object referenced by the return value of certain functions
CERT C++: ENV31-CDo not rely on an environment pointer following an operation that may invalidate it
CERT C++: ENV32-CAll exit handlers must return normally
CERT C++: ENV33-CDo not call system()
CERT C++: ENV34-CDo not store pointers returned by certain functions
CERT C++: FLP30-CDo not use floating-point variables as loop counters
CERT C++: FLP32-CPrevent or detect domain and range errors in math functions
CERT C++: FLP34-CEnsure that floating-point conversions are within range of the new type
CERT C++: FLP36-CPreserve precision when converting integral values to floating-point type
CERT C++: FLP37-CDo not use object representations to compare floating-point values
CERT C++: MSC30-CDo not use the rand() function for generating pseudorandom numbers
CERT C++: MSC32-CProperly seed pseudorandom number generators
CERT C++: MSC33-CDo not pass invalid data to the asctime() function
CERT C++: MSC37-CEnsure that control never reaches the end of a non-void function
CERT C++: MSC38-CDo not treat a predefined identifier as an object if it might only be implemented as a macro
CERT C++: MSC39-CDo not call va_arg() on a va_list that has an indeterminate value
CERT C++: MSC40-CDo not violate constraints
CERT C++: MSC41-CNever hard code sensitive information (Since R2020a)
CERT C++: MSC50-CPPDo not use std::rand() for generating pseudorandom numbers
CERT C++: MSC51-CPPEnsure your random number generator is properly seeded
CERT C++: MSC52-CPPValue-returning functions must return a value from all exit paths
CERT C++: MSC53-CPPDo not return from a function declared [[noreturn]] (Since R2020b)
CERT C++: MSC54-CPPA signal handler must be a plain old function (Since R2023b)
CERT C++: PRE30-CDo not create a universal character name through concatenation
CERT C++: PRE31-CAvoid side effects in arguments to unsafe macros
CERT C++: PRE32-CDo not use preprocessor directives in invocations of function-like macros
CERT C++: SIG31-CDo not access shared objects in signal handlers
CERT C++: SIG34-CDo not call signal() from within interruptible signal handlers
CERT C++: SIG35-CDo not return from a computational exception signal handler

Topics