 
                            ...
The effects of accessing bits of an object representation that are not part of the object's value representation can range from implementation-defined behavior (such as assuming the layout of fields with differing access controls) to code execution vulnerabilities (such as overwriting the vtable pointer).
| Rule | Severity | Likelihood | 
|---|
| Detectable | Repairable | Priority | Level | 
|---|---|---|---|
| EXP62-CPP | High | Probable | Yes | 
| No | 
| P12 | 
| L1 | 
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée | 
 | invalid_pointer_dereference uninitialized_variable_use | |||||||
| CodeSonar | 
 | BADFUNC.MEMCMP BADFUNC.MEMSET | Use of memcmp Use of memset | ||||||
| Helix QAC | 
 | DF4726, DF4727, DF4728, DF4729, DF4731, DF4732, DF4733, DF4734 | |||||||
| Klocwork | 
 | CERT.MEMCMP.PADDED_DATA CWARN.MEM.NONPOD | |||||||
| LDRA tool suite | 
 | 618 S | Partially implemented | ||||||
| Parasoft C/C++test | 
 | CERT_CPP-EXP62-a | Do not compare objects of a class that may contain padding bits with C standard library functions | ||||||
| Polyspace Bug Finder | 
 | CERT C++: EXP62-CPP | Checks for access attempts on padding and vtable bits (rule fully covered). | ||||||
| PVS-Studio | 
 | V598, V780, V1084 | 
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| SEI CERT C++ Coding Standard | OOP57-CPP. Prefer special member functions and overloaded operators to C Standard Library functions | 
Bibliography
| [ISO/IEC 14882-2014] | Subclause 3.9, "Types" Subclause 3.10, "Lvalues and Rvalues" Clause 9, "Classes" | 
...
...