Skip to content

Commit eaf0859

Browse files
brotherbeerbrotherbeer
authored
优化示例
ID_dangerousName:简化配置说明 ID_dangerousFunction:简化配置说明,细化规则描述 ID_obsoleteFunction:简化配置说明,细化规则描述 ID_unsafeStringFunction:补充规则依据,优化规则说明 ID_nonGlobalMain:补充规则依据 ID_nonStdAssignmentRetType:补充规则依据 ID_nonStdCopyAssignmentParam:补充规则说明和依据,优化示例 ID_nonStdMoveAssignmentParam:补充规则说明和依据,优化示例 ID_virtualAssignment:补充规则说明和依据 ID_evaluationOrderReliance:修正参考条目 ID_implementationDefinedFunction:补充参考条目 ID_unsuitableMove:补充标准条目 ID_unsuitableForward:补充标准条目
1 parent 3126c1c commit eaf0859

File tree

2 files changed

+95
-105
lines changed

2 files changed

+95
-105
lines changed

c-cpp-rules.json

Lines changed: 20 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -847,30 +847,34 @@
847847
"ID_virtualAssignment": {
848848
"checkPoint": "拷贝和移动赋值运算符不应为虚函数",
849849
"level": "warning",
850-
"comment": "拷贝和移动赋值运算符的返回类型应为所属类的非 const 引用,这类运算符即使是虚函数也不便于被重写。",
850+
"comment": "拷贝和移动赋值运算符的参数应分别为所属类的左值和右值引用,这类运算符即使是虚函数也不便于被重写。",
851851
"tag": "declaration",
852852
"related": "ID_nonStdAssignmentRetType",
853+
"standard": "ISO/IEC 14882:2003 12.8(9),ISO/IEC 14882:2011 12.8(17),ISO/IEC 14882:2011 12.8(19)",
853854
"reference": "C++ Core Guidelines C.60,C++ Core Guidelines C.63"
854855
},
855856
"ID_nonStdCopyAssignmentParam": {
856857
"checkPoint": "拷贝赋值运算符的参数应为同类对象的 const 左值引用",
857858
"level": "warning",
858859
"comment": "拷贝赋值运算符的参数不应按值传递,否则会产生不必要的复制开销以及“对象切片”等问题。",
859860
"tag": "declaration",
861+
"standard": "ISO/IEC 14882:2003 12.8(9),ISO/IEC 14882:2011 12.8(17)",
860862
"reference": "C++ Core Guidelines C.60"
861863
},
862864
"ID_nonStdMoveAssignmentParam": {
863865
"checkPoint": "移动赋值运算符的参数应为同类对象的非 const 右值引用",
864866
"level": "warning",
865-
"comment": "移动赋值运算符的参数不可为 const 右值引用,否则将失去移动赋值的意义。",
867+
"comment": "移动赋值意在将参数的数据转移到当前对象中,故参数不应为 const 右值引用,否则将失去移动赋值的意义。",
866868
"tag": "declaration",
869+
"standard": "ISO/IEC 14882:2011 12.8(19),ISO/IEC 14882:2017 15.8.2(3)",
867870
"reference": "C++ Core Guidelines C.63"
868871
},
869872
"ID_nonStdAssignmentRetType": {
870873
"checkPoint": "拷贝和移动赋值运算符应返回所属类的非 const 引用",
871874
"level": "warning",
872875
"comment": "拷贝和移动赋值运算符应返回所属类的非 const 引用,便于调用者使用并满足泛型编程的要求。",
873876
"tag": "declaration",
877+
"standard": "ISO/IEC 14882:2003 12.8(10),ISO/IEC 14882:2011 12.8(22)",
874878
"reference": "C++ Core Guidelines F.47,C++ Core Guidelines C.60,C++ Core Guidelines C.63"
875879
},
876880
"ID_mainReturnsNonInt": {
@@ -894,6 +898,7 @@
894898
"level": "warning",
895899
"comment": "main 函数作为程序的入口,链接器需对其特殊处理,不应受命名空间等作用域的限制。",
