 
                            ...
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée | 
 | Supported by taint analysis | |||||||
| CodeSonar | 
 | IO.TAINT.SIZE (general) | Tainted allocation size CodeSonar will track the tainted value, along with any limits applied to it, and flag any problems caused by underconstraint. Warnings of a wide range of classes may be triggered, including tainted allocation size, buffer overrun, and division by zero | ||||||
| Helix QAC | 
 | C2794DF2794, C2804DF2804, C2854DF2854, C2859DF2859, C2864DF2864, C2894DF2894, C2899DF2899, C2904DF2904, C2909DF2909, C2914DF2914, C2924DF2924, C2944DF2944, C2949DF2949, C2954DF2954, C2956DF2956, C2959DF2959 | |||||||
| Klocwork | 
 | SV.TAINTED.ALLOC_SIZE SV.TAINTED.BINOP SV.TAINTED.CALL.BINOP SV.TAINTED.CALL.INDEX_ACCESS SV.TAINTED.CALL.LOOP_BOUND SV.TAINTED.INDEX_ACCESS SV.TAINTED.LOOP_BOUND | |||||||
| Parasoft C/C++test | 
 | CERT_C-INT04-a | Protect against integer overflow/underflow from tainted data | ||||||
| Polyspace Bug Finder | 
 | Checks for: 
 Rec. partially supported. | 
...