Abraxas Software (R) CodeCheck Windows NT version 12.40 B1 Checking extended ANSI C file v422a.c with rules from vss42.cc: 1 2 // 4.2.2 Software Integrity 3 4 /* 5 Self-modifying, dynamically loaded, or interpreted code is prohibited, except under 6 the security provisions outlined in section 6.4.e. This prohibition is to ensure that the 7 software tested and approved during the qualification process remains unchanged and 8 retains its integrity. External modification of code during execution shall be 9 prohibited. Where the development environment (programming language and 10 development tools) includes the following features, the software shall provide 11 controls to prevent accidental or deliberate attempts to replace executable code: 12 */ 13 14 // a Unbounded arrays or strings (includes buffers used to move data) 15 16 17 // global 18 char foo[]; // bad unbounded -------> A A: Warning W0422: VSS 4.2.2a - No Unbound Arrays Or Strings 19 20 char foo1[100]; // good 21 22 // local 23 v1() { -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 24 25 char foo[]; // bad unbounded -------> A A: Warning W0422: VSS 4.2.2a - No Unbound Arrays Or Strings 26 27 char foo1[100]; // good 28 29 } Checking extended ANSI C file v422b.c with rules from vss42.cc: 1 // 4.2.2 Software Integrity 2 /* 3 Self-modifying, dynamically loaded, or interpreted code is prohibited, except under 4 the security provisions outlined in section 6.4.e. This prohibition is to ensure that the 5 software tested and approved during the qualification process remains unchanged and 6 retains its integrity. External modification of code during execution shall be 7 prohibited. Where the development environment (programming language and 8 development tools) includes the following features, the software shall provide 9 controls to prevent accidental or deliberate attempts to replace executable code: 10 */ 11 // b Pointer variables 12 13 char *cp; -------> AB A: Warning W0422: VSS 4.2.2 B - Declaration of Pointer Variables is discouraged B: Warning W0427: VSS 4.2.7 B - All variables shall have comments 14 15 cp = 1; // NO, verboten 16 17 *cp = 1; // NO -------> A A: Warning W0422: VSS 4.2.2 B - Declaration of Pointer Variables is discouraged 18 19 vss_542b() { -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 20 21 22 char *cp; -------> AB A: Warning W0422: VSS 4.2.2 B - Declaration of Pointer Variables is discouraged B: Warning W0427: VSS 4.2.7 B - All variables shall have comments 23 24 cp = 1; // NO, verboten -------> A A: Warning W0422: VSS 4.2.2 B - Use of Pointer Variables is discouraged 25 26 *cp = 1; // NO -------> A A: Warning W0422: VSS 4.2.2 B - Use of Pointer Variables is discouraged 27 28 } Checking extended ANSI C file v422c.c with rules from vss42.cc: 1 // 4.2.2 Software Integrity 2 /* 3 Self-modifying, dynamically loaded, or interpreted code is prohibited, except under 4 the security provisions outlined in section 6.4.e. This prohibition is to ensure that the 5 software tested and approved during the qualification process remains unchanged and 6 retains its integrity. External modification of code during execution shall be 7 prohibited. Where the development environment (programming language and 8 development tools) includes the following features, the software shall provide 9 controls to prevent accidental or deliberate attempts to replace executable code: 10 */ 11 12 // c Dynamic memory allocation and management. 13 14 v422c() { 15 16 char *mp = malloc(100); // illegal -------> A B A: Warning W0422: VSS 4.2.2 B - Declaration of Pointer Variables is discouraged B: Warning W0422: VSS 4.2.2 C - Dynamic memory allocation and management is prohibited 17 18 free(mp); // illegal -------> A B A: Warning W0422: VSS 4.2.2 C - Dynamic memory allocation and management is prohibited B: Warning W0422: VSS 4.2.2 B - Use of Pointer Variables is discouraged 19 } Checking extended ANSI C file v423a.c with rules from vss42.cc: 1 /* 2 423a. Each module shall have a specific function that can be tested and verified 3 independently of the remainder of the code. In practice, some additional 4 modules (such as library modules) may be needed to compile the module 5 under test, but the modular construction allows the supporting modules to be 6 replaced by special test versions that support test objectives; 7 1 Some software languages and development environments use a different definition of 8 module but this principle still applies. 