896900
"tag": "global",
901+
"standard": "ISO/IEC 14882:2003 3.6.1(1),ISO/IEC 14882:2011 3.6.1(1)",
897902
"reference": "MISRA C++ 2008 7-3-2"
898903
},
899904
"ID_illFormedMain": {
@@ -1580,7 +1585,7 @@
15801585
"tag": "expression",
15811586
"related": "ID_confusingAssignment",
15821587
"standard": "ISO/IEC 9899:1999 5.1.2.3(2),ISO/IEC 9899:1999 Annex C,ISO/IEC 9899:2011 5.1.2.3(3),ISO/IEC 9899:2011 Annex C",
1583-
"reference": "CWE-758,C++ Core Guidelines ES.43,C++ Core Guidelines ES.44"
1588+
"reference": "C++ Core Guidelines ES.43,C++ Core Guidelines ES.44"
15841589
},
15851590
"ID_complexExpression": {
15861591
"checkPoint": "表达式不应过于复杂",
@@ -1683,6 +1688,7 @@
16831688
"level": "warning",
16841689
"comment": "std::move 的参数应为左值,返回值应直接作为接口的参数,除此之外的应用价值有限,且易产生错误。",
16851690
"tag": "expression",
1691+
"standard": "ISO/IEC 14882:2011 20.2.3(6),ISO/IEC 14882:2017 23.2.5(5)",
16861692
"reference": "C++ Core Guidelines ES.56,C++ Core Guidelines F.18,C++ Core Guidelines F.48"
16871693
},
16881694
"ID_useAfterMove": {
@@ -1699,6 +1705,7 @@
16991705
"comment": "std::forward 的参数应为“转发引用(forwarding references)”,返回值应直接作为接口的参数,除此之外的使用方式价值有限,且易产生错误。",
17001706
"tag": "expression",
17011707
"related": "ID_illForwardingReference",
1708+
"standard": "ISO/IEC 14882:2011 20.2.3(1),ISO/IEC 14882:2017 23.2.5(1)",
17021709
"reference": "C++ Core Guidelines F.19"
17031710
},
17041711
"ID_illForwardingReference": {
@@ -2804,7 +2811,7 @@
28042811
"tag": "security",
28052812
"related": "ID_sig_illReturn",
28062813
"standard": "ISO/IEC 9899:1999 6.5.5(5)-undefined,ISO/IEC 9899:2011 6.5.5(5)-undefined,ISO/IEC 14882:2011 5.6(4)-undefined,ISO/IEC 14882:2017 8.6(4)-undefined",
2807-
"reference": "CWE-369,C++ Core Guidelines ES.105"
2814+
"reference": "CWE-189,CWE-369,C++ Core Guidelines ES.105"
28082815
},
28092816
"ID_nullDerefAllocRet": {
28102817
"checkPoint": "判断资源分配函数的返回值是否有效",
@@ -2844,7 +2851,6 @@
28442851
"level": "warning",
28452852
"comment": "弱加密、弱哈希、弱随机、不安全的协议等相关库、函数、类、宏、常量等名称不应出现在代码中。",
28462853
"tag": "security",
2847-
"config": [ "详见说明" ],
28482854
"reference": "CWE-326,CWE-327"
28492855
},
28502856
"ID_badLength": {
@@ -3251,9 +3257,9 @@
32513257
"ID_unsafeStringFunction": {
32523258
"checkPoint": "禁用不安全的字符串函数",
32533259
"level": "warning",
3254-
"comment": "由于历史原因,C 语言某些字符串函数不检查缓冲区长度,易造成运行时错误或安全漏洞",
3260+
"comment": "由于历史原因,C 标准库中的某些字符串函数不执行边界检查,易造成运行时错误和安全漏洞",
32553261
"tag": "security",
3256-
"standard": "ISO/IEC 9899:2011 K.3.7",
3262+
"standard": "ISO/IEC 9899:2011 Annex K,ISO/IEC 9899:2011 K.3.7,ISO/IEC 9899:2011 K.3.9",
