SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 150

changes.mady.by.user Jill Britton

Saved on

compared with

New Version 151

changes.mady.by.user Jakub Zwolakowski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added TrustInSoft Analyzer to the Automated Detection table.

...

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported: Astrée supports the implementation of library stubs to verify this guideline.
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-STR32Partially implemented: can detect some violation of the rule
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
MISC.MEM.NTERM.CSTRINGUnterminated C String
Compass/ROSE



Can detect some violations of this rule

Coverity
Include Page
Coverity_V
Coverity_V
STRING_NULLFully implemented
Klocwork
Include Page
Klocwork_V
Klocwork_V

NNTS.MIGHT
NNTS.MUST

NNTS.TAINTED


LDRA tool suite
Include Page
LDRA_V
LDRA_V

404 S, 600 S

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
CERT_C-STR32-a

Avoid overflow due to reading a not zero terminated string

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

Invalid use of standard library string routine

Standard function call with incorrect arguments

Tainted NULL or non-null-terminated string

MISRA C:2012 Rule 21.17

Standard library string function called with invalid arguments

Argument to a standard function does not meet requirements for use in the function


Argument is from an unsecure source and may be NULL or not NULL-terminated

Use of the string handling function from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters

PRQA QA-C

Include Page
PRQA QA-C_v
PRQA QA-C_v

2835, 2836, 2839
PRQA QA-C++

Include Page
cplusplus:PRQA QA-C++_V
cplusplus:PRQA QA-C++_V

0145 
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V692
TrustInSoft Analyzer

Include Page
TrustInSoft Analyzer_V
TrustInSoft Analyzer_V

match format and argumentsPartially verified.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...