9 */ 10 11 vss_v423a() { 12 13 14 15 16 17 18 19 20 21 22 23 } -------> A A: Warning W0427: VSS 4.2.7 A - Specify Header Block 24 25 vss_v423a() { 26 27 28 29 30 31 32 33 34 } Warning W0423: VSS 423B - There can only be one function per module Checking extended ANSI C file v423b.c with rules from vss42.cc: 1 /* 2 VSS 423b. Each module shall be uniquely and mnemonically named, using names that 3 differ by more than a single character. In addition to the unique name, the 4 modules shall include a set of header comments identifying the module’s 5 purpose, design, conditions, and version history, followed by the operational 6 code. Headers are optional for modules of fewer than ten executable lines 7 where the subject module is embedded in a larger module that has a header 8 containing the header information. Library modules shall also have a header 9 comment describing the purpose of the library and version information; 10 */ 11 12 vss_423b() { // good function, is similiar to module name 13 14 15 16 17 18 19 20 21 22 } 23 24 test() { // ok, small routine -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 25 26 } 27 28 testfun() { // bad this function doesn't belong here -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 29 30 31 32 33 34 35 36 37 38 } Warning W0423: VSS 423B - There can only be one function per module Checking extended ANSI C file v423c.c with rules from vss42.cc: 1 /* 2 423c. All required resources, such as data accessed by the module, should either be 3 contained within the module or explicitly identified as input or output to the 4 module. Within the constraints of the programming language, such resources 5 shall be placed at the lowest level where shared access is needed. If that 6 shared access level is across multiple modules, the definitions should be 7 defined in a single file (called header files in some languages, such as C) 8 where any changes can be applied once and the change automatically applies 9 to all modules upon compilation or activation; 10 */ 11 12 13 int v423c ; // no global data Checking extended ANSI C file v423e.c with rules from vss42.cc: 1 /* 2 423e. Each module shall have a single entry point, and a single exit point, for 3 normal process flow. For library modules or languages such as the objectoriented 4 languages, the entry point is to the individual contained module or 5 method invoked. The single exit point is the point where control is returned. 6 At that point, the data that is expected as output must be appropriately set. 7 The exception for the exit point is where a problem is so severe that 8 execution cannot be resumed. In this case, the design must explicitly protect 9 all recorded votes and audit log information and must implement formal 10 exception handlers provided by the language; and 11 */ 12 13 int Func1() 14 { -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 15 int dog = 0; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 16 int clog = 0; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 17 18 /* Do some stuff with dog and clog here */ 19 20 if( 0 < dog ) { 21 return dog; 22 }else if( 0 < clog ) { 23 exit(-1); -------> A A: Warning W0423: VSS 4.2.3 E - Exceptional Exit Point Found 24 } 25 } /* This is not allowed two return points */ -------> A A: Warning W0427: VSS 4.2.7 A - Specify Header Block 26 27 //This also applies to exit() calls. 