CERT-DCL30-C_c
Synopsis
Declare objects with appropriate storage durations.
Enabled by default
Yes
Severity/Certainty
High/High
Full description
Every object has a storage duration that determines its lifetime: static, thread, automatic, or allocated. Do not attempt to access an object outside of its lifetime. Attempting to do so is undefined behavior and can lead to an exploitable vulnerability. This check is identical to MEM-stack-global, MISRAC++2008-7-5-2_a, MISRAC++2023-6.8.3_a, MISRAC2004-17.6_b, MISRAC2012-Rule-18.6_b, CERT-DCL30-C_c.
Coding standards
- CERT DCL30-C
Declare objects with appropriate storage durations
- MISRA C:2004 17.6
(Required) The address of an object with automatic storage shall not be assigned to another object that may persist after the first object has ceased to exist.
- MISRA C:2012 Rule-18.6
(Required) The address of an object with automatic storage shall not be copied to another object that persists after the first object has ceased to exist
- MISRA C++ 2008 7-5-2
(Required) The address of an object with automatic storage shall not be assigned to another object that may persist after the first object has ceased to exist.
- MISRA C++ 2023 6.8.3
(Required) An assignment operator shall not assign the address of an object with automatic storage duration to an object with a greater lifetime
Code examples
The following code example fails the check and will give a warning:
int *px;
void example() {
int i = 0;
px = &i; // assigning the address of stack
// variable a to the global px
}
The following code example passes the check and will not give a warning about this issue:
void example(int *pz) {
int x; int *px = &x;
int *py = px; /* local variable */
pz = px; /* parameter */
}