SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 71

changes.mady.by.user Jill Britton

Saved on

compared with

New Version 72

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Compass/ROSE


Coverity7.5CHECKED_RETURNFinds inconsistencies in how function call return values are handled
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++3225, C++3226, C++3227, C++3228, C++3229, C++4632


Klocwork
Include Page
Klocwork_V
Klocwork_V

NPD.CHECK.CALL.MIGHT
NPD.CHECK.CALL.MUST
NPD.CHECK.MIGHT

NPD.CHECK.MUST

NPD.CONST.CALL
NPD.CONST.DEREF
NPD.FUNC.CALL.MIGHT
NPD.FUNC.CALL.MUST
NPD.FUNC.MIGHT
NPD.FUNC.MUST

NPD.GEN.CALL.MIGHT
NPD.GEN.CALL.MUST
NPD.GEN.MIGHT
NPD.GEN.MUST

RNPD.CALL
RNPD.DEREF


LDRA tool suite
Include Page
LDRA_V
LDRA_V

45 D

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_CPP-MEM52-a
CERT_CPP-MEM52-b

Check the return value of new
Do not allocate resources in function argument list because the order of evaluation of a function's parameters is undefined

Parasoft Insure++

Runtime detection
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: MEM52-CPPChecks for unprotected dynamic memory allocation (rule partially covered)
PRQA QA-C++

Include Page
PRQA QA-C++_V
PRQA QA-C++_V
 

3225, 3226, 3227, 3228, 3229, 4632 
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V522

Related Vulnerabilities

The vulnerability in Adobe Flash [VU#159523] arises because Flash neglects to check the return value from calloc(). Even though calloc() returns NULL, Flash does not attempt to read or write to the return value. Instead, it attempts to write to an offset from the return value. Dereferencing NULL usually results in a program crash, but dereferencing an offset from NULL allows an exploit to succeed without crashing the program.

...