...
Tool | Version | Checker | Description | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Astrée |
| null-dereferencing | Fully checked | ||||||||||||||||
Axivion Bauhaus Suite |
| CertC-EXP34 | |||||||||||||||||
CodeSonar |
| LANG.MEM.NPD | Null pointer dereference | ||||||||||||||||
Compass/ROSE | Can detect violations of this rule. In particular, ROSE ensures that any pointer returned by | ||||||||||||||||||
| CHECKED_RETURN NULL_RETURNS REVERSE_INULL FORWARD_NULL | Finds instances where a pointer is checked against Identifies functions that can return a null pointer but are not checked Identifies code that dereferences a pointer and then checks the pointer against Can find the instances where | |||||||||||||||||
Cppcheck |
| nullPointer, nullPointerDefaultArg, nullPointerRedundantCheck | Context sensitive analysis Detects when NULL is dereferenced (Array of pointers is not checked. Pointer members in structs are not checked.) Finds instances where a pointer is checked against Identifies code that dereferences a pointer and then checks the pointer against Does not guess that return values from | ||||||||||||||||
Helix QAC |
| C2810DF2810, C2811DF2811, C2812DF2812, C2813C++2810, C++2811, C++2812, C++2813DF2813 | Fully implemented | ||||||||||||||||
Klocwork |
| NPD.CHECK.CALL.MIGHT | Fully implemented | ||||||||||||||||
LDRA tool suite |
| 45 D, 123 D, 128 D, 129 D, 130 D, 131 D, 652 S | Fully implemented | ||||||||||||||||
Parasoft C/C++test |
| CERT_C-EXP34-a | Avoid null pointer dereferencing | ||||||||||||||||
Parasoft Insure++ | Runtime analysis | ||||||||||||||||||
PC-lint Plus |
| 413, 418, 444, 613, 668 | Partially supported | ||||||||||||||||
Polyspace Bug Finder |
| Checks for use of null pointers (rule partially covered) | PRQA QA-C | ||||||||||||||||
Include Page | PRQA QA-C_v | PRQA QA-C_v | 2810, 2811, 2812, 2813Fully implemented | PRQA QA-C++ | |||||||||||||||
Include Page | cplusplus:PRQA QA-C++_V | cplusplus:PRQA QA-C++_V | |||||||||||||||||
2810, 2811, 2812, 2813 | PVS-Studio |
| V522, V595, V664, V713, V1004 | ||||||||||||||||
SonarQube C/C++ Plugin |
| S2259 | |||||||||||||||||
Splint |
| ||||||||||||||||||
TrustInSoft Analyzer |
| mem_access | Exhaustively verified (see one compliant and one non-compliant example). |
...
EXP34-C is a common consequence of ignoring function return values, but it is a distinct error, and can occur in other scenarios too.
BibliographyBibliography
[Goodin 2009] | |
[Jack 2007] | |
[Liu 2009] | |
[van Sprundel 2006] | |
[Viega 2005] | Section 5.2.18, "Null-Pointer Dereference" |
...