Tool | Version | Checker | Description |
---|
Astrée | |
| Supported Astrée reports all buffer overflows resulting from copying data to a buffer that is not large enough to hold that data. |
Axivion Bauhaus Suite | Include Page |
---|
| Axivion Bauhaus Suite_V |
---|
| Axivion Bauhaus Suite_V |
---|
|
| CertC-STR31 | Detects calls to unsafe string function that may cause buffer overflow Detects potential buffer overruns, including those caused by unsafe usage of fscanf() |
CodeSonar | | LANG.MEM.BO LANG.MEM.TO MISC.MEM.NTERM BADFUNC.BO.* | Buffer overrun Type overrun No space for null terminator A collection of warning classes that report uses of library functions prone to internal buffer overflows |
Compass/ROSE |
|
| Can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example |
Coverity | | STRING_OVERFLOW BUFFER_SIZE OVERRUN STRING_SIZE | Fully implemented |
Fortify SCA | 5.0 |
|
|
Klocwork | | NNTS.MIGHT NNTS.MUST SV.STRBO.BOUND_COPY.OVERFLOW SV.STRBO.BOUND_COPY.UNTERM SV.STRBO.BOUND_SPRINTF SV.STRBO.UNBOUND_COPY SV.STRBO.UNBOUND_SPRINTF |
|
LDRA tool suite | | 489 S, 109 D, 66 X, 70 X, 71 X | Partially implemented |
Parasoft C/C++test | | CERT_C-STR31-a CERT_C-STR31-b CERT_C-STR31-c CERT_C-STR31-d CERT_C-STR31-e | Avoid accessing arrays out of bounds Avoid overflow when writing to a buffer Prevent buffer overflows from tainted data Avoid buffer write overflow from tainted data Avoid using unsafe string functions which may cause buffer overflows |
Polyspace Bug Finder | Include Page |
---|
| Polyspace Bug Finder_V |
---|
| Polyspace Bug Finder_V |
---|
|
| CERT C: Rule STR31-C | Checks for: - Use of dangerous standard function
- Missing null in string array
- Buffer overflow from incorrect string format specifier
- Destination buffer overflow in string manipulation
- Tainted NULL or non-null-terminated string
Rule partially covered. |
PRQA QA-C | | 5009, 5038, 2840, 2841, 2842, 2843, 2845, 2846, 2847, 2848, 2849, 5009, 2930, 2931, 2932, 2933, 2935, 2936, 2937, 2938 | Partially implemented |
PRQA QA-C++ | Include Page |
---|
| cplusplus:PRQA QA-C++_V |
---|
| cplusplus:PRQA QA-C++_V |
---|
|
| 0145, 2840, 2841, 2842, 2843, 2844, 2845, 2846, 2847, 2848, 2849, 2930, 2931, 2932, 2933, 2934, 2935, 2936, 2937, 2938, 2939, 5006 |
|
PVS-Studio | | V518, V645, V727, V755 |
|
Splint | |
|
|
TrustInSoft Analyzer | Include Page |
---|
| TrustInSoft Analyzer_V |
---|
| TrustInSoft Analyzer_V |
---|
|
| mem_access | Exhaustively verified (see one compliant and one non-compliant example). |