Requirements — cJSON Qualification (ISO 26262 ASIL D SEooC) ============================================================= .. need:: The cJSON parser shall accept all valid JSON texts as defined by RFC 8259 and reject all malformed inputs with a deterministic error state. :id: REQ_CJSON_PARSE_VALID :status: active :tags: safety;parsing;seooc;ASIL_D :links: ARCH_PARSER_FLOW .. need:: The cJSON printer shall produce valid JSON text conforming to RFC 8259 for any valid in-memory cJSON object graph. :id: REQ_CJSON_PRINT_VALID :status: active :tags: safety;printing;seooc;ASIL_D :links: ARCH_PRINTER_FLOW .. need:: All memory allocations shall be checked for failure. Any failed allocation shall result in a deterministic error return (NULL) without undefined behavior. :id: REQ_CJSON_MEMORY_SAFE :status: active :tags: safety;memory;seooc;ASIL_D :links: ARCH_MEMORY_MODEL .. need:: The library shall not invoke undefined behavior for any input, including malformed JSON, integer overflow in depth/buffer-size parameters, and NULL pointer arguments. :id: REQ_CJSON_NO_UB :status: active :tags: safety;robustness;seooc;ASIL_D :links: ARCH_PARSER_FLOW;VER_CJSON_SANITIZERS;VER_CJSON_FUZZING .. need:: cJSON shall operate with bounded stack usage. Recursive descent parsing shall be depth-limited to prevent stack overflow. :id: REQ_CJSON_STACK_BOUNDED :status: active :tags: safety;stack;seooc;ASIL_D :links: VER_CJSON_STACK;ARCH_PARSER_FLOW;ARCH_FFI_MEASURES .. need:: All integer arithmetic in parsing and printing shall be free of signed overflow, wraparound, and truncation that could produce incorrect JSON values. :id: REQ_CJSON_ARITH_SAFE :status: active :tags: safety;integer;seooc;ASIL_D :links: VER_CJSON_ARITH;ARCH_PRINTER_FLOW .. need:: The cJSON API functions shall validate their input pointer parameters before dereference. NULL pointers passed as cJSON* arguments shall produce deterministic error returns. :id: REQ_CJSON_NULL_PTR_SAFE :status: active :tags: safety;api;seooc;ASIL_D :links: VER_CJSON_API;ARCH_MODULE_BOUNDARY .. need:: cJSON_Utils functions (JSON Patch RFC 6902, JSON Pointer RFC 6901) shall produce correct outputs conforming to their respective RFCs and reject malformed patch/pointer inputs. :id: REQ_CJSON_UTILS_RFC :status: active :tags: safety;rfc;seooc;ASIL_D :links: VER_CJSON_UTILS;ARCH_DATA_MODEL;ARCH_MODULE_BOUNDARY .. need:: String handling in cJSON shall be safe against buffer overruns. All string operations shall respect buffer boundaries and produce NUL-terminated results. :id: REQ_CJSON_STRING_SAFE :status: active :tags: safety;string;seooc;ASIL_D :links: VER_CJSON_STRING;ARCH_DATA_MODEL;ARCH_PARSER_FLOW .. need:: cJSON shall not contain unreachable dead code, unused variables, or logical contradictions that could indicate dormant defects. :id: REQ_CJSON_CODE_QUALITY :status: active :tags: safety;quality;seooc;ASIL_D :links: VER_CJSON_STATIC;ARCH_MODULE_BOUNDARY;ARCH_DATA_MODEL .. need:: The cJSON build system shall be reproducible. A build from source on the qualified toolchain version shall produce bit-identical or semantically equivalent binaries. :id: REQ_CJSON_REPRODUCIBLE :status: active :tags: safety;build;seooc;ASIL_D :links: VER_CJSON_REPRODUCIBLE;ARCH_MODULE_BOUNDARY .. need:: All safety requirements shall be traceable to verification activities, and all verification activities shall produce documentation artifacts suitable for ISO 26262-8:2018 Clause 9 (Verification) audit. :id: REQ_CJSON_TRACEABILITY :status: active :tags: safety;process;seooc;ASIL_D :links: ARCH_MODULE_BOUNDARY