...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
INT30-C | High | Likely | High | P9 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Astrée |
| integer-overflow | Fully checked | ||||||
CodeSonar |
| ALLOC.SIZE.ADDOFLOW | Addition overflow of allocation size | ||||||
Compass/ROSE | Can detect violations of this rule by ensuring that operations are checked for overflow before being performed (Be mindful of exception INT30-EX2 because it excuses many operations from requiring validation, including all the operations that would validate a potentially dangerous operation. For instance, adding two | ||||||||
Coverity |
| INTEGER_OVERFLOW | Implemented | ||||||
Klocwork |
| NUM.OVERFLOW CWARN.NOEFFECT.OUTOFRANGE | |||||||
LDRA tool suite |
| 493 S, 494 S | Partially implemented | ||||||
Parasoft C/C++test |
| BD-PB-INTOVERF, PB-66_a, PB-66_b | Implemented | ||||||
Polyspace Bug Finder | R2016a | Unsigned integer overflow | Overflow from operation between unsigned integers | ||||||
PRQA QA-C |
| 2910 (C) | Partially implemented | ||||||
PRQA QA-C++ |
| 2910, 2911, 2912, 2913 | |||||||
PVS-Studio | 6.22 | V658 | |||||||
RuleChecker |
| integer-overflow | Fully checked |
Related Vulnerabilities
CVE-2009-1385 results from a violation of this rule. The value performs an unchecked subtraction on the length
of a buffer and then adds those many bytes of data to another buffer [xorl 2009]. This can cause a buffer overflow, which allows an attacker to execute arbitrary code.
...