...
Tool | Version | Checker | Description | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Astrée |
| error-information-unused error-information-unused-computed | Partially checked | |||||||||||
Axivion Bauhaus Suite |
| CertC-ERR33 | Astrée | include | Astrée_V | Astrée_V | Supported, but no explicit checker | |||||||
CodeSonar |
| LANG.FUNCS.IRV | Ignored return value | |||||||||||
Compass/ROSE | Can detect violations of this recommendation when checking for violations of EXP12-C. Do not ignore values returned by functions and EXP34-C. Do not dereference null pointers | |||||||||||||
Coverity |
| MISRA C 2012 Rule 22.8 MISRA C 2012 Rule 22.9 MISRA C 2012 Rule 22.10 | Implemented | |||||||||||
LDRA tool suite |
| 80 D | Partially implemented | |||||||||||
Parasoft C/C++test |
| CERT_C-ERR33-a | The value returned by a function having non-void return type shall be used | |||||||||||
Parasoft Insure++ | Runtime analysis | |||||||||||||
| Return value of a sensitive function not checked | errno is not checked for error conditions following function call Sensitive functions called without checking for unexpected return values and errors Pointer returned from dynamic allocation not checked for The value returned by a function having non-void return type shall be used The value of | ||||||||||||
PRQA QA-C++ |
| 2820, 2821, 2822, 2823, 2824, 2930, 2931, 2932, 2933, 2934, 3802, 3803, 3804 | ||||||||||||
PRQA QA-C |
| 3200 | Partially implemented | |||||||||||
RuleChecker |
| error-information-unused | Partially checked |
Related Vulnerabilities
The vulnerability in Adobe Flash [VU#159523] arises because Flash neglects to check the return value from calloc()
. Even when calloc()
returns a null pointer, Flash writes to an offset from the return value. Dereferencing a null pointer usually results in a program crash, but dereferencing an offset from a null pointer allows an exploit to succeed without crashing the program.
...