...
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Astrée |
| Supported, but no explicit checker | |||||||
Axivion Bauhaus Suite |
| CertC-STR31 | Detects calls to unsafe string function that may cause buffer overflow | ||||||
CodeSonar |
| DYN.MEM.IW | Dynamic Invalid Write | ||||||
Can detect violations of the rule. However, it is unable to handle cases involving | |||||||||
Coverity |
| STRING_OVERFLOW BUFFER_SIZE OVERRUN STRING_SIZE | Fully implemented | ||||||
5.0 | |||||||||
| NNTS.MIGHT | ||||||||
| 489 S, 109 D, 66 X, 70 X, 71 X | Partially implemented | |||||||
Parasoft C/C++test |
| CERT_C-STR31-a | Avoid accessing arrays out of bounds | ||||||
Polyspace Bug Finder |
| Buffer overflow from incorrect string format specifier Destination buffer overflow in string manipulation Invalid use of standard library string routine | Array index outside bounds during array access String format specifier causes buffer argument of standard library functions to overflow Function writes to buffer at offset greater than buffer size Standard library string function called with invalid arguments String does not terminate with null character Pointer dereferenced outside its bounds Argument is from an unsecure source and may be NULL or not NULL-terminated Dangerous functions cause possible buffer overflow in destination buffer | ||||||
PRQA QA-C |
| 2845, 2846, 2847, 2848, 2849, 5009 | Partially implemented | ||||||
PRQA QA-C++ |
| 0145, 2840, 2841, 2842, 2843, 2844, 2845, 2846, 2847, 2848, 2849, 2930, 2931, 2932, 2933, 2934, 2935, 2936, 2937, 2938, 2939, 5006 | |||||||
PVS-Studio |
| V518, V645, V727, V755 | |||||||
|
...