| Use symbolic names instead of literal values in code. Do not use "magic" numbers. |
| Access to an array should be demonstrably within the bounds of the array. |
| Do not assume the order of evaluation of operands in an expression. |
| Use parentheses in expressions to specify the intent of the expression. |
| Always discard the result of an assignment operator. |
| When comparing variables and constants for equality always place the constant on the left hand side. |
| Do not use expressions which rely on implicit conversion of an operand. |
| Ensure expressions used in assertions are free from side-effects. |
| Do not code side effects into the right-hand operands of '&&', '||', 'sizeof' or 'typeid'. |
| Avoid statements that have no side effects. |
| Do not apply the following bitwise operators to signed operands: shift operators ('<<', '>>'), bitwise AND ('&'), exclusive OR ('^') and inclusive OR ('|'). |
| Validate arguments to be used in shift operators. |
| Do not mix signed and unsigned data items in the same expression. |
| Do not mix arithmetic precision in expressions. |
| Do not write code that expects floating point calculations to yield exact results. |
| Do not use the increment operator ('++') on a variable of type 'bool'. |
| Guard both division and remainder operations by a test on the right hand operand being non-zero. |
| Guard the modulus operation to ensure that both arguments are non-negative. |
| Do not use the comma operator. |
| Do not use the ternary operator (?:) in expressions. |
| Apply unary minus to operands of signed type only. |