...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT15-A | high | unlikely | medium | P6 | L2 |
Automated Detection
The tool Compass/ROSE could catch violations of this rule by scanning the printf() and scanf() family of functions. For each such function, any variable that corresponds to a "%d" qualifier (or any qualifier besides "%j"), and that variable is not one of the built-in types (char, short, int, long, long long) indicates a violation of this rule.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...