ISO/IEC TS 17961:2013
Information Technology — Programming languages, their environments and system software interfaces — C Secure Coding Rules
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
この文書は、ISO/IEC JTC1 SC22 WG14の作業文書(Working Draft)です。
公式のISO/IEC TS 17961:2013原本ではありません。
技術内容を検討し、ISO/IEC JTC1 SC22 WG14にフィードバックするために用いるものです。
ISO/IEC TS 17961:2013 C Secure Coding Rules(1)一覧
https://qiita.com/kaizen_nagoya/items/54e056195c4f11b850a1
一つの規則で複数回のコンパイルが必要な場合、別記事にしています。
作業予定
規則の例(断片等)をコンパイル、実行する予定です。
1: コンパイルエラーが出ないようにする。
一覧のaccfree.cがこの段階です。
2: 実行時エラーが出ないようにする。
一覧のptrcomp.cがこの段階です。
3: 意味のある出力が出るようにする。
検討中。
現状では、変な代入、奇異な操作が頻出します。
コンパイルエラーが出ないようにするなるべく短い記述で済まそうという趣旨で、他意はありません。
よりよい記述に変更する予定です。
現在利用中のコンパイラ
Apple LLVM version 9.1.0 (clang-902.0.39.1)
Target: x86_64-apple-darwin17.4.0
または
clang version 6.0.0 (tags/RELEASE_600/final)
Target: x86_64-apple-darwin17.4.0
gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
Copyright (C) 2017 Free Software Foundation, Inc.
環境(Environment)
hosted Environment macOS 10.13.3 or 10.12.9
コンパイル用shell script
C版(clangとgcc)とC++版(clang++とg++)
https://qiita.com/kaizen_nagoya/items/74220c0577a512c2d7da
5.13. Declaring the same function or object in incompatible ways [funcdecl]
EXAMPLE 1 In this noncompliant example, a diagnostic is required because the variable i has two incompatible declarations.
/* in a.c */
extern int i; // diagnostic required
int f(void) {
return ++i;
}
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
//EXAMPLE 1 In this noncompliant example, a diagnostic is required because the variable i has two incompatible declarations.
/* in b.c */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
int f(void);
short i; // diagnostic required
int main(int argc, char** argv){ //
printf("%d %d \n", f(),i); //
return EXIT_SUCCESS;//
}//
./clg72.sh funcdecla funcdeclb
$ clang funcdecla.c
1 1
$ gcc-7 funcdecla.c
1 0
##EXAMPLE 2 In this noncompliant example, a diagnostic is required because the variable a has two incompatible declarations.
/* in a.c */
#include <stdio.h> // for printf
extern int *a; // diagnostic required
int g(unsigned i, int x) {
int tmp = a[i];
a[i] = x;
printf("%d %d %d \n", i,x,a[i]);
return tmp;
}
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
//EXAMPLE 2 In this noncompliant example, a diagnostic is required because the variable a has two incompatible declarations.
/* in b.c */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
int g(unsigned , int) ;
int a[] = { 1, 2, 3, 4 }; // diagnostic required
int main(int argc, char** argv){ //
unsigned i;
int x;
printf("%d \n", g(i,x)); //
return EXIT_SUCCESS;//
}//
$ cc funcdecla2.c funcdeclb2.c
$ ./a.out
Segmentation fault: 11
##EXAMPLE 3 In this noncompliant example, a diagnostic is required because the function h has two incompatible declarations.
// EXAMPLE 3 In this noncompliant example, a diagnostic is required because the function h has two incompatible declarations.
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
/* in a.c */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
extern int h(int a); // diagnostic required
int main(void) {
printf("%d\n", h(10));
return EXIT_SUCCESS;
}
/* in b.c */
long h(long a) { // diagnostic required
return a * 2;
}
$ ./clg72.sh funcdecla3 funcdeclb3
$ clang funcdecla3.c
20
$ gcc-7 funcdecla3.c
20
##EXAMPLE 4 In this noncompliant example, a diagnostic is required on implementations where the external identifiers bash_groupname_completion_function and bash_groupname_completion_funct are identical, because it results in incompatible declarations.
/* in bash/bashline.h */
extern char* bash_groupname_completion_function(const char *, int);
// diagnostic required
/* in a.c */
#include <bashline.h>
#include <stdio.h> // for printf
void w(const char *s, int i) {
printf("%s,%s,%d\n",bash_groupname_completion_function(s, i),s,i);
}
//EXAMPLE 4 In this noncompliant example, a diagnostic is required on implementations where the external identifiers bash_groupname_completion_function and bash_groupname_completion_funct are identical, because it results in incompatible declarations.
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
/* in b.c */
#include <stdlib.h> // for EXIT_SUCCESS
void w(const char *, int ) ;
int bash_groupname_completion_funct; // diagnostic required
int main(void) {
const char *s="bash group name",
int i=1;
w(s,i);
return EXIT_SUCCESS;
}
// NOTE The identifier bash_groupname_completion_function referenced here was taken from GNU Bash version 3.2.
/*
* A completion function for group names from /etc/group (or wherever).
*/
char *
bash_groupname_completion_function (text, state)
const char *text;
int state;
{
return ((char *)NULL);
}
/*
* A completion function for group names from /etc/group (or wherever).
*/
#include <stddef.h>
char *
bash_groupname_completion_function (text, state)
const char *text;
int state;
{
return ((char *)NULL);
}
// from bash3.2
./clg73.sh funcdecla4 funcdeclb4 bashline
$ clang funcdecla4.c
(null),bash group name,1
$ gcc-7 funcdecla4.c
(null),bash group name,1
Exception
//No diagnostic need be issued if a declaration that is incompatible with the definition occurs in a translation unit that does not contain any definition or uses of the function or object other than additional declarations, if any.
//EXAMPLE
/* a.c: */
int x = 0; /* the definition */
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
/* b.c: */
extern char x; /* incompatible declaration */
/* but no other references to 'x' */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
int main(void) {
printf("%d\n", x);
return EXIT_SUCCESS;
}
$ ./clg72.sh funcdecla5 funcdeclb5
$ clang funcdecla5.c
0
$ gcc-7 funcdecla5.c
0
参考文献
コンパイル用shell script C版(clangとgcc)とC++版(clang++とg++)
https://qiita.com/kaizen_nagoya/items/74220c0577a512c2d7da
C言語(C++)に対する誤解、曲解、無理解、爽快。
https://qiita.com/kaizen_nagoya/items/3f3992c9722c1cee2e3a
MISRA C まとめ #include
https://qiita.com/kaizen_nagoya/items/f1a79a7cbd281607c7c9
どうやって MISRA C Example Suiteをコンパイルするか
https://qiita.com/kaizen_nagoya/items/fbdbff5ff696e2ca7f00
[C][C++]の国際規格案の例題をコンパイルするときの課題7つ。
https://qiita.com/kaizen_nagoya/items/5f4b155030259497c4de
文書履歴
ver. 0.10 初稿 20180403
ver. 0.11 gcc-7,Example節項目追記、修正前後記録 20180407
ver. 0.12 ありがとう追記 20230413
最後までおよみいただきありがとうございました。
いいね 💚、フォローをお願いします。
Thank you very much for reading to the last sentence.
Please press the like icon 💚 and follow me for your happy life.