...
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
CodeSonar |
| IO.TAINT.SIZE (general) | Tainted allocation size CodeSonar will track the tainted value, along with any limits applied to it, and flag any problems caused by underconstraint. Warnings of a wide range of classes may be triggered, including tainted allocation size, buffer overrun, and division by zero | ||||||
Klocwork |
| SV.TAINTED.ALLOC_SIZE SV.TAINTED.BINOP SV.TAINTED.CALL.BINOP SV.TAINTED.CALL.INDEX_ACCESS SV.TAINTED.CALL.LOOP_BOUND SV.TAINTED.INDEX_ACCESS SV.TAINTED.LOOP_BOUND | |||||||
Parasoft C/C++test |
| BD-SECURITY-INTOVERF, BD-SECURITY-OVERFRD, BD-SECURITY-OVERFWR | |||||||
Polyspace Bug Finder | R2016a | Loop bounded with tainted value | Loop controlled by a value from an unsecure source Size argument to memory function is from an unsecure source Size of the variable-length array (VLA) is from an unsecure source and may be zero, negative, or too large |
...