SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 130

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 131

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

LDRA tool suite

Include Page
LDRA_V
LDRA_V

 

 

Fortify SCA

V. 5.0

 

 

Splint

Include Page
Splint_V
Splint_V

 

 

Compass/ROSE

 

 

Can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example.

Klocwork

Include Page
Klocwork_V
Klocwork_V

 

 

PRQA QA·C
Include Page
PRQA_V
PRQA_V
 Partially implemented

Related Vulnerabilities

CVE-2009-1252 results from a violation of this rule. The Network Time Protocol (NTPd), before versions 4.2.4p7 and 4.2.5p74, contained calls to sprintf that allow an attacker to execute arbitrary code by overflowing a character array [xorl 2009].

...