SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 72

changes.mady.by.user Svyatoslav Razmyslov

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

Using arrays polymorphically can result in memory corruption, which could lead to an attacker being able to execute arbitrary code.

Rule

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

CTR56-CPP

High

Likely

No

NoHigh

P9

L2

Automated Detection

PRQA QA-C++

Tool

Version

Checker

Description

Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-CTR56
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.PARITH

Pointer Arithmetic

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C++3073
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_CPP-CTR56-a
CERT_CPP-CTR56-b
CERT_CPP-CTR56-c

Don't treat arrays polymorphically
A pointer to an array of derived class objects should not be converted to a base class pointer
Do not treat arrays polymorphically

PB-10, STL-02

LDRA tool suite
Include Page
LDRA_V
LDRA_V

567 S

Enhanced Enforcement

Polyspace Bug Finder

Include Page

PRQA QA-C++

Polyspace Bug Finder_V
Polyspace Bug Finder_V

PRQA QA-
CERT C++: CTR56-CPPChecks for pointer arithmetic on polymorphic object (rule fully covered)
PVS-Studio

Include Page
PVS-Studio_V

3073

PVS-Studio

6.22

_V

V777General analysis rule

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...