Questions tagged [standards-compliance]
The standards-compliance tag has no usage guidance.
standards-compliance
396
questions
0
votes
0
answers
28
views
Got PDFUAConformanceException while converting HTML to PDF using java Itext 8.0.4
PdfDocument pdfDoc = new PdfUADocument(new PdfWriter(dest),
new PdfUAConfig(PdfUAConformanceLevel.PDFUA_1, "PDF", "en-US"));
Got:
com.itextpdf.pdfua.exceptions....
- 11
0
votes
1
answer
42
views
Got font not embedded error while converting HTML to PDF with Conformance PDFUA using java iText 8.0.4
I am converting HTML to PDF with itext version 8.0.4, but I get the following exception:
com.itextpdf.pdfua.exceptions.PDFUAConformanceException: Following font(s) are not embedded : Times-Roman
I ...
- 11
0
votes
0
answers
33
views
Is OSCAL suitable for automating compliance for private tenants in Public Clouds?
I am currently looking for a way to map controls automatically and also to be able to define variants of existing controls myself so that we can also map our own framework with NIST SP 800.53 and CIS ...
- 9
0
votes
0
answers
10
views
How do you manage non-automatable compliance and tasks in code reviews?
We all appreciate the utility of automated checks during code reviews, such as linting, type checking, or security scans. However, there are certain compliance requirements or tasks that can't easily ...
0
votes
1
answer
323
views
GCP Console error: System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down
I tired to run the command on GCP Shell " systemctl status cis-level1" to check the complaince status of my GCP enviornment with CIS benchmark and got the error in screenshot
0
votes
2
answers
476
views
CMake conformance mode for MSVC
I develop in Linux and I am trying to test the project with MSVC.
Currently, I realize that MSVC is trying to compile the C++ project using the MSVC dialect of C++, and apparently, I have to force ...
- 15.6k
0
votes
0
answers
25
views
SCC Finding filter based on iso (or other) compliance IDs
I need to filter out all Firewall related findings in SCC. I want to avoid hardcoding all the categories names from here.
Instead I was hoping to find a common denominator for all of the firewall ones ...
- 3
0
votes
1
answer
74
views
What is the jargon or area of study for this type of code (non-compliant, non-conforming)? [closed]
What is the technical jargon for a module/library that's considered bad because it strays from or changes standard behavior (especially implicitly)?
For example, if I have module.js with the following ...
- 507
0
votes
0
answers
75
views
Under which FPCR configuration ARM FP instructions conform to IEEE 754-2008 in AArch64 state?
A simple question: under which FPCR configuration ARM FP instructions conform to IEEE 754-2008?
I suppose that IEEE 754-2008-conformirng FPCR configuration is:
- AHP (Alternative half-precision ...
- 5,939
0
votes
2
answers
45
views
Newlines in HTTP
The HTTP 1.1 standard says that newlines are CRLF. However wget, lynx, and firefox, all accepts a response in UNIX format.
Is it acceptable for a HTTP parser to simply skip all carriage returns in the ...
- 6,523
4
votes
2
answers
128
views
Is it possible to write a strictly conforming C program that outputs to the display?
According to ISO/IEC 9899:2017:
A strictly conforming program shall use only those features of the language and library specified in this document. It shall not produce output dependent on any ...
- 41
1
vote
1
answer
308
views
Azure Policy DeployIfNotExists fails to change values
I'm currently creating an Azure Policy that (is supposed to) deploys Microsoft Defender for Servers with Plan P1 if the current plan is different. Many subscriptions that I have currently have ...
1
vote
0
answers
306
views
For NSCoding, which "Export Compliance Information" option I should select?
Upload new version of app on App store or for TestFlight. Will need to add "Missing Compliance" warning details.
My app uses NSCoding, Which option I need to select from Apple "Export ...
- 1,494
4
votes
0
answers
264
views
Which encryption algorithms does AWS Amplify use for iOs apps?
I am publishing my mobile app to the app store, it asks what type of encryption algorithm does my application uses and the options are:
Encryption algorithms that are proprietary or not accepted as ...
- 51
4
votes
0
answers
173
views
c16rtomb()/c32rtomb() locale-independent conversion?
C++11 introduced the c16rtomb()/c32rtomb() conversion functions, along with the inverse (mbrtoc16()/mbrtoc32()). c16rtomb() clearly states in the reference documentation here:
The multibyte encoding ...
- 4,873
1
vote
1
answer
613
views
Where to get free benchmarks for CIS CAT Lite in xml format?
i am planning to use CIS CAT Lite (free version) for auditing several RHEL servers. However, Lite version contains only few benchmarks and none of them is for RHEL. My problem is, i can not purchase ...
0
votes
0
answers
305
views
AdMob in iOS app - Collected user data deletion
New to AdMob and trying to understand compliance as it relates to providing and deleting collected user data to a user upon request from purely programming standpoint.
In my research, it appears that ...
- 11
0
votes
0
answers
387
views
Firebase - GDPR+Schrems requires end-to-end encryption, but how?
