ISO/IEC TS 17961:2013
Information Technology — Programming languages, their environments and system software interfaces — C Secure Coding Rules
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
この文書は、ISO/IEC JTC1 SC22 WG14の作業文書(Working Draft)です。
公式のISO/IEC TS 17961:2013原本ではありません。
技術内容を検討し、ISO/IEC JTC1 SC22 WG14にフィードバックするために用いるものです。
ISO/IEC TS 17961:2013 C Secure Coding Rules(1)一覧
https://qiita.com/kaizen_nagoya/items/54e056195c4f11b850a1
一つの規則で複数回のコンパイルが必要な場合、別記事にしています。
作業予定
規則の例(断片等)をコンパイル、実行する予定です。
1: コンパイルエラーが出ないようにする。
一覧のaccfree.cがこの段階です。
2: 実行時エラーが出ないようにする。
一覧のptrcomp.cがこの段階です。
3: 意味のある出力が出るようにする。
検討中。
現状では、変な代入、奇異な操作が頻出します。
コンパイルエラーが出ないようにするなるべく短い記述で済まそうという趣旨で、他意はありません。
よりよい記述に変更する予定です。
現在利用中のコンパイラ
Apple LLVM version 9.1.0 (clang-902.0.39.1)
Target: x86_64-apple-darwin17.4.0
または
clang version 6.0.0 (tags/RELEASE_600/final)
Target: x86_64-apple-darwin17.4.0
gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
Copyright (C) 2017 Free Software Foundation, Inc.
環境(Environment)
hosted Environment macOS 10.13.3 or 10.12.9
コンパイル用shell script
C版(clangとgcc)とC++版(clang++とg++)
https://qiita.com/kaizen_nagoya/items/74220c0577a512c2d7da
5.13. Declaring the same function or object in incompatible ways [funcdecl]
EXAMPLE 1 In this noncompliant example, a diagnostic is required because the variable i has two incompatible declarations.
/* in a.c */
extern int i; // diagnostic required
int f(void) {
return ++i;
}
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
//EXAMPLE 1 In this noncompliant example, a diagnostic is required because the variable i has two incompatible declarations.
/* in b.c */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
int f(void);
short i; // diagnostic required
int main(int argc, char** argv){ //
printf("%d %d \n", f(),i); //
return EXIT_SUCCESS;//
}//
./clg72.sh funcdecla funcdeclb
$ clang funcdecla.c
1 1
$ gcc-7 funcdecla.c
1 0
##EXAMPLE 2 In this noncompliant example, a diagnostic is required because the variable a has two incompatible declarations.
/* in a.c */
#include <stdio.h> // for printf
extern int *a; // diagnostic required
int g(unsigned i, int x) {
int tmp = a[i];
a[i] = x;
printf("%d %d %d \n", i,x,a[i]);
return tmp;
}
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
//EXAMPLE 2 In this noncompliant example, a diagnostic is required because the variable a has two incompatible declarations.
/* in b.c */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
int g(unsigned , int) ;
int a[] = { 1, 2, 3, 4 }; // diagnostic required
int main(int argc, char** argv){ //
unsigned i;
int x;
printf("%d \n", g(i,x)); //
return EXIT_SUCCESS;//
}//
$ cc funcdecla2.c funcdeclb2.c
$ ./a.out
Segmentation fault: 11
##EXAMPLE 3 In this noncompliant example, a diagnostic is required because the function h has two incompatible declarations.
// EXAMPLE 3 In this noncompliant example, a diagnostic is required because the function h has two incompatible declarations.
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
/* in a.c */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
extern int h(int a); // diagnostic required
int main(void) {
printf("%d\n", h(10));
return EXIT_SUCCESS;
}
/* in b.c */
long h(long a) { // diagnostic required
return a * 2;
}
$ ./clg72.sh funcdecla3 funcdeclb3
$ clang funcdecla3.c
20
$ gcc-7 funcdecla3.c
20
##EXAMPLE 4 In this noncompliant example, a diagnostic is required on implementations where the external identifiers bash_groupname_completion_function and bash_groupname_completion_funct are identical, because it results in incompatible declarations.
/* in bash/bashline.h */
extern char* bash_groupname_completion_function(const char *, int);
// diagnostic required
/* in a.c */
#include <bashline.h>
#include <stdio.h> // for printf
void w(const char *s, int i) {
printf("%s,%s,%d\n",bash_groupname_completion_function(s, i),s,i);
}
//EXAMPLE 4 In this noncompliant example, a diagnostic is required on implementations where the external identifiers bash_groupname_completion_function and bash_groupname_completion_funct are identical, because it results in incompatible declarations.
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
/* in b.c */
#include <stdlib.h> // for EXIT_SUCCESS
void w(const char *, int ) ;
int bash_groupname_completion_funct; // diagnostic required
int main(void) {
const char *s="bash group name",
int i=1;
w(s,i);
return EXIT_SUCCESS;
}
// NOTE The identifier bash_groupname_completion_function referenced here was taken from GNU Bash version 3.2.
/*
* A completion function for group names from /etc/group (or wherever).
*/
char *
bash_groupname_completion_function (text, state)
const char *text;
int state;
{
return ((char *)NULL);
}
/*
* A completion function for group names from /etc/group (or wherever).