28 29 int vss_423e() 30 { 31 return; // explicit return at end of function is ok, 32 } Warning W0423: VSS 423B - There can only be one function per module Checking extended ANSI C file v425c.c with rules from vss42.cc: 1 /* 2 425 c. Names shall be unique within an application. Names shall differ by more than 3 a single character. All single-character names are forbidden except those for 4 variables used as loop indexes. In large systems where subsystems tend to be 5 developed independently, duplicate names may be used where the scope of 6 the name is unique within the application. Names should always be unique 7 where modules are shared; 8 */ 9 10 11 int d = 0; /* not allowed unless used in as a loop index */ 12 13 v4() { 14 15 int i; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 16 17 int dog; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 18 19 for ( ;; i ) {} // ok 20 21 i++; // bad -------> A A: Warning W0425: VSS 4.2.5 C - Single character variable names are forbidden 22 23 dog++; // good 24 } -------> A A: Warning W0427: VSS 4.2.7 A - Specify Header Block 25 26 v4a() { -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 27 28 //For example: 29 30 int i = 0; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 31 i = getImportantValue(); -------> A A: Warning W0425: VSS 4.2.5 C - Single character variable names are forbidden 32 33 switch(i){ //not allowed -------> A A: Warning W0425: VSS 4.2.5 C - Single character variable names are forbidden 34 case 1: 35 36 default: 37 } 38 39 } -------> A A: Warning W0427: VSS 4.2.7 A - Specify Header Block 40 Warning W0423: VSS 423B - There can only be one function per module Checking extended ANSI C file v427a.c with rules from vss42.cc: 1 2 /* 3 427 a. All modules shall contain headers. For small modules of 10 lines or less, the 4 header may be limited to identification of unit and revision information. Other 5 header information should be included in the small unit headers if not clear from 6 the actual lines of code. 7 */ 8 9 // good case first ... 10 /* =========================================================================*/ 11 /** 12 FUNCTION: HandleStartUpTasks() 13 14 PURPOSE: This function serves as the starting point for all 15 start up related tasks. These tasks include basic 16 hardware checking and loading configuration information. 17 18 PARAMETERS: 19 none 20 21 OUTPUT PARAMETERS: 22 none 23 24 RETURN VALUE: 25 int = 0 for success or positive value for failure 26 27 USE OF GLOBALS: 28 static struct ConfigurationType Config; 29 static struct HeldConfigurationType HeldConfig; 30 31 FILES REFERENCED: 32 cfgfd (CONFIG_FILE) - access, open, close 33 34 FUNCTIONS CALLED: 35 tzset 36 ParseMessageFile 37 MessageError 38 CmdHandleMessageLogging 39 localtime 40 snprintf 41 CmdLogEvent 42 CheckHalStatus 43 InitConfigStruct 44 PlatformGetBoardID 45 atoi 46 access 47 open 48 CmdHandleError 49 strncpy 50 close 51 system 52 UpdateHeldConfigFile 53 LoadHeldConfigStruct 54 SyncConfigWithHeldConfig 55 HandleLoadingTasks 56 UnpackDataBundle 57 SendPublicCountToPWP 58 lseek 59 read 60 61 REVISIONS: 62 08/31/2004 ERW Original 63 08/10/05 CRB Updated function header per ITA review. 64 */ 65 66 v5a() { -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 67 68 69 70 71 // line 5 72 73 74 75 // line 10 76 77 } 78 79 // bad case, no header 80 81 82 v5b() { -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 83 84 85 86 87 // line 5 88 89 90 91 // line 10 92 93 } -------> A A: Warning W0427: VSS 4.2.7 A - Specify Header Block 94 95 v5tiny() { -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 96 // ok, small 97 } Warning W0423: VSS 423B - There can only be one function per module Checking extended ANSI C file v427b.c with rules from vss42.cc: 1 /* 2 427 b. Descriptive comments shall be provided to identify objects and data types. 3 All variables shall have comments at the point of declaration clearly 4 explaining their use. Where multiple variables that share the same meaning 5 are required, the variables may share the same comment; 6 */ 7 8 // first foo is bad at line 9, no comment associated 9 10 11 int foo; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 12 13 14 int fuu; /* ok */ 15 16 // good 17 int foam; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 18 19 int fubar; //good 20 21 v6() { // next foo is bad, no comment -------> A A: Warning W0432: VSS 4.2.3 B - Functions declared within a module must have name similiar to module 22 23 int foo; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments 24 25 26 int fubar; //good 27 28 } 29 30 //O.K.  Does this one also take into account - YES 31 /* good */ 32 int foo = 0; -------> A A: Warning W0427: VSS 4.2.7 B - All variables shall have comments