SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 153

changes.mady.by.user Jill Britton

Saved on

compared with

New Version 154

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Helix QAC_V

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

invalid-free

Fully checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-MEM34Can detect memory deallocations for stack objects
Clang
Include Page
Clang_V
Clang_V
clang-analyzer-unix.MallocChecked by clang-tidy; can detect some instances of this rule, but does not detect all
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

ALLOC.FNH

Free non-heap variable

Compass/ROSE

Can detect some violations of this rule

Coverity

Include Page
Coverity_V
Coverity_V

BAD_FREE

Identifies calls to free() where the argument is a pointer to a function or an array. It also detects the cases where
free() is used on an address-of expression, which can never be heap allocated. Coverity Prevent cannot discover all
violations of this rule, so further verification is necessary

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V



Klocwork
Include Page
Klocwork_V
Klocwork_V

FNH.MIGHT
FNH.MUST
FUM.GEN.MIGHT
FUM.GEN.MUST


LDRA tool suite
Include Page
LDRA_V
LDRA_V

407 S, 483 S, 644 S, 645 S, 125 D

Partially implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-MEM34-a

Do not free resources using invalid pointers
Parasoft Insure++

Runtime analysis
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

424, 673

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule MEM34-C


Checks for invalid free of pointer (rule partially covered)

PRQA QA-C

Include Page
PRQA QA-C_v
PRQA QA-C_v
 

2721, 2722, 2723
PRQA QA-C++

Include Page
cplusplus:PRQA QA-C++_V
cplusplus:PRQA QA-C++_V

2721, 2722, 2723
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V585, V726
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
invalid-free
Partially checked
TrustInSoft Analyzer

Include Page
TrustInSoft Analyzer_V
TrustInSoft Analyzer_V

unclassified ("free expects a free-able address")

Exhaustively verified (see one compliant and one non-compliant example).

Helix QAC
Include Page
Helix QAC_V

Related Vulnerabilities

CVE-2015-0240 describes a vulnerability in which an uninitialized pointer is passed to TALLOC_FREE(), which is a Samba-specific memory deallocation macro that wraps the talloc_free() function. The implementation of  talloc_free() would access the uninitialized pointer, resulting in a remote exploit.

...