...
Fortify SCA Version 5.0 is able to detect violations of this rule, but will return false positives if the initialization was done in another function.
The tool Compass Rose is able to detect automatically detects simple violations of this rule, but will return false positives if the initialization was done in another function. not catch more complex violations, such as initialization within functions taking arguments to uninitialized variables, and returns some false positives. Rose does tach 2nd non-compliant code example, and could be extended to catch first, but this would be difficult.
The Coverity Prevent UNINIT checker can find cases of an uninitialized variable being used before it is initialized, although it cannot detect cases of uninitialized members of a struct. Coverity Prevent cannot discover all violations of this rule, so further verification is necessary.
...