32573263
"related": "ID_bufferOverflow",
32583264
"reference": "CWE-119,CWE-120,CWE-676,MISRA C++ 2008 18-0-5"
32593265
},
@@ -3263,7 +3269,7 @@
32633269
"comment": "当字符串无法被正确转为数值时,stdlib.h 或 cstdlib 中的 atof、atoi、atol 以及 atoll 等函数会导致标准未定义的行为。",
32643270
"tag": "expression",
32653271
"standard": "ISO/IEC 9899:1999 7.20.1(1)-undefined,ISO/IEC 9899:2011 7.22.1(1)-undefined",
3266-
"reference": "CWE-190,MISRA C 2004 20.10,MISRA C 2012 21.7,MISRA C++ 2008 18-0-2"
3272+
"reference": "MISRA C 2004 20.10,MISRA C 2012 21.7,MISRA C++ 2008 18-0-2"
32673273
},
32683274
"ID_forbidLongjmp": {
32693275
"checkPoint": "禁用 setjmp、longjmp",
@@ -3274,28 +3280,26 @@
32743280
"reference": "C++ Core Guidelines SL.C.1,MISRA C 2004 20.7,MISRA C 2012 21.4,MISRA C++ 2008 17-0-5"
32753281
},
32763282
"ID_obsoleteFunction": {
3277-
"checkPoint": "不应使用已过时的函数",
3283+
"checkPoint": "不应使用已过时的接口",
32783284
"level": "warning",
3279-
"comment": "某些函数存在缺陷或漏洞并已宣布过时,应使用更完善的替代方法",
3285+
"comment": "某些库函数或系统 API 存在缺陷并已宣布过时,应改用更完善的替代方法",
32803286
"tag": "security",
3281-
"config": [ "详见说明" ],
32823287
"reference": "CWE-477"
32833288
},
32843289
"ID_dangerousFunction": {
3285-
"checkPoint": "避免使用具有危险性的函数",
3290+
"checkPoint": "避免使用具有危险性的接口",
32863291
"level": "warning",
3287-
"comment": "某些函数本身就具有危险性,使用这种函数相当于直接引入了风险",
3292+
"comment": "某些库函数或系统 API 本身就具有危险性,使用这种接口相当于直接引入了风险",
32883293
"tag": "security",
3289-
"config": [ "详见说明" ],
3290-
"reference": "CWE-242,CWE-474,CWE-676"
3294+
"reference": "CWE-242,CWE-676"
32913295
},
32923296
"ID_implementationDefinedFunction": {
32933297
"checkPoint": "避免使用由实现定义的库函数",
32943298
"level": "warning",
32953299
"comment": "由实现定义的(implementation-defined)库函数会增加移植或兼容等方面的成本。",
32963300
"tag": "expression",
32973301
"standard": "ISO/IEC 9899:2011 7.14.1.1(3)-implementation,ISO/IEC 9899:2011 7.22.4.1(2)-implementation,ISO/IEC 9899:2011 7.22.4.4(5)-implementation,ISO/IEC 9899:2011 7.22.4.6(2)-implementation,ISO/IEC 9899:2011 7.22.4.8(3)-implementation,ISO/IEC 9899:2011 7.27.2.1(3)-implementation",
3298-
"reference": "MISRA C 2004 20.8,MISRA C 2004 20.11,MISRA C 2004 20.12,MISRA C 2012 21.5,MISRA C 2012 21.8,MISRA C 2012 21.10,MISRA C++ 2008 18-0-3,MISRA C++ 2008 18-0-4,MISRA C++ 2008 18-7-1"
3302+
"reference": "CWE-474,CWE-589,MISRA C 2004 20.8,MISRA C 2004 20.11,MISRA C 2004 20.12,MISRA C 2012 21.5,MISRA C 2012 21.8,MISRA C 2012 21.10,MISRA C++ 2008 18-0-3,MISRA C++ 2008 18-0-4,MISRA C++ 2008 18-7-1"
32993303
},
33003304
"ID_missingVoid": {
33013305
"checkPoint": "C 代码中参数列表如果为空应声明为“(void)”",

0 commit comments

Comments
 (0)