SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 63

changes.mady.by.user Svyatoslav Razmyslov

Saved on

compared with

New Version 64

changes.mady.by.user Michal Rozenau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft C/C++test 10.4.1 update

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MEM52-CPP

High

Likely

Medium

P18

L1

Automated Detection

Tool

Version

Checker

Description

Compass/ROSE


Coverity7.5CHECKED_RETURNFinds inconsistencies in how function call return values are handled
LDRA tool suite
Include Page
LDRA_V
LDRA_V

45 D

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_CPP-MEM52-a
CERT_CPP-MEM52-b

Check the return value of new
Do not allocate resources in function argument list because the order of evaluation of a function's parameters is undefined

MRM-34

Parasoft Insure++

Runtime detection
PRQA QA-C++4.1 4632, 3225, 3226, 3227, 3228, 3229 
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V522

Related Vulnerabilities

The vulnerability in Adobe Flash [VU#159523] arises because Flash neglects to check the return value from calloc(). Even though calloc() returns NULL, Flash does not attempt to read or write to the return value. Instead, it attempts to write to an offset from the return value. Dereferencing NULL usually results in a program crash, but dereferencing an offset from NULL allows an exploit to succeed without crashing the program.

...