Page History

...

Incorrectly using a variadic function can result in abnormal program termination, unintended information disclosure, or execution of arbitrary code.

Rule	Severity	Likelihood	Detectable	RepairableRemediation Cost	Priority	Level
DCL50-CPP	High	Probable	Yes	MediumNo	P12	L1

Automated Detection

RuleCheckerRuleCheckerRuleCheckerfunction-elipsis checked

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

function-ellipsis

Fully checked

Axivion Bauhaus Suite

Include Page

	Axivion Bauhaus Suite_V
	Axivion Bauhaus Suite_V

CertC++-DCL50

Clang

Include Page

	Clang_38_V
	Clang_38_V

cert-dcl50-cpp

Checked by clang-tidy.

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.STRUCT.ELLIPSIS

Ellipsis

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C++2012, C++2625

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

MISRA.FUNC.VARARG

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

41 S

Fully Implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_CPP-DCL50-a

Functions shall not be defined with a variable number of arguments

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C++: DCL50-CPP

Checks for function definition with ellipsis notation (rule fully covered)

PRQA QA-C++RuleChecker

Include Page

	PRQA QA-C++RuleChecker_VPRQA QA-C++
	RuleChecker_V

2012, 2625

function-ellipsis

Fully checked

Security Reviewer - Static Reviewer

Include Page

	Security Reviewer - Static Reviewer_V

	Security Reviewer - Static Reviewer_V

UNSAFE_09

Fully

implemented

SonarQube C/C++ Plugin

Include Page

	SonarQube C/C++ Plugin_V
	SonarQube C/C++ Plugin_V

FunctionEllipsis

Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

...

Space shortcuts

Page tree

Versions Compared

Old Version 105

New Version Current

Key

Automated Detection

Related Vulnerabilities