Page History

...

Tool

Version

Checker

Description

Include Page

	Axivion Bauhaus Suite_V
	Axivion Bauhaus Suite_V

CertC-DCL11

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.STRUCT.ELLIPSIS

Ellipsis

Compass/ROSE

Does not currently detect violations of this recommendation. Although the recommendation in general cannot be automated, because of the difficulty in enforcing contracts between a variadic function and its invokers, it would be fairly easy to enforce type correctness on arguments to the printf() family of functions

ECLAIR

Include Page

	ECLAIR_V
	ECLAIR_V

CC2.DCL11

Partially implemented

GCC

Include Page

	GCC_V
	GCC_V

Warns about inconsistently typed arguments to formatted output functions when the -Wall is used

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C0179, C0184, C0185, C0186, C0190, C0191, C0192, C0193, C0194, C0195, C0196, C0197, C0198, C0199, C0200, C0201, C0206, C0207, C0208

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

MISRA.FUNC.VARARG
SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD
SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED
SV.FMT_STR.SCAN_FORMAT_MISMATCH.BAD
SV.FMT_STR.SCAN_FORMAT_MISMATCH.UNDESIRED
SV.FMT_STR.PRINT_IMPROP_LENGTH
SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW
SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY
SV.FMT_STR.UNKWN_FORMAT.SCAN

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

41 S, 589 S

Partially implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-DCL11-a
CERT_C-DCL11-b
CERT_C-DCL11-c
CERT_C-DCL11-d
CERT_C-DCL11-e
CERT_C-DCL11-f

There should be no mismatch between the '%s' or and '%c' tag from format specifiers in the format string and its their corresponding argument in 'printf' function invocationarguments in the invocation of a string formatting function
There should be no mismatch between the '%f' tag from format specifier in the format string and its corresponding argument in 'printf' function invocationthe invocation of a string formatting function
There should be no mismatch between the '%i' or and '%d' tag from format specifiers in the string and its their corresponding argument in 'printf' function invocationarguments in the invocation of a string formatting function
There should be no mismatch between the '%u' tag from format specifier in the format string and its corresponding argument in 'printf' function invocationthe invocation of a string formatting function
There should be no mismatch between the '%p' tag from format specifier in the format string and its corresponding argument in 'printf' function invocation
There should be no difference between the number of tags from the invocation of a string formatting function
The number of format specifiers in the format string and the number of corresponding argument in 'printf' function invocationarguments in the invocation of a string formatting function should be equal

Parasoft Insure++ Runtime analysis

PC-lint Plus

Include Page

	PC-lint Plus_V
	PC-lint Plus_V

175, 559, 2408

Assistance provided: reports issues involving format strings

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

Format string specifiers and arguments mismatch

MISRA CERT C: 2012 Rule 17.1

String specifiers do not match corresponding arguments

The features of <stdarg.h> shall not be used

PRQA QA-C

Include Page

PRQA QA-C_v

0179 (U), 0184 (U), 0185 (U), 0186 (U), 0190 (U),

0191 (U), 0192 (U), 0193 (U), 0194 (U), 0195 (U),

0196 (U), 0197 (U), 0198 (U), 0199 (U), 0200 (U),

0201 (U), 0206 (U), 0207, 0208

Rec. DCL11-C

Checks for format string specifiers and arguments mismatch (rec. partially covered)

Partially implemented

PVS-Studio

Include Page

	PVS-Studio_V
	PVS-Studio_V

V576

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this recommendation on the CERT website.

...

Space shortcuts

Page tree

Versions Compared

Old Version 132

New Version Current

Key

Related Vulnerabilities