Page History

...

Tool Version Checker Description

Include Page

	Astrée_V
	Astrée_V

uninitialized-local-read

uninitialized-variable-use

Partially checked

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.MEM.UVAR

Uninitialized variable

Compass/ROSE

Automatically detects simple violations of this rule, although it may return some false positives. It may not catch more complex violations, such as initialization within functions taking uninitialized variables as arguments. It does catch the second noncompliant code example, and can be extended to catch the first as well

Coverity

Include Page

	Coverity_V
	Coverity_V

UNINIT

Implemented

Cppcheck

Include Page

	Cppcheck_V
	Cppcheck_V

uninitvar
uninitdata
uninitstring
uninitMemberVar
uninitStructMember

Detects uninitialized variables, uninitialized pointers, uninitialized struct members, and uninitialized array elements (However, if one element is initialized, then cppcheck assumes the array is initialized.)
There are FN compared to some other tools because Cppcheck tries to avoid FP in impossible paths.

GCC

4.3.5

Can detect some violations of this rule when the -Wuninitialized flag is used

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

UNINIT.HEAP.MIGHT
UNINIT.HEAP.MUST
UNINIT.STACK.ARRAY.MIGHT
UNINIT.STACK.ARRAY.MUST UNINIT.STACK.ARRAY.PARTIAL.MUST
UNINIT.STACK.MIGHT
UNINIT.STACK.MUST

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

53 D, 69 D, 631 S, 652 S

Fully implemented

Parasoft C/C++test

Include Page

	c:Parasoft_Vc:
	Parasoft_V

BD-BP-NOTINIT

Fully implemented

Parasoft Insure++ Runtime analysis

Polyspace Bug Finder

R2016a

Non-initialized pointer,
Non-initialized variable

Pointer not initialized before dereference

Variable not initialized before use

PRQA QA-C

Include Page

	PRQA QA-C_v
	PRQA QA-C_v

2961, 2962, 2963, 2966, 2967, 2968, 2971, 2972, 2973, 2976, 2977, 2978

Fully implemented

PRQA QA-C++

Include Page

	cplusplus:PRQA QA-C++_V
	cplusplus:PRQA QA-C++_V

2961, 2962, 2963, 2966, 2967, 2968, 2971, 2972, 2973, 2976, 2977, 2978

Splint 3.1.1

RuleChecker

Include Page

	RuleChecker_V
	RuleChecker_V

uninitialized-local-read

uninitialized-variable-use

Partially checked

PVS-Studio 6.22 V573, V614, V670, V679 General analysis rule set

Related Vulnerabilities

CVE-2009-1888 results from a violation of this rule. Some versions of SAMBA (up to 3.3.5) call a function that takes in two potentially uninitialized variables involving access rights. An attacker can exploit these coding errors to bypass the access control list and gain access to protected files [xorl 2009].

...

Key here (explains table format and definitions)

Taxonomy	Taxonomy item	Relationship
CERT C Secure Coding Standard	MSC00-C. Compile cleanly at high warning levels	Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C Secure Coding Standard	MSC01-C. Strive for logical completeness	Prior to 2018-01-12: CERT: Unspecified Relationship
CERT C	EXP53-CPP. Do not read uninitialized memory	Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24772:2013	Initialization of Variables [LAV]	Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961	Referencing uninitialized memory [uninitref]	Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11	CWE-456	2017-07-05: CERT: Exact
CWE 2.11	CWE-457	2017-07-05: CERT: Exact
CWE 2.11	CWE-758	2017-07-05: CERT: Rule subset of CWE
CWE 2.11	CWE-908	2017-07-05: CERT: Rule subset of CWE

CERT-CWE Mapping Notes

Key here for mapping notes

...

Read of uninitialized memory that does not represent a pointer

Bibliography

[Flake 2006]
[ISO/IEC 9899:2011]	Subclause 6.7.9, "Initialization" Subclause 6.2.6.1, "General" Subclause 6.3.2.1, "Lvalues, Arrays, and Function Designators"
[Mercy 2006]
[VU#925211]
[Wang 2012]	"More Randomness or Less"
[xorl 2009]	"CVE-2009-1888: SAMBA ACLs Uninitialized Memory Read"

...

Space shortcuts

Page tree

Versions Compared

Old Version 227

New Version 228

Key

Related Vulnerabilities

CERT-CWE Mapping Notes

Bibliography