Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

MISC.MEM.NTERM

LANG.MEM.BO
LANG.MEM.TO

No space for null terminator

Buffer overrun
Type overrun

Klocwork
Include Page
Klocwork_V
Klocwork_V

NNTS.MIGHT
NNTS.TAINTED


LDRA tool suite
Include Page
LDRA_V
LDRA_V

489 S, 66 X, 70 X, 71 X

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_CPP-STR50-a
CERT_CPP-STR50-b
CERT_CPP-STR50-c
CERT_CPP-STR50-d
CERT_CPP-STR50-e
CERT_CPP-STR50-f
CERT_CPP-STR50-g

Use vector and string instead of arrays
Avoid overflow due to reading a not zero terminated string
Avoid overflow when writing to a buffer
Avoid accessing arrays out of bounds
Prevent buffer overflows from tainted data
Avoid buffer write overflow from tainted data
Avoid using unsafe string functions which may cause buffer overflows

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: STR50-CPP

Checks for:

  • Use of dangerous standard function
  • Missing null in string array
  • Buffer overflow from incorrect string format specifier
  • Destination buffer overflow in string manipulation

Rule partially covered.

SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S3519

...