*/
#include <stddef.h>
char *
bash_groupname_completion_function (text, state)
const char *text;
int state;
{
return ((char *)NULL);
}
// from bash3.2
./clg73.sh funcdecla4 funcdeclb4 bashline
$ clang funcdecla4.c
(null),bash group name,1
$ gcc-7 funcdecla4.c
(null),bash group name,1
Exception
//No diagnostic need be issued if a declaration that is incompatible with the definition occurs in a translation unit that does not contain any definition or uses of the function or object other than additional declarations, if any.
//EXAMPLE
/* a.c: */
int x = 0; /* the definition */
// ISO/IEC JTC 1/SC 22/WG 14 N 1624 Date: 2012-06-26 ISO/IEC TS 17961, p.7
// http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1624.pdf
/// lines are added by Dr. Kiyoshi Ogawa, 2018
/// Compiled on
/// Clang(LLVM) clang version 6.0.0 (tags/RELEASE_600/final)
/// GCC(GNU) gcc-7 (Homebrew GCC 7.3.0_1) 7.3.0
/// hosted Environment macOS 10.13.3 or 10.12.9
/* b.c: */
extern char x; /* incompatible declaration */
/* but no other references to 'x' */
#include <stdio.h> // for printf
#include <stdlib.h> // for EXIT_SUCCESS
int main(void) {
printf("%d\n", x);
return EXIT_SUCCESS;
}
$ ./clg72.sh funcdecla5 funcdeclb5
$ clang funcdecla5.c
0
$ gcc-7 funcdecla5.c
0
参考文献
コンパイル用shell script C版(clangとgcc)とC++版(clang++とg++)
https://qiita.com/kaizen_nagoya/items/74220c0577a512c2d7da
C言語(C++)に対する誤解、曲解、無理解、爽快。
https://qiita.com/kaizen_nagoya/items/3f3992c9722c1cee2e3a
MISRA C まとめ #include
https://qiita.com/kaizen_nagoya/items/f1a79a7cbd281607c7c9
どうやって MISRA C Example Suiteをコンパイルするか
https://qiita.com/kaizen_nagoya/items/fbdbff5ff696e2ca7f00
[C][C++]の国際規格案の例題をコンパイルするときの課題7つ。
https://qiita.com/kaizen_nagoya/items/5f4b155030259497c4de
自己参照
物理記事 上位100
https://qiita.com/kaizen_nagoya/items/66e90fe31fbe3facc6ff
数学関連記事100
https://qiita.com/kaizen_nagoya/items/d8dadb49a6397e854c6d
言語・文学記事 100
https://qiita.com/kaizen_nagoya/items/42d58d5ef7fb53c407d6
医工連携関連記事一覧
https://qiita.com/kaizen_nagoya/items/6ab51c12ba51bc260a82
通信記事100
https://qiita.com/kaizen_nagoya/items/1d67de5e1cd207b05ef7
自動車 記事 100
https://qiita.com/kaizen_nagoya/items/f7f0b9ab36569ad409c5
Qiita(0)Qiita関連記事一覧(自分)
https://qiita.com/kaizen_nagoya/items/58db5fbf036b28e9dfa6
鉄道(0)鉄道のシステム考察はてっちゃんがてつだってくれる
https://qiita.com/kaizen_nagoya/items/26bda595f341a27901a0
日本語(0)一欄
https://qiita.com/kaizen_nagoya/items/7498dcfa3a9ba7fd1e68
英語(0) 一覧
https://qiita.com/kaizen_nagoya/items/680e3f5cbf9430486c7d
転職(0)一覧
https://qiita.com/kaizen_nagoya/items/f77520d378d33451d6fe
仮説(0)一覧(目標100現在40)
https://qiita.com/kaizen_nagoya/items/f000506fe1837b3590df
安全(0)安全工学シンポジウムに向けて: 21
https://qiita.com/kaizen_nagoya/items/c5d78f3def8195cb2409
Error一覧 error(0)
https://qiita.com/kaizen_nagoya/items/48b6cbc8d68eae2c42b8
Ethernet 記事一覧 Ethernet(0)
https://qiita.com/kaizen_nagoya/items/88d35e99f74aefc98794
Wireshark 一覧 wireshark(0)、Ethernet(48)
https://qiita.com/kaizen_nagoya/items/fbed841f61875c4731d0
線網(Wi-Fi)空中線(antenna)(0) 記事一覧(118/300目標)
https://qiita.com/kaizen_nagoya/items/5e5464ac2b24bd4cd001
OSEK OS設計の基礎 OSEK(100)
https://qiita.com/kaizen_nagoya/items/7528a22a14242d2d58a3
官公庁・学校・公的団体(NPOを含む)システムの課題、官(0)
https://qiita.com/kaizen_nagoya/items/04ee6eaf7ec13d3af4c3
ISO/IEC TS 17961:2013 C Secure Coding Rules(1) All list(to be confirmed)
https://qiita.com/kaizen_nagoya/items/54e056195c4f11b850a1
一覧の一覧( The directory of directories of mine.) Qiita(100)
https://qiita.com/kaizen_nagoya/items/7eb0e006543886138f39
文書履歴
ver. 0.10 初稿 20180403
ver. 0.11 gcc-7,Example節項目追記、修正前後記録 20180407
ver. 0.12 ありがとう追記 20230413
最後までおよみいただきありがとうございました。
いいね 💚、フォローをお願いします。
Thank you very much for reading to the last sentence.
Please press the like icon 💚 and follow me for your happy life.