...
Fortify SCA Version 5.0 with CERT C Rule Pack is able to detect violations of this rule.
The tool Compass / ROSE could detect some violations of this rule easily. The difficulty comes in NOT incorrectly complaining on the compliant code examples. For instance, in order to validate addition between two signed ints, one might have to recognize code as complex as that specified in the compliant code example for addition...a very difficult task. A few tasks are doable, however:
- Division and Modulo
- Unary Negation
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...