SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 80

changes.mady.by.user Arthur Hicken

Saved on

compared with

New Version 81

changes.mady.by.user Sandy Shrum

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
(general)CodeSonar considers Considers the possibility that fgets() and fgetws() may return empty strings ; warnings (Warnings of various classes may be triggered depending on subsequent operations on those strings. For example, the noncompliant code example cited above would trigger a buffer underrun warning.)
Compass/ROSE

 

 

Could detect some violations of this rule . (In particular, it could detect the noncompliant code example by searching for fgets(), followed by strlen() - 1, which could be −1. The crux of this rule is that a string returned by fgets() could still be empty, because the first char is '\0'. There are probably other code examples that violate this guideline; they would need to be enumerated before ROSE could detect them.)

Fortify SCA

5.0

 

 

LDRA tool suite
Include Page
LDRA_V
LDRA_V
44 SEnhanced enforcement
Parasoft C/C++test9.5BD-PB-ARRAYFully implemented

...