SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 64

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version Current

changes.mady.by.user Francesco Mariani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Using an invalid reference, pointer, or iterator to a string object could allow an attacker to run arbitrary code.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

STR52-CPP

High

Probable

No

High

No

P6

L2

Automated Detection

Tool

Version

Checker

Description

   

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

ALLOC.UAF

Use After Free

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF4746, DF4747, DF4748, DF4749


Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-STR52-a

Use valid references, pointers, and iterators to reference elements of a basic_string

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: STR52-CPPChecks for use of invalid string iterator (rule partially covered).
Security Reviewer - Static Reviewer

6.02

C24Fully implemented
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardCTR51-CPP. Use valid references, pointers, and iterators to reference elements of a container

Bibliography

[ISO/IEC 14882-2014]

Subclause 21.4.1, "basic_string General Requirements"

[Meyers
01
2001]Item 43, "Prefer Algorithm Calls to Hand-written Loops"

...


...

Image Modified Image Modified Image Modified