Page History

...

Tool

Version

Checker

Description

Compass/ROSE

Coverity

7.5

CHECKED_RETURN

Finds inconsistencies in how function call return values are handled

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C++3225, C++3226, C++3227, C++3228, C++3229, C++4632

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

NPD.CHECK.CALL.MIGHT
NPD.CHECK.CALL.MUST
NPD.CHECK.MIGHT
NPD.CHECK.MUST
NPD.CONST.CALL
NPD.CONST.DEREF
NPD.FUNC.CALL.MIGHT
NPD.FUNC.CALL.MUST
NPD.FUNC.MIGHT
NPD.FUNC.MUST
NPD.GEN.CALL.MIGHT
NPD.GEN.CALL.MUST
NPD.GEN.MIGHT
NPD.GEN.MUST
RNPD.CALL
RNPD.DEREF

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

45 D

Partially implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_CPP-MEM52-a
CERT_CPP-MEM52-b

Check the return value of new
Do not allocate resources in function argument list because the order of evaluation of a function's parameters is undefined

Parasoft Insure++

Runtime detection

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C++: MEM52-CPP

Checks for unprotected dynamic memory allocation (rule partially covered)

PRQA QA-C++

include

PRQA QA-C++_V

3225, 3226, 3227, 3228, 3229, 4632

PVS-Studio

Include Page

	PVS-Studio_V
	PVS-Studio_V

V522, V668

Related Vulnerabilities

The vulnerability in Adobe Flash [VU#159523] arises because Flash neglects to check the return value from calloc(). Even though calloc() returns NULL, Flash does not attempt to read or write to the return value. Instead, it attempts to write to an offset from the return value. Dereferencing NULL usually results in a program crash, but dereferencing an offset from NULL allows an exploit to succeed without crashing the program.

...

Space shortcuts

Page tree

Versions Compared

Old Version 66

New Version Current

Key

Related Vulnerabilities