Page History

Supported

Astrée reports all buffer overflows resulting from copying data to a buffer that is not large enough to hold that data.

Detects calls to unsafe string function that may cause buffer overflow
Detects potential buffer overruns, including those caused by unsafe usage of fscanf()

LANG.MEM.BO
LANG.MEM.TO
MISC.MEM.NTERM
BADFUNC.BO.*

Buffer overrun
Type overrun
No space for null terminator
A collection of warning classes that report uses of library functions prone to internal buffer overflows

Compass/ROSE

Can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example

STRING_OVERFLOW

BUFFER_SIZE

OVERRUN

STRING_SIZE

Fully implemented

Fortify SCA

5.0

C2840,  C5009, C5038

C++0145, C++2840, C++2841, C++2842, C++2843, C++2845, C++2846, C++2847, C++2848, C++2930, C++2931, C++2932, C++2933, C++2935, C++2936, C++2937, C++2938, C++5009, C++5038

DF2840, DF2841, DF2842, DF2843, DF2845, DF2846, DF2847, DF2848, DF2930, DF2931, DF2932, DF2933, DF2935, DF2936, DF2937, DF2938

Klocwork

SV.FMT_STR.BAD_SCAN_FORMAT
SV.UNBOUND_STRING_INPUT.FUNC

LDRA tool suite

489 S, 109 D, 66 X, 70 X, 71 X

Partially implemented

CERT_C-STR31-a
CERT_C-STR31-b
CERT_C-STR31-c
CERT_C-STR31-d
CERT_C-STR31-e

Avoid accessing arrays out of bounds
Avoid overflow when writing to a buffer
Prevent buffer overflows from tainted data
Avoid buffer write overflow from tainted data
Avoid using unsafe string functions which may cause buffer overflows

421, 498

Partially supported

CERT C: Rule STR31-C

Checks for:

• Use of dangerous standard function
• Missing null in string array
• Buffer overflow from incorrect string format specifier
• Destination buffer overflow in string manipulation
• Insufficient destination buffer size

Rule partially covered.

Splint

Exhaustively verified (see one compliant and one non-compliant example).