SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 108

changes.mady.by.user Jill Britton

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Helix QAC_V

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-STR07
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.BO.OEMTOCHAR
BADFUNC.BO.STRCAT
BADFUNC.BO.STRCATCHAINW
BADFUNC.BO.STRCHR
BADFUNC.BO.STRCMP
BADFUNC.BO.STRCOLL
BADFUNC.BO.STRCPY
BADFUNC.BO.STRCSPN
BADFUNC.BO.STRLEN
BADFUNC.BO.STRPBRK
BADFUNC.BO.STRRCHR
BADFUNC.BO.STRSPN
BADFUNC.BO.STRSTR
BADFUNC.BO.STRTOK
BADFUNC.BO.STRTRNS


Use of OemToAnsi, use of OemToChar (both include checks for uses of similar functions)
Use of strcat (includes checks for uses of similar library functions such as StrCatA(), wcscat(), etc.)
Use of StrCatChainW
Use of strchr
Use of strcmp (includes checks for uses of similar library functions such as lstrcmp())
Use of strcoll
Use of strcpy (includes checks for uses of similar library functions such as StrCCpy(), wcscpy(), etc.)
Use of strcspn
Use of strlen (includes checks for uses of similar library functions such as lstrlen())
Use of strpbrk
Use of strrchr
Use of strspn
Use of strstr
Use of strtok
Use of strtrns

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5008
LDRA tool suite
Include Page
LDRA_V
LDRA_V

44 S

Enhanced enforcement

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-STR07-a

Avoid using unsafe string functions that do not check bounds

Parasoft Insure++

Runtime analysis
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

586

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. STR07-C

Checks for:

  • Use of dangerous standard function
  • Destination buffer overflow in string manipulation
  • Insufficient destination buffer size

Rec. partially covered.

PRQA QA-Cinclude

PRQA QA-C_vPRQA QA-C_v5008Partially implemented
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S1081Helix QAC
Include Page
Helix QAC_V

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...