Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





  21.18 is a safe strncpy function call non-compliant?
Posted by: dunno - 15-06-2023, 01:06 PM - Forum: 8.21 Standard libraries - No Replies

I have a philosophical question.


Example code:

void foo() {
    char buf[128];
    strncpy(buf, "hello", 128);
}

The strncpy call does not have any undefined behavior. It will write "hello" in the buffer. Writing 6 bytes in a 128 byte buffer is not undefined behavior.

Does this code then violate rule 21.18? The third argument is larger than the size of the string literal.

Reading the amplification, it seems to me the code in non-compliant.

Reading the rationale, the point of this rule is to avoid buffer overflows. Since there is no buffer overflow does it mean the code is compliant?

Print this item

  MISRA Compliance Matrix
Posted by: vartika.tailor - 08-06-2023, 04:57 PM - Forum: General Questions - Replies (2)

Hi,

Please could you let me know whether I can download a template MISRA 2012 compliance matrix document and the link to the document? 

Kind regards,
Vartika

Print this item

  MISRA C:2012 Example Suite
Posted by: misra-c - 18-05-2023, 05:01 PM - Forum: MISRA resources - No Replies

For info, the MISRA C:2012 Example suite is now available via the MISRA Git Repository

https://gitlab.com/MISRA/MISRA-C/MISRA-C...mple-Suite

At the moment, this is read-only

Print this item

  MISRA C:2023 released
Posted by: david ward - 12-05-2023, 04:29 PM - Forum: Announcements - No Replies

We are pleased to announce the release of MISRA C:2023 (MISRA C Third edition, Second revision). This is a further update which incorporates Amendments 2 – 4 (AMD2, AMD3, AMD4) and Technical Corrigendum 2 (TC2) and incorporates support for C11 and C18 language features.

At the present time this document is available in PDF form, but we will provide an option for purchase of hardcopies in around 4 – 6 weeks’ time using a “print on demand” service.

Further information including FAQs is available on the MISRA website.

The current version history of MISRA C, with the newest first, is as follows

  • MISRA C:2023 (Third Edition, Second Revision) – published 2023, the current version incorporating support for C11 and C18 language features
  • MISRA C:2012 (Third Edition, First Revision) – also known as MISRA C:2019, published 2019, incorporated additional security guidelines
  • MISRA C:2012 (Third Edition) – published 2013, incorporated support for C99 language features, improved strong typing model, analysis keywords
  • MISRA C:2004 (Second Edition) – published 2004, taking into account user feedback and cross-industry applications
  • MISRA C:1998 (First Edition) – published 1998, original guidance emerging from the automotive industry.

Print this item

  MISRA C:2012 AMD4 released
Posted by: david ward - 24-03-2023, 12:56 AM - Forum: Announcements - No Replies

MISRA C:2012 Amendment 4 (which completes addition of support for C11/C18 language features) is now available as a free download from the "Resources" section of this Bulletin Board.

Looking to the future we will shortly release a consolidated version (to be known as MISRA C:2023) rolling up the recent amendments and technical corrigenda. We will make a further announcement when this is available for purchase.

Print this item

  MISRA C:2012 AMD4
Posted by: david ward - 15-03-2023, 04:16 PM - Forum: MISRA resources - Replies (2)

We are pleased to announce the publication of MISRA C:2012 Amendment 4 (MISRA C:2012 AMD4). This document completes the additional updates for ISO/IEC 9899:2011/2018 with consideration of new C11/C18 features.

This amendment is intended to be used with MISRA C:2012 (Third Edition, First Revision) as revised and amended by:

  • MISRA C:2012 Technical Corrigendum 2,
  • MISRA C:2012 Amendment 2, and
  • MISRA C:2012 Amendment 3.

This amendment is also compatible with MISRA C:2012 (Third Edition) as revised and amended by:

  • MISRA C:2012 Technical Corrigendum 1,
  • MISRA C:2012 Technical Corrigendum 2,
  • MISRA C:2012 Amendment 1,
  • MISRA C:2012 Amendment 2, and
  • MISRA C:2012 Amendment 3.



Attached Files
.pdf   MISRA C 2012 AMD4.pdf (Size: 1.39 MB / Downloads: 61)
Print this item

  Are Memory Pools allowed by MISRA-C?
Posted by: jpature - 14-03-2023, 02:23 PM - Forum: 7.4 Code design - Replies (3)

Hi,

Would a memory pool (to handle a variable number of objects) based on a statically allocated chunk of memory be MISRA C compliant ? Or would it be banned because considered as dynamic allocation ?

Thanks.

Print this item

  Suggestions for a MISRA-C-2012-compliant compression library?
Posted by: philCryo - 07-03-2023, 02:41 AM - Forum: General Questions - No Replies

Hi all,

Not sure which forum in which to post this.  Any suggestions for a MISRA-C-2012-compliant compression library?  Everything I'm checking has oodles of "Required" rule violations.

