Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MEM50-CPP

High

Likely

Medium

P18

L1

Automated Detection

PRQA QA-4303, 4304 

Tool

Version

Checker

Description

Astrée

Include Page
Astrée_V
Astrée_V

dangling_pointer_use
Axivion Bauhaus Suite

Include Page
c:Axivion Bauhaus Suite_Vc:
Axivion Bauhaus Suite_V

CertC++-MEM50
Clang
Include Page
Clang_V
Clang_V
clang-analyzer-cplusplus.NewDelete
clang-analyzer-alpha.security.ArrayBoundV2 
Checked by clang-tidy, but does not catch all violations of this rule.
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

ALLOC.UAF

Use after free
Compass/ROSE




Coverity

Include Page
Coverity_V
Coverity_V

USE_AFTER_FREE

Can detect the specific instances where memory is deallocated more than once or read/written to the target of a freed pointer

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++4303, C++4304


Klocwork
Include Page
Klocwork_V
Klocwork_V
UFM.DEREF.MIGHT
UFM.DEREF.MUST
UFM.FFM.MIGHT
UFM.FFM.MUST
UFM.RETURN.MIGHT
UFM.RETURN.MUST
UFM.USE.MIGHT
UFM.USE.MUSTMUST 


LDRA tool suite
Include Page
LDRA_V
LDRA_V

483 S, 484 S

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
BDCERT_CPP-RES-FREEMEM50-a

Do not use resources that have been freed

Parasoft Insure++

Runtime detection
Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++4.1 : MEM50-CPP

Checks for:

  • Pointer access out of bounds
  • Deallocation of previously deallocated pointer
  • Use of previously freed pointer

Rule partially covered.

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V586, V774
Splint
Include Page
Splint_V
Splint_V



Related Vulnerabilities

VU#623332 describes a double-free vulnerability in the MIT Kerberos 5 function krb5_recvauth() [VU# 623332].

...