Page History

...

Tool

Version

Checker

Description

Include Page

	Astrée_V
	Astrée_V

integer-overflow

Fully checked

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

ALLOC.SIZE.ADDOFLOW
ALLOC.SIZE.IOFLOW
ALLOC.SIZE.MULOFLOW
ALLOC.SIZE.SUBUFLOW
MISC.MEM.SIZE.ADDOFLOW
MISC.MEM.SIZE.BAD
MISC.MEM.SIZE.MULOFLOW
MISC.MEM.SIZE.SUBUFLOW

Addition overflow of allocation size
Integer overflow of allocation size
Multiplication overflow of allocation size
Subtraction underflow of allocation size
Addition overflow of size
Unreasonable size argument
Multiplication overflow of size
Subtraction underflow of size

Compass/ROSE

Can detect violations of this rule by ensuring that operations are checked for overflow before being performed (Be mindful of exception INT30-EX2 because it excuses many operations from requiring validation, including all the operations that would validate a potentially dangerous operation. For instance, adding two unsigned ints together requires validation involving subtracting one of the numbers from UINT_MAX, which itself requires no validation because it cannot wrap.)

Coverity

Include Page

	Coverity_V
	Coverity_V

INTEGER_OVERFLOW

Implemented

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

NUM.OVERFLOW
CWARN.NOEFFECT.OUTOFRANGE

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

493 S, 494 S

Partially implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-INT30-a
CERT_C-INT30-b
CERT_C-INT30-c

Avoid integer overflows
Integer overflow or underflow in constant expression in '+', '-', '*' operator
Integer overflow or underflow in constant expression in '<<' operator

Polyspace Bug Finder

Include Page