SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 64

changes.mady.by.user Lisa Robertson

Saved on

compared with

New Version 65

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Clang
Include Page
Clang_V
Clang_V
clang-analyzer-cplusplus.NewDelete
clang-analyzer-alpha.security.ArrayBoundV2 		Checked by clang-tidy, but does not catch all violations of this rule.
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

ALLOC.UAF

Use after free
Compass/ROSE

 

 

 

Coverity

Include Page
Coverity_V
Coverity_V

USE_AFTER_FREE

Can detect the specific instances where memory is deallocated more than once or read/written to the target of a freed pointer

Klocwork
Include Page
Klocwork_V
Klocwork_V

UFM.DEREF.MIGHT
UFM.DEREF.MUST
UFM.FFM.MIGHT
UFM.FFM.MUST
UFM.RETURN.MIGHT
UFM.RETURN.MUST
UFM.USE.MIGHT
UFM.USE.MUST

 

LDRA tool suite
Include Page
LDRA_V
LDRA_V

483 S, 484 S

Partially implemented

Parasoft C/C++test9.5BD-RES-FREE 
Parasoft Insure++  Runtime detection
Splint
Include Page
Splint_V
Splint_V

 

 

 PRQA QA-C++4.1 4303, 4304  

Related Vulnerabilities

VU#623332 describes a double-free vulnerability in the MIT Kerberos 5 function krb5_recvauth() [VU# 623332].

...