[C-safe-secure-studygroup] Rule 5.1 Distinct external identifiers
Robert Seacord
rcseacord at gmail.com
Wed Feb 22 13:44:27 UTC 2017
Q1: Can violations of the rule directly threat safety and security?
A1: Yes
Q2: Can violations of the rule indirectly threat safety and security?
A2: Yes
Q3: Should an analyzer be able to detect violations of the rule?
A3: Yes
*Discussion:*
This is similar to Rule 5.2 that applies to internal identifiers but I'm
having a harder time determining the definition of distinct, as the example
says that these are not distinct:
/* in a.c */
int xyz = 0;
/* in b.c */
int XYZ = 0;
IMHO, I think changing the definition of what makes identifiers distinct
would be pretty disruptive and that the existing TS 1761 rule i fine and
could be extended to both safety and security. The closest I have seen to
this rule is avoiding similar characters like '1' and 'l' and '0' and 'O'
in the same positions in the identifier.
EXAMPLE 4 According to ISO/IEC 9899:2011, 5.2.4.1, external
identifiers need to be unique only within the first 31 characters. In this
noncompliant example, a diagnostic is required on implementations where the
external identifiers bash_groupname_completion_function and
bash_groupname_completion_funct are identical, because it results in
incompatible declarations.
/* in bash/bashline.h */
extern char* bash_groupname_completion_function(const char *, int);
// diagnostic required
// the identifier exceeds 31 characters
/* in a.c */
#include <bashline.h>
void w(const char *s, int i) {
bash_groupname_completion_function(s, i);
}
/* in b.c */
int bash_groupname_completion_funct; // diagnostic required
// identifier not unique within 31 characters
NOTE The identifier bash_groupname_completion_function referenced
here was taken from GNU Bash <http://www.gnu.org/software/bash/> version
3.2.
*Background*
More or less already in TS 17961 the same function or object in
incompatible ways [funcdecl]
*Rule*
Two or more incompatible declarations of the same function or object that
appear in the same program shall be diagnosed.
EXAMPLE 4 According to ISO/IEC 9899:2011, 5.2.4.1, external
identifiers need to be unique only within the first 31 characters. In this
noncompliant example, a diagnostic is required on implementations where the
external identifiers bash_groupname_completion_function and
bash_groupname_completion_funct are identical, because it results in
incompatible declarations.
/* in bash/bashline.h */
extern char* bash_groupname_completion_function(const char *, int);
// diagnostic required
// the identifier exceeds 31 characters
/* in a.c */
#include <bashline.h>
void w(const char *s, int i) {
bash_groupname_completion_function(s, i);
}
/* in b.c */
int bash_groupname_completion_funct; // diagnostic required
// identifier not unique within 31 characters
NOTE The identifier bash_groupname_completion_function referenced
here was taken from GNU Bash <http://www.gnu.org/software/bash/> version
3.2.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.trustable.io/pipermail/c-safe-secure-studygroup/attachments/20170222/d58be5cc/attachment.html>
More information about the C-safe-secure-studygroup
mailing list