...
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| LANG.MEM.UVAR | Uninitialized Variable | ||||||
| Compass/ROSE | Automatically detects simple violations of this rule, although it may return some false positives. It may not catch more complex violations, such as initialization within functions taking uninitialized variables as arguments. It does catch the second noncompliant code example, and can be extended to catch the first as well | ||||||||
| Coverity | 6.5 | UNINIT | Fully implemented Can find cases of an uninitialized variable being used before it is initialized, although it cannot detect cases of uninitialized members of a | ||||||
| Fortify SCA | Can detect violations of this rule but will return false positives if the initialization was done in another function | ||||||||
| GCC | 4.3.5 | Can detect some violations of this rule when the | |||||||
| 9.1 | UNINIT.HEAP.MIGHT | ||||||||
| 53 D, 69 D, 631 S | Fully implemented | |||||||
| PRQA QA-C |
| 2961, 2962, 2963, 2966, 2967, 2968, 2971, 2972, 2973, 2976, 2977, 2978 | Fully implemented | ||||||
| Splint | 3.1.1 | ||||||||
| Cppcheck |
| uninitvar, uninitdata, uninitstring, uninitMemberVar, uninitStructMember | Detects uninitialized variables. Uninitialized pointers. Uninitialized struct members. Uninitialized array elements (however if one element is initialized then cppcheck assumes the array is initialized).
There are FN compared to some other tools because Cppcheck tries to avoid FP in impossible paths. |
Related Vulnerabilities
CVE-2009-1888 results from a violation of this rule. Some versions of SAMBA (up to 3.3.5) call a function that takes in two potentially uninitialized variables involving access rights. An attacker can exploit these coding errors to bypass the access control list and gain access to protected files [xorl 2009].
...