...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Compass/ROSE | |||||||||
| Coverity | 7.5 | CHECKED_RETURN | Finds inconsistencies in how function call return values are handled | ||||||
| LDRA tool suite |
| 45 D | Partially implemented | ||||||
| Parasoft C/C++test | 9.5 | MRM-34 | |||||||
| Parasoft Insure++ | Runtime detection | ||||||||
| PRQA QA-C++ | 4.1 | 4632, 3225, 3226, 3227, 3228, 3229 |
Related Vulnerabilities
The vulnerability in Adobe Flash [VU#159523] arises because Flash neglects to check the return value from calloc(). Even though calloc() returns NULL, Flash does not attempt to read or write to the return value. Instead, it attempts to write to an offset from the return value. Dereferencing NULL usually results in a program crash, but dereferencing an offset from NULL allows an exploit to succeed without crashing the program.
...