Tool | Version | Checker | Description | |
|---|
| CodeSonar | | LANG.MEM.BO
LANG.MEM.BU
BADFUNC.BO.* | Buffer overrun
Buffer underrun
A collection of warning classes that report uses of library functions prone to internal buffer overflows | |
Compass/ROSE | | | | |
| Coverity | 6.5 | BUFFER_SIZE | Fully implemented | |
Fortify SCA | 5.0 | | Can detect violations of this rule with CERT C Rule Pack | |
Klocwork | | ABV.ANY_SIZE_ARRAY
ABV.GENERAL
ABV.ITERATOR
ABV.STACK
ABV.TAINTED
ABV.UNKNOWN_SIZE | | |
| LDRA tool suite | | 64 X, 66 X, 68 X, 69 X, 70 X, 71 X, 79 X
| Partially Implmented | |
| Parasoft C/C++test | 9.5 | BD-PB-OVERF{RD,WR,FMT,NZT} | Fully implemented | |
| Parasoft Insure++ | | | Runtime analysis | |
| Polyspace Bug Finder | R2016a | Array access out of bounds, Buffer overflow from incorrect string format specifier, Destination buffer overflow in string manipulation, Destination buffer underflow in string manipulation, Invalid use of standard library memory routine
Invalid use of standard library string routine, Mismatch between data length and size, Pointer access out of bounds
Possible misuse of sizeof, Use of tainted pointer | Guarantee that library functions do not form invalid pointers | |
| PRQA QA-C | | 2845, 2846, 2847, 2848, 2849, 2930, 2932, 2933, 2934 | Fully implemented | |
Splint | | | | |
