Page History

Supported

Astrée reports all out-of-bound accesses within library analysis stubs. The user may provide additional stubs for arbitrary (library) functions.

LANG.MEM.BO
LANG.MEM.BU
BADFUNC.BO.*

Buffer overrun
Buffer underrun
A collection of warning classes that report uses of library functions prone to internal buffer overflows

Compass/ROSE

BUFFER_SIZE

BAD_SIZEOF

BAD_ALLOC_STRLEN

BAD_ALLOC_ARITHMETIC

Fortify SCA

5.0

Can detect violations of this rule with CERT C Rule Pack

Klocwork

ABV.ANY_SIZE_ARRAY
ABV.GENERAL
ABV.ITERATOR
ABV.STACK
ABV.TAINTED
ABV.UNKNOWN_SIZE

CERT_C-ARR38-a
CERT_C-ARR38-b
CERT_C-ARR38-c
CERT_C-ARR38-d

Avoid overflow when reading from a buffer
Avoid overflow when writing to a buffer
Avoid buffer overflow due to defining incorrect format limits
Avoid overflow due to reading a not zero terminated string

CERT C: Rule ARR38-C

Checks for:

• Mismatch between data length and size
• Invalid use of standard library memory routine
• Possible misuse of sizeof
• Buffer overflow from incorrect string format specifier
• Invalid use of standard library string routine
• Destination buffer overflow in string manipulation
• Destination buffer underflow in string manipulation

Rule partially covered.

2840, 2841, 2842, 2843, 2845, 2846,

2847, 2848, 2935, 2936, 2937, 2938

2840, 2841, 2842, 2843, 28442845, 2846,

2847, 2848, 2935, 2936, 2937, 2938, 2939

Splint