SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 179

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version 180

changes.mady.by.user Arthur Hicken

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added parasoft

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.MEM.BO
LANG.MEM.TO
MISC.MEM.NTERM
BADFUNC.BO.*

Buffer overrun
Type overrun
No space for null terminator
A collection of warning classes that report uses of library functions prone to internal buffer overflows

Compass/ROSE

 

 

Can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example

Coverity6.5

STRING_OVERFLOW
STRING_SIZE
SECURE_CODING

Fully implemented

Fortify SCA

5.0

 

 

Klocwork

Include Page
Klocwork_V
Klocwork_V

NNTS.TAINTED
SV.STRBO.GETS
SV.USAGERULES.UNBOUNDED_STRING_COPY

 

LDRA tool suite

Include Page
LDRA_V
LDRA_V

489 S, 109 D, 66 X, 70 X, 71 X

Partially implemented

Parasoft C/C++test9.5BD-PB-OVERFWR,SECURITY-12 

Splint

Include Page
Splint_V
Splint_V

 

 

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
warncall for 'gets'Partially implemented

...