...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
MEM50-CPP | High | Likely | Medium | P18 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Clang |
| clang-analyzer-cplusplus.NewDelete | Checked by clang-tidy , but does not catch all violations of this rule. | ||||||
CodeSonar |
| ALLOC.UAF | Use after free | ||||||
Compass/ROSE | |||||||||
| USE_AFTER_FREE | Can detect the specific instances where memory is deallocated more than once or read/written to the target of a freed pointer | |||||||
Klocwork |
| UFM.DEREF.MIGHT | |||||||
LDRA tool suite |
| 483 S, 484 S | Partially implemented | ||||||
Parasoft C/C++test |
| BD-RES-FREE | |||||||
Parasoft Insure++ | Runtime detection |
PRQA QA-C++ | 4.1 | 4303, 4304 | |
PVS-Studio | 6.22 | V586, V774 |
Splint |
|
Related Vulnerabilities
VU#623332 describes a double-free vulnerability in the MIT Kerberos 5 function krb5_recvauth() [VU# 623332].
...