...
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
CodeSonar |
| IO.TAINT.SIZE LANG.MEM.TBA IO.TAINT.ADDR (general) | Tainted allocation size CodeSonar will track the tainted value, along with any limits applied to it, and flag any problems caused by underconstraint. Warnings of a wide range of classes may be triggered, including tainted allocation size, buffer overrun, and division by zero | ||||||
Parasoft C/C++test | 9.5 | BD-SECURITY-INTOVERF, BD-SECURITY-OVERFRD, BD-SECURITY-OVERFWR | |||||||
Polyspace Bug Finder | R2016a | Loop bounded with tainted value | Loop controlled by a value from an unsecure source Size argument to memory function is from an unsecure source Size of the variable-length array (VLA) is from an unsecure source and may be zero, negative, or too large |
...