...
Tool | Version | Checker | Description |
|---|
| CodeSonar | | BADFUNC.BO.OEMTOCHAR
BADFUNC.BO.STRCAT
BADFUNC.BO.STRCATCHAINW
BADFUNC.BO.STRCMP
BADFUNC.BO.STRCPY
BADFUNC.BO.STRLEN
BADFUNC.BO.STRTRNS | Use of OemToAnsi, use of OemToChar (both include checks for uses of similar functions)
Use of strcat (includes checks for uses of similar library functions such as StrCatA(), wcscat(), etc.)
Use of StrCatChainW
Use of strcmp (includes checks for uses of similar library functions such as lstrcmp())
Use of strcpy (includes checks for uses of similar library functions such as StrCCpy(), wcscpy(), etc.)
Use of strlen (includes checks for uses of similar library functions such as lstrlen())
Use of strtrns |
| LDRA tool suite | | 44 S | Enhanced enforcement |
| Parasoft C/C++test | 9.5 | SECURITY-13 | |
| Parasoft Insure++ | | | Runtime analysis |
| Polyspace Bug Finder | R2016a | Use of dangerous standard function Destination buffer overflow in string manipulation | Dangerous functions cause possible buffer overflow in destination buffer Function writes to buffer at offset greater than buffer size |
| PRQA QA-C | | Warncall -wc strcpy
-wc strcat
-wc strncpy
-wc strncat | Partially implemented |
| SonarQube C/C++ Plugin | | Include Page |
|---|
| SonarQube C/C++ Plugin_V |
|---|
| SonarQube C/C++ Plugin_V |
|---|
|
| S1081 | |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
