1. 6

This is a really great resource for guidelines and recommendations on C programming. I discovered the wiki because I was looking for more information about casting pointers into more strictly aligned pointer types since this is something that rust’s clippy tool denies by default.


  2. 4

    It’s a terrible source. As the wiki says: “The C rules and recommendations in this wiki are a work in progress and reflect the current thinking of the secure coding community. Because this is a development website, many pages are incomplete or contain errors. “

    My review of the 2008 edition of the published guidelines pointed out that they were full of errors and omissions. So now they have started wiki for people to fix their problems.

    1. 3

      So, I only took a skim, but I started with the advice for strings: https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152038

      The advice here basically just says “don’t have a bug”. Don’t pass non-nul terminated strings to functions that want a nul-terminated string!

      A coding standard should give you entire practices not to use to avoid bugs. For example, never use nul-terminated strings, as they are to error prone! Simply giving you example bug-types and telling you not to write them isn’t particularly useful.

      (Obligatorily: a huge number of the bug-classes described here are basically unique to C/memory-unsafe programming languages. Telling people “please stop writing bugs” is a losing strategy, even with all the static and dynamic analysis in the world. We can’t produce bugs en masse and then de-bug our way out of it, we need to adopt programming languages that prevent the bugs in the first place.)