...
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Axivion Bauhaus Suite |
| CertC-FIO47 | Fully implemented | ||||||
CodeSonar |
| IO.INJ.FMT | Format string injection | ||||||
Coverity |
| PW | Reports when the number of arguments differs from the number of required arguments according to the format string | ||||||
GCC |
| Can detect violations of this recommendation when the | |||||||
Klocwork |
| SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED SV.FMT_STR.SCAN_IMPROP_LENGTH SV.FMT_STR.SCAN_PARAMS_WRONGNUM.FEW SV.FMT_STR.SCAN_PARAMS_WRONGNUM.MANY SV.FMT_STR.UNKWN_FORMAT | |||||||
LDRA tool suite |
| 486 S | Fully implemented | ||||||
Parasoft C/C++test |
| CERT_C-FIO47-a | There should be no mismatch between the '%s' and '%c' format specifiers in the format string and their corresponding arguments in the invocation of a string formatting function | ||||||
PC-lint Plus |
| 492, 493, 494, 499, 557, | Fully supported | ||||||
Polyspace Bug Finder |
| CERT C: Rule FIO47-C | Check for format string specifiers and arguments mismatch (rule fully covered) | ||||||
PRQA QA-C |
| 0161, 0162, 0163, 0164, 0165, 0166, 0167, 0168, 0169, 0170, 0171, 0172, 0173, 0174, 0175, 0176, 0177, 0178, 0179 [U], 0180 [C99], 0184 [U], 0185 [U], 0190 [U], 0191 [U], 0192 [U], 0193 [U], 0194 [U], 0195 [U], 0196 [U], 0197 [U], 0198 [U], 0199 [U], 0200 [U], 0201 [U], 0202 [I], 0204 [U], 0206 [U] | Partially implemented | ||||||
PVS-Studio |
| V510, V576 | |||||||
TrustInSoft Analyzer |
| match format and arguments | Exhaustively verified (see the compliant and the non-compliant example). | ||||||
Helix QAC |
|
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...