Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported, but no explicit checker
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.MEM.BO
LANG.MEM.BU
BADFUNC.BO.*

Buffer overrun
Buffer underrun
A collection of warning classes that report uses of library functions prone to internal buffer overflows

Compass/ROSE




Coverity
Include Page
Coverity_V
Coverity_V

BUFFER_SIZE

BAD_SIZEOF

BAD_ALLOC_STRLEN

BAD_ALLOC_ARITHMETIC

Implemented

Fortify SCA

5.0


Can detect violations of this rule with CERT C Rule Pack

Klocwork

Include Page
Klocwork_V
Klocwork_V

ABV.ANY_SIZE_ARRAY
ABV.GENERAL
ABV.ITERATOR
ABV.STACK
ABV.TAINTED
ABV.UNKNOWN_SIZE


LDRA tool suite
Include Page
LDRA_V
LDRA_V
64 X, 66 X, 68 X, 69 X, 70 X, 71 X, 79 X
Partially Implmented
Parasoft C/C++test10.3
Include Page
c:Parasoft_V
c:Parasoft_V
BD-PB-OVERF{RD,WR,FMT,NZT}Fully implemented
Parasoft Insure++

Runtime analysis
Polyspace Bug FinderR2016a

Array access out of bounds, Buffer overflow from incorrect string format specifier, Destination buffer overflow in string manipulation, Destination buffer underflow in string manipulation, Invalid use of standard library memory routine
Invalid use of standard library string routine, Mismatch between data length and size, Pointer access out of bounds
Possible misuse of sizeof, Use of tainted pointer

Guarantee that library functions do not form invalid pointers
PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v

2845, 2846, 2847, 2848, 2849, 2930, 2932, 2933, 2934

Fully implemented
PRQA QA-C++
Include Page
cplusplus:PRQA QA-C++_V
cplusplus:PRQA QA-C++_V

2840, 2841, 2842, 2843, 2844

Fully implemented

Splint

Include Page
Splint_V
Splint_V



...