I need to protect a group of user’s data, i.e. to facilitate multiple invited users to read and contribute protected data.
My understanding is that I need to implement the following design:
1 . Each ...
- 79
0
votes
1
answer
404
views
What guarantees does C provide about enum ordinal values
When I convert enum to integer type, what can I expect?
Does the first variant have value of 0?
Does the variant ordinal number increment by 1?
Assume that I did not explicitly provide the values.
...
- 3,501
10
votes
2
answers
5k
views
Can we use Firebase Authentication and be GDPR compliant?
The Firebase Authentication is processing data exclusively in the United States, and is therefore not GDPR compliant. However, they are saying on the same site that:
Firebase has moved to reliance on ...
- 189
-1
votes
1
answer
72
views
how can I execute a string formatting with out using exec function in python
I have an exec statement to set the formatting of two variables in python 3.6. Even though the code works fine, I need to change this due to compliance issue. Please let me know how it can be done ...
- 1
3
votes
1
answer
122
views
GCP suspension preventing access to our data
We have a Google Cloud Virtual Machine type N1 with 8 vCPU.
The VM is used for restoring DB and extensive manipulation of the data.
Google compliance team suspended the VM thinking we are involved in ...
- 31
1
vote
0
answers
119
views
MSVC: run time vs. compile time: 1.000000 vs. -nan(ind)
Sample code:
#include <math.h>
#include <stdio.h>
typedef double T;
T min(T a, T b)
{
return a < b ? a : b;
}
#define MIN(a,b) ((a) < (b) ? (a) : (b))
#define ONE ...
- 5,939
-4
votes
1
answer
163
views
Why isn't an IEC 60559 conformant implementation required to define __STDC_IEC_559__ (to 1)?
The C (C99+) standard requires (though implicitly) a conforming implementation to define __STDC__ to 1.
However, the C standard does not require an IEC 60559 conformant implementation to define ...
- 5,939
1
vote
2
answers
176
views
Why don't non-strict floating-point models change the value 1 of __STDC_IEC_559__?
Sample code (t0.c):
#include <stdio.h> // fix for clang, see https://stackoverflow.com/q/69976945/1778275
#if __STDC_IEC_559__ == 1
#pragma message "__STDC_IEC_559__ is 1"
#else
#...
- 5,939
1
vote
0
answers
80
views
C standard library: standard headers: is reserving of non-standard identifiers, which don't begin with underscore, considered acceptable practice?
I was just reading C11, 7.1.3 Reserved identifiers, 2, which says:
No other identifiers are reserved.
Here is a quick test:
# gcc on Linux
$ echo -e "#include <time.h>\n#define CLK_TCK&...
- 5,939
1
vote
0
answers
360
views
Cannot use -fsanitize=address in g++-11
I tryed to use -fsanitize=address option in g++-11. However, ld showed an error message when I executed command.
Environment:
OS: macOS Monterery Version 12.1 Beta (21C5021h)
Arch: arm64
g++-11:
❯ g+...
- 135
9
votes
3
answers
381
views
What are the examples of non-ISO practices, which are not found by -pedantic?
https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html :
Some users try to use -Wpedantic to check programs for strict ISO C conformance. They soon find that it does not do quite what they want: it ...
- 5,939
1
vote
4
answers
145
views
What is the rationale for "semantics violation does not require diagnostics"?
Follow-up question for: If "shall / shall not" requirement is violated, then does it matter in which section (e.g. Semantics, Constraints) such requirement is located?.
ISO/IEC 9899:202x (E) ...
- 5,939
2
votes
2
answers
156
views
If "shall / shall not" requirement is violated, then does it matter in which section (e.g. Semantics, Constraints) such requirement is located?
If "shall / shall not" requirement is violated, then does it matter in which section (e.g. semantics, constraints) such requirement is located?
Reason of the question: this opinion:
This is ...
- 5,939
2
votes
1
answer
504
views
Tentative definition of variable with internal linkage has incomplete non-array type: conforming implementations show different behavior
Follow-up question for: Why do conforming implementations behave differently w.r.t. incomplete array types with internal linkage?.
Context: tentative definition of variable with internal linkage has ...
- 5,939
6
votes
2
answers
3k
views
Microsoft C/C++: what is the definition of "strict conformance" w.r.t. implementation?
Context:
/Za, /Ze (Disable Language Extensions):
... the C compiler conforms strictly to the C89/C90 standard
/permissive- (Standards conformance):
... and sets the /Zc compiler options for strict ...
- 5,939
1
vote
0
answers
96
views
AWS Artifact & AWS Organizations
I want to download a SOC 2 TYPE 2 report from AWS artifact. In my company we use AWS Organizations to manage 20 different AWS accounts. I was wondering if it would be possible to download a single SOC ...
- 369
0
votes
0
answers
2k
views
Suppress or delete findings & violations (security hub/config) for default created resources by control tower?
I deployed control tower in the ca-central-1 region and enabled security hub and aws config through a dedicated admin account (audit account provided by default via control tower).
I then enabled the ...
