 
                            ...
| Recommendation | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level | 
|---|---|---|---|---|---|---|
| INT08-C | Medium | Probable | No | HighNo | P4 | L3 | 
Automated Detection
| Tool | Version | Checker | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée | 
 | integer-overflow | Fully checked | ||||||||||||
| Axivion Bauhaus Suite | 
 | CertC-INT08 | |||||||||||||
| CodeSonar | 
 | ALLOC.SIZE.ADDOFLOW ALLOC.SIZE.IOFLOW ALLOC.SIZE.MULOFLOW ALLOC.SIZE.SUBUFLOW MISC.MEM.SIZE.ADDOFLOW MISC.MEM.SIZE.BAD MISC.MEM.SIZE.MULOFLOW MISC.MEM.SIZE.SUBUFLOW | Addition Overflow of Allocation Size Integer Overflow of Allocation Size Multiplication Overflow of Allocation Size Subtraction Underflow of Allocation Size Addition Overflow of Size Unreasonable Size Argument Multiplication Overflow of Size Subtraction Underflow of Size | ||||||||||||
| Compass/ROSE | Could detect violations of this recommendation by flagging any comparison expression involving addition that could potentially overflow. For example, instead of comparing  | ||||||||||||||
| Helix QAC | 
 | C2800, C2801, C2802, C2803, C2910, C2911, C2912, C2913 C2910 DF2801, DF2802, DF2803, DF2911, DF2912, DF2913 | |||||||||||||
| LDRA tool suite | 
 | 488 S, 493 S, 493 S | Partially implemented | ||||||||||||
| Parasoft C/C++test | 
 | CERT_C-INT08-a CERT_C-INT08-b CERT_C-INT08-c CERT_C-INT08-d | Avoid data loss when converting between integer types | ||||||||||||
| PC-lint Plus | 
 | 648, 650, 679, 680, 776, | Partially supported | ||||||||||||
| Polyspace Bug Finder | 
 | CERT C: Rec. INT08-C | Checks for integer overflow or integer constant overflow (rec. fully covered) | PRQA QA-C | |||||||||||
| Include Page | PRQA QA-C_v | PRQA QA-C_v | 2800,2801,2802,2803, 2910,2911,2912,2913 | Partially implemented | 
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...