SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 101

changes.mady.by.user Michal Rozenau

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Recommendation

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

MEM01-C

High

Unlikely

Yes

LowYes

P9

L2

Automated Detection

, but no explicit checkerMissing Pointer free not followed by a reset statement to clear leftover data

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported: Astrée reports usage of invalid pointers.
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-MEM01Fully implemented
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

ALLOC.DF
ALLOC.UAF

Double free
Use after free

Compass/ROSE




Coverity

Include Page
Coverity_V
Coverity_V

USE_AFTER_FREE

Can detect the specific instances where memory is deallocated more than once or read/written to the target of a freed pointer

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C3005


LDRA tool suite
Include Page
LDRA_V
LDRA_V
484 S, 112 DPartially implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-MEM01-a
CERT_C-MEM01-b
CERT_C-MEM01-c
CERT_C-MEM01-d

Do not use resources that have been freed
Always assign a new value to an expression that points to deallocated memory
Always assign a new value to global or member variable that points to deallocated memory
Always assign a new value to parameter or local variable that points to deallocated memory

Parasoft Insure++

Detects dangling pointers at runtime

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder

R2016b

_V

CERT C: Rec. MEM01-CChecks for missing reset of a freed pointer (rec. fully covered)

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...