Print this item

  Rule 6-5-2: Non-Compliant Example Clarification
Posted by: vapdrs - 09-02-2023, 05:36 PM - Forum: 6.6 Statements (C++) - Replies (1)

I am looking for some clarification on the first non-compliant example for Rule 6-5-2, and the overall definition of a loop-counter, which as part of its definition states it must be,

Quote:an operand to a relational operator in condition


Where relational operator is defined in Rule 4-5-2, 4-5-3, and §5.9 as <, >, <=, and >=.

In the non-compliant example
Code:
for ( i = 1; i != 10; i += 2 ) // Non-compliant

The variable i is clearly considered a loop-counter because the subject of Rule 6-5-2 is a loop-counter. I am confused as to how could i could be considered a loop-counter though, because it is not an operand to a relational operator in the for loop condition.

Moreover, if a loop-counter is defined as necessarily being an operand to a relational operator, then the point of Rule 6-5-2 is called into question. The only thing it could be applied to is when a variable is used as an operand to a relational operator (making it a loop-counter) and another expression in the conditions like,

Code:
for ( i = 1; i != 10 && i > 0 ; i += 2 ) // Non-compliant

Which is helpful for some bad behavior, but will clearly miss some fairly obvious bad behavior, like the original non-compliant example.

Tangentially related the definition of loop-counter contains a note explicitly saying that iterators are also valid as a loop-counter. However, this note would be odd, since typically when using STL iterators in loops equality operators are used and not relational operators. So Rule 6-5-1 would flag the following as non-compliant, even though it is a common idiom.

Code:
for (auto it = container.begin(); it != container.end(); ++it )

Print this item

  A3-9-1 - example with plain 'char' type
Posted by: mstaron - 08-02-2023, 08:00 AM - Forum: AUTOSAR C++:2014 rules - Replies (2)

The A3-9-1 rule recommends to use integer types from <cstdint>, indicating the size and signedness, but the plain 'char' type does not have corresponding type in this library. It is possible to replace only explicit signed or unsigned 'char' types.

The example in A3-9-1 shows the declaration of the plain 'char' type as non-compliant. I understand that in this case the 'i6' variable is initialized by numerical value, so its type should be changed to int8_t. However, this is a different problem that is non-compiant with Rule M5-0-11 "The plain char type shall only be used for the storage and use of character values.". The plain 'char' type is used in AUTOSAR documentation in cases which are marked as compliant (for example Rule A5-1-1). I suppose that A3-9-1 should apply only to 'char' types declared explicitly as signed or unsigned and should not apply to plain 'char' types.

Print this item

Search Forums

(Advanced Search)

Forum Statistics
» Members: 6,113
» Latest member: Yeonmoo Choi
» Forum threads: 966
» Forum posts: 2,653

Full Statistics

Online Users
There are currently 103 online users.
» 0 Member(s) | 101 Guest(s)
Bing, Google

Latest Threads
10.2.3 Amplification
Forum: 4.10 Declarations
Last Post: misra cpp
4 hours ago
» Replies: 1
» Views: 78
Rule 7.0.5 Example potent...
Forum: 4.7 Standard conversions
Last Post: misra cpp
4 hours ago
» Replies: 1
» Views: 96
Rule 0.2.4 non-compliant ...
Forum: 4.0 Language independent issues
Last Post: misra cpp
4 hours ago
» Replies: 1
» Views: 116
Further guidance on MISRA...
Forum: 8.10 The essential type model
Last Post: mshawa
09-04-2024, 02:29 PM
» Replies: 0
» Views: 26
MISRA AC SLSF:2023 AMD1
Forum: MISRA AC resources
Last Post: david ward
05-04-2024, 01:56 PM
» Replies: 0
» Views: 44
Rule 6-2-3 and C++17 [[fa...
Forum: 6.6 Statements (C++)
Last Post: kafka
27-03-2024, 02:44 PM
» Replies: 0
» Views: 73
MISRA AC GMG:2023 release...
Forum: MISRA AC GMG discussions
Last Post: misra-ac
25-03-2024, 06:01 PM
» Replies: 2
» Views: 345
14.3 and enum constants i...
Forum: 8.14 Control statement expressions
Last Post: misra-c
24-03-2024, 01:08 PM
» Replies: 1
» Views: 282
0-1-8. Exception: empty i...
Forum: 6.0 Language independent issues (C++)
Last Post: vmuthusu
18-03-2024, 04:01 AM
» Replies: 3
» Views: 8,273
Rule 19.1 Example
Forum: 8.19 Overlapping storage
Last Post: misra-c
13-03-2024, 10:31 AM
» Replies: 3
» Views: 8,029