Page History

...

Helix QAC_V

Tool

Version

Checker

Description

Include Page

	Astrée_V
	Astrée_V

stream-input-char-array

Partially checked + soundly supported

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

MISC.MEM.NTERM

LANG.MEM.BO
LANG.MEM.TO

No space for null terminator

Buffer overrun
Type overrun

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C++5216

DF2835, DF2836, DF2839,

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

NNTS.MIGHT
NNTS.TAINTED
NNTS.MUST
SV.UNBOUND_STRING_INPUT.CIN

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

489 S, 66 X, 70 X, 71 X

Partially implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_CPP-STR50-b
CERT_CPP-STR50-c
CERT_CPP-STR50-e
CERT_CPP-STR50-f
CERT_CPP-STR50-g

Avoid overflow due to reading a not zero terminated string
Avoid overflow when writing to a buffer
Prevent buffer overflows from tainted data
Avoid buffer write overflow from tainted data
Do not use the 'char' buffer to store input from 'std::cin'

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C++: STR50-CPP

Checks for:

Use of dangerous standard function
Missing null in string array
Buffer overflow from incorrect string format specifier
Destination buffer overflow in string manipulation
Insufficient destination buffer size

Rule partially covered.

RuleChecker

Include Page

	RuleChecker_V
	RuleChecker_V

stream-input-char-array

Partially checked

SonarQube C/C++ Plugin

Include Page

	SonarQube C/C++ Plugin_V
	SonarQube C/C++ Plugin_V

S3519

Helix QAC

Include Page

Helix QAC_V

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Space shortcuts

Page tree

Versions Compared

Old Version 62

New Version Current

Key

Related Vulnerabilities