ISO/IEC TS 17961:2013
Information Technology — Programming languages, their environments and system software interfaces — C Secure Coding Rules
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
n1624は、ISO/IEC JTC1 SC22 WG14の作業文書(Working Draft)です。
公式のISO/IEC TS 17961:2013原本ではありません。
ISO/IEC JTC1 SC22 WG14では、可能な限り作業文書を公開し、幅広い意見を求めています。技術内容を検討し、ISO/IEC JTC1 SC22 WG14にフィードバックするために用います。
ISO/IEC TS 17961:2013 C Secure Coding Rules(1)一覧
ISO/IEC TS 17961:2013 C Secure Coding Rules(1) All list(to be confirmed) - kaizen_nagoya @ Qiita
https://qiita.com/kaizen_nagoya/items/54e056195c4f11b850a1
一つの規則で複数回のコンパイルが必要な場合、別記事にしています。
例と作り込んだ部分と資料の断片とを一つのファイルとしている。
作り込んだところは///を記載するように変更中である。
作業予定
規則に記載のある例(断片等)をコンパイル、実行する予定です。
1: コンパイルエラーが出ないようにする。
一accfree.cがこの段階です。
2: 実行時エラーが出ないようにする。
ptrcomp.cがこの段階です。
3: 意味のある出力が出るようにする。
検討中。
現状では、変な代入、奇異な操作が頻出します。コンパイルエラーが出ないようにするなるべく短い記述で済まそうという趣旨で、他意はありません。
意味のある出力があるよりよい記述に変更する予定です。
利用コンパイラ
Apple LLVM version 9.1.0 (clang-902.0.39.1)
Target: x86_64-apple-darwin17.4.0
または
clang version 6.0.0 (tags/RELEASE_600/final)
Target: x86_64-apple-darwin17.4.0
gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
Copyright (C) 2017 Free Software Foundation, Inc.
##環境(Environment)
hosted Environment macOS 10.13.3 or 10.12.9
コンパイル用shell script
C版(clangとgcc)とC++版(clang++とg++)
https://qiita.com/kaizen_nagoya/items/74220c0577a512c2d7da
5.25. Integer division errors [diverr]
Example 1, 2
EXAMPLE 1 In this noncompliant example, a diagnostic is required because the expression x / y can result in a divide-by-zero error or in a quotient that is not representable.
EXAMPLE 2 In this noncompliant example, a diagnostic is required because the expression x % y can result in a divide-by-zero error or a quotient of the two operands that is not representable.
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.44
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
//EXAMPLE 1 In this noncompliant example, a diagnostic is required because the expression x / y can result in a divide-by-zero error or in a quotient that is not representable.
#include <stdio.h> /// for printf
#include <stdlib.h> /// for EXIT_SUCCESS
#include <errno.h> /// for errno
#include <limits.h> /// for 'ULONG_MAX'
#include "get.h" /// for GET_TAINTED_INTEGER
int divide(int x) {
int y;
GET_TAINTED_INTEGER(int, y);
printf("divide:y:%d\n",y);
return x / y; // diagnostic required
}
//EXAMPLE 2 In this noncompliant example, a diagnostic is required because the expression x % y can result in a divide-by-zero error or a quotient of the two operands that is not representable.
int remainder(int x) {
int y;
GET_TAINTED_INTEGER(int, y);
printf("remainder:y:%d\n",y);
return x % y; // diagnostic required
}
int main(void) {///
int x=1;///
printf("x:%d\n ",x);///
printf("divide:%d\n ",divide(x++));///
printf("remainder:%d\n ",remainder(x));///
printf("EXIT_SUCCESS\n");
return EXIT_SUCCESS;///
}///
$ ./gcc7ts.sh diverr
$ clang diverr.c
diverr.c:19:5: warning: incompatible redeclaration of library function 'remainder'
[-Wincompatible-library-redeclaration]
int remainder(int x) {
^
diverr.c:19:5: note: 'remainder' is a builtin with type 'double (double, double)'
1 warning generated.
x:1
d:1
$ gcc-7 diverr.c
diverr.c:19:5: warning: conflicting types for built-in function 'remainder' [-Wbuiltin-declaration-mismatch]
int remainder(int x) {
^~~~~~~~~
x:1
d:1
Example 3, 4
EXAMPLE 3 In this compliant solution, the expression x / y can result in a divide-by-zero error or the quotient of the two operands that is not representable.
EXAMPLE 4 In this compliant solution, the expression x % y can result in a divide-by-zero error or in a quotient that is not representable.
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.44
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
//EXAMPLE 3 In this compliant solution, the expression x / y can result in a divide-by-zero error or the quotient of the two operands that is not representable.
#include <stdio.h> /// for printf
#include <stdlib.h> /// for EXIT_SUCCESS
#include <errno.h> /// for errno
#include <limits.h> /// for 'ULONG_MAX'
#include "get.h"/// for GET_TAINTED_INTEGER
int divide(int x) {
int y;
GET_TAINTED_INTEGER(int, y);
if ( (y == 0) || ( (x == INT_MIN) && (y == -1) ) ) {
/* Handle error */
}
else {
return x / y;
}
}
//EXAMPLE 4 In this compliant solution, the expression x % y can result in a divide-by-zero error or in a quotient that is not representable.
int remainder(int x) {
int y;
GET_TAINTED_INTEGER(int, y);
if ( (y == 0) || ( (x == INT_MIN) && (y == -1) ) ) {
/* Handle error */
}
else {
return x % y;
}
}
int main(void) {///
int x=1;///
divide(x++);///
remainder(x);///
return EXIT_SUCCESS;///
}///
$ ./gcc7ts.sh diverr2
$ clang diverr2.c
diverr2.c:23:5: warning: incompatible redeclaration of library function
'remainder' [-Wincompatible-library-redeclaration]
int remainder(int x) {
^
diverr2.c:23:5: note: 'remainder' is a builtin with type 'double (double, double)'
diverr2.c:25:3: warning: if statement has empty body [-Wempty-body]
GET_TAINTED_INTEGER(int, y);
^
./get.h:25:18: note: expanded from macro 'GET_TAINTED_INTEGER'
errno == ERANGE) \
^
diverr2.c:25:3: note: put the semicolon on a separate line to silence this warning
./get.h:25:18: note: expanded from macro 'GET_TAINTED_INTEGER'
errno == ERANGE) \
^
2 warnings generated.
$ gcc-7 diverr2.c
diverr2.c:23:5: warning: conflicting types for built-in function 'remainder' [-Wbuiltin-declaration-mismatch]
int remainder(int x) {
^~~~~~~~~
出力がうまく出ない理由調査中。
文書履歴
ver. 0.10 初稿 20180404
ver, 0.11 区切り入力訂正 20180405
ver. 0.12 gcc追記 20180408
ver. 0.13 ありがとう追記 20230413
最後までおよみいただきありがとうございました。
いいね 💚、フォローをお願いします。
Thank you very much for reading to the last sentence.
Please press the like icon 💚 and follow me for your happy life.