...
Tool | Version | Checker | Description |
---|
Axivion Bauhaus Suite | Include Page |
---|
| Axivion Bauhaus Suite_V |
---|
| Axivion Bauhaus Suite_V |
---|
|
| CertC-DCL11 |
|
CodeSonar | | LANG.STRUCT.ELLIPSIS
| Ellipsis |
Compass/ROSE |
|
| Does not currently detect violations of this recommendation. Although the recommendation in general cannot be automated, because of the difficulty in enforcing contracts between a variadic function and its invokers, it would be fairly easy to enforce type correctness on arguments to the printf() family of functions |
ECLAIR | | CC2.DCL11
| Partially implemented |
GCC | |
| Warns about inconsistently typed arguments to formatted output functions when the -Wall is used |
Klocwork | | MISRA.FUNC.VARARG SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED SV.FMT_STR.PRINT_IMPROP_LENGTH SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY SV.FMT_STR.UNKWN_FORMAT.SCAN |
|
LDRA tool suite | | 41 S, 589 S
| Partially implemented |
Parasoft C/C++test | | CERT_C-DCL11-a CERT_C-DCL11-b CERT_C-DCL11-c CERT_C-DCL11-d CERT_C-DCL11-e CERT_C-DCL11-f | There should be no mismatch between the '%s' and '%c' format specifiers in the format string and their corresponding arguments in the invocation of a string formatting function There should be no mismatch between the '%f' format specifier in the format string and its corresponding argument in the invocation of a string formatting function There should be no mismatch between the '%i' and '%d' format specifiers in the string and their corresponding arguments in the invocation of a string formatting function There should be no mismatch between the '%u' format specifier in the format string and its corresponding argument in the invocation of a string formatting function There should be no mismatch between the '%p' format specifier in the format string and its corresponding argument in the invocation of a string formatting function The number of format specifiers in the format string and the number of corresponding arguments in the invocation of a string formatting function should be equal
|
Parasoft Insure++ |
|
| Runtime analysis |
PC-lint Plus | Include Page |
---|
| PC-lint Plus_V |
---|
| PC-lint Plus_V |
---|
|
| 175, 559, 2408 | Assistance provided: reports issues involving format strings |
Polyspace Bug Finder | Include Page |
---|
| Polyspace Bug Finder_V |
---|
| Polyspace Bug Finder_V |
---|
|
| CERT C: Rec. DCL11-C
| Checks for format string specifiers and arguments mismatch (rec. partially covered) |
PRQA QA-C | | 0179 (U), 0184 (U), 0185 (U), 0186 (U), 0190 (U),
0191 (U), 0192 (U), 0193 (U), 0194 (U), 0195 (U),
0196 (U), 0197 (U), 0198 (U), 0199 (U), 0200 (U),
0201 (U), 0206 (U), 0207, 0208 | Partially implemented |
PVS-Studio | | V576 |
|
Helix QAC | |
|
|
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this recommendation on the CERT website.
...