[C-safe-secure-studygroup] MISRA C rules 1.2 and 2.7

Clive Pygott clivepygott at gmail.com
Wed Feb 22 12:27:06 UTC 2017 

I also like Roberto's 3 question approach, so I've used them with my two
rules:



Rule 1.2:  Language extensions should not be used

Q1: Can violations of the rule directly threat safety and security?
A1: Unknown.

Almost by definition, the committee writing the rules cannot know the
precise behaviour and interactions of all possible extensions, so take the
view that the rules are written for the language as defined in ISO/IEC
9899:1999 - and nothing else. If a project absolutely needs to use some
vendor specific extension, then they are at liberty to deviate this rule,
but this rule is the reminder that if they do that, they are essentially on
their own and need to come up with a well documented justification as to
why the extension to be used should be regarded as safe and secure in their
system.

This can be seen as analogous to the statement often seen on medicines 'not
to be taken by pregnant women or minors'. Usually this is not because there
are known harmful effects on those groups, but rather the manufacturer
hasn't done the trials on those groups to demonstrate safety


Q2: Can violations of the rule indirectly threat safety and security?
A2: Unknown:  as above

Q3: Should an analyzer be able to detect violations of the rule?
A3: Yes



Rule 2.7:  There should be no unused parameters in functions

Q1: Can violations of the rule directly threat safety and security?
A1: Unknown:

This rule is one of a number that flags up 'suspicious behaviour'. If the
parameter isn't required, why did the programmer add it - baring in mind
that, unlike C++, C doesn't have overloading and virtual functions that may
explain why a parameter is (locally) unused. Is the presence of an unused
parameter an indicator that some intended behaviour has been omitted?


Q2: Can violations of the rule indirectly threat safety and security?
A2: Unknown:  as above

Q3: Should an analyzer be able to detect violations of the rule?
A3: Yes


       Clive Pygott
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.trustable.io/pipermail/c-safe-secure-studygroup/attachments/20170222/92703dee/attachment.html>

More information about the C-safe-secure-studygroup mailing list