Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP53-CPP

High

Probable

Medium

P12

L1

Automated Detection

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

uninitialized-read
Partially checked
Clang
Include Page
Clang_V
Clang_V
-Wuninitialized
clang-analyzer-core.UndefinedBinaryOperatorResult
Does not catch all instances of this rule, such as uninitialized values read from heap-allocated memory.
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.RPL
LANG.MEM.UVAR

Return pointer to local
Uninitialized variable
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF726, DF2727, DF2728, DF2961, DF2962, DF2963, DF2966, DF2967, DF2968, DF2971, DF2972, DF2973, DF2976, DF2977, DF978


Klocwork
Include Page
Klocwork_V
Klocwork_V
UNINIT.CTOR.MIGHT
UNINIT.CTOR.MUST
UNINIT.HEAP.MIGHT
UNINIT.HEAP.MUST
UNINIT.STACK.ARRAY.MIGHT
UNINIT.STACK.ARRAY.MUST
UNINIT.STACK.ARRAY.PARTIAL.MUST
UNINIT.STACK.MIGHT
UNINIT.STACK.MUST

LDRA tool suite
Include Page
LDRA_V
LDRA_V

53 D, 69 D, 631 S, 652 S

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
BDCERT_CPP-PB-NOTINITEXP53-a
Avoid use before initialization
Parasoft Insure++

Runtime detectionPRQA QA-C++9.12961, 2962, 2963, 2966, 2967, 2968, 2971, 2972, 2973, 2976, 2977, 2978
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: EXP53-CPP

Checks for:

  • Non-initialized variable
  • Non-initialized pointer

Rule partially covered.

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

PVS-Studio6.22

V546, V573, V614, V670, V679, V730, V788, V1007V1050

RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
uninitialized-read
Partially checkedGeneral analysis rule set

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...