SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 154

changes.mady.by.user G. Ann Campbell

Saved on

compared with

New Version 155

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Clang
Include Page
Clang_39_V
Clang_39_V
cert-env33-cChecked by clang-tidy
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.PATH.SYSTEM
IO.INJ.COMMAND

Use of system
Command injection

Compass/ROSE   
Klocwork
Include Page
Klocwork_V
Klocwork_V

MISRA.STDLIB.ABORT
SV.CODE_INJECTION.SHELL_EXEC
SV.TAINTED.INJECTION

 
LDRA tool suite
Include Page
LDRA_V
LDRA_V

588 S

Fully implemented
Parasoft C/C++test9.5MISRA2012-RULE-21_8Also detects getenv(), abort(), and exit()
Polyspace Bug FinderR2016a

Execution of externally controlled command, Command executed from externally controlled path

Command argument from an unsecure source vulnerable to operating system command injection

Path argument from an unsecure source

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
Warncall -wc system5018Partially implemented
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S990Detects uses of "abort", "exit", "getenv" and "system" from <stdlib.h> 

...