- 175
1
vote
2
answers
848
views
How to fix s3-bucket-policy-grantee-check non-compliance?
I deployed a NIST CSF conformance pack on my AWS account, via AWS Config, to improve my security posture. One of my resources was non-compliant due to the s3-bucket-policy-grantee-check not passing. ...
- 175
4
votes
2
answers
100
views
Can extension cancel the existing standard requirements?
Follow-up question for Why do conforming implementations behave differently w.r.t. incomplete array types with internal linkage?.
Context: in both gcc and clang (conforming implementations) by default ...
- 5,939
-1
votes
1
answer
126
views
Why C compiler validation suites themselves may use the C standard library if the C standard library is actually under test?
How it is possible for C compiler validation suites to use any feature of the C standard library if the C standard library is actually under test and may be buggy (which invalidates the validation ...
- 5,939
1
vote
1
answer
290
views
Autosar standard-compilant way to use regex
I need to parse URI-like string. This URI is specific to the project and corresponds to "scheme://path/to/file", where path should be a syntactically correct path to file from filesystem ...
- 165
5
votes
1
answer
184
views
Why do conforming implementations behave differently w.r.t. incomplete array types with internal linkage?
Sample code (t0.c):
static int arr[ ];
int main( void )
{
return arr[ 0 ];
}
static int arr[ ] = { 0 };
Invocations:
$ gcc t0.c -std=c11 -Wall -Wextra
<nothing>
$ clang t0.c -std=c11 ...
- 5,939
-3
votes
1
answer
95
views
If an implementation supports extra nonstandard features, then is such implementation conforming?
Follow-up question for: Do unsupported standard features affect conformance?.
Question: if an implementation supports extra features which are not described in the C standard, nor in any "...
- 5,939
0
votes
1
answer
108
views
Do unsupported standard features affect conformance?
Context: C compilers deliberately do not support some features while being conforming implementations. Is it ok?
Some examples. All of the compilers down below are conforming implementations (__STDC__ ...
- 5,939
4
votes
0
answers
133
views
Annex F conforming Intel targeted clang / gcc does not raise "invalid" floating-point exception for (signed char)128.0f, bug?
Annex F requires raising of "invalid" floating-point exception (C11, Annex F, F.4 Floating to integer conversion):
... if the floating value is infinite or NaN or if the integral part of ...
- 5,939
2
votes
1
answer
61
views
Are HAS_SUBNORM and __STDC_IEC_559__ dependent?
Are HAS_SUBNORM and __STDC_IEC_559__ dependent? For example:
If __STDC_IEC_559__ is 1, then HAS_SUBNORM is 1.
If HAS_SUBNORM is 0, then __STDC_IEC_559__ is not 1.
- 5,939
0
votes
1
answer
157
views
Is there any C compiler able to detect the violation of a "strictly conforming program"? [duplicate]
Is there any C compiler able to detect* the violation of a "strictly conforming program"?
* under some option, for example, --accept-only-strictly-conforming-program
If no, then which tools ...
- 5,939
0
votes
1
answer
29
views
Accesibility Compliance Error on keyboard access
I'm trying to solve all the issues related to the 508 complianca and I'm struggling with on of them.
Verify the <div> element with "menu" role has keyboard access
How can I add ...
- 1,568
1
vote
1
answer
112
views
Why in Java pow(1, qNaN) is qNaN while in IEEE 754-2008 pow(1, qNaN) is 1?
Why in Java pow(1, qNaN) is qNaN while in IEEE 754 pow(1, qNaN) is 1?
Java:
System.out.println(Math.pow(1, Double.NaN)); // prints NaN (which is qNaN)
$ javac --version
javac 11.0.11
IEEE 754-2008, ...
- 5,939
1
vote
0
answers
367
views
How no support of #pragma STDC FENV_ACCESS ON affects __STDC_IEC_559__ and __STDC__?
This simple code (t217.c):
#include <stdio.h>
#include <fenv.h>
#include <float.h>
#pragma STDC FENV_ACCESS ON
int main( void )
{
feclearexcept( FE_ALL_EXCEPT );
( void )( ...
- 5,939
-1
votes
2
answers
221
views
Shall a #pragma leading to nonstandard behavior cause __STDC__ macro not to be defined to 1?
Simple question: shall a #pragma leading to nonstandard behavior cause __STDC__ macro not to be defined to 1? (Does the C standard explicitly prescribes that? If yes, then in which section? If no, ...
- 5,939
-2
votes
1
answer
147
views
HTML 5 Validation Service
I am trying to check HTML 5 files for validity and have found the W3C validator.
However I have found that this validator accepts grossly wrong HTML documents like this one:
<!DOCTYPE html>
<...
- 328
1
vote
1
answer
293
views
Why Clang running on Windows has no C conformance (__STDC__ is not defined to 1)?
Sample code (t127.c):
#include <stdio.h>
int main(void)
{
int ret;
#if __STDC__ == 1
printf("Has C conformance to version ");
#if __STDC_VERSION__
printf("%ld", ...
- 5,939