SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 251

changes.mady.by.user Francesco Mariani

Saved on

compared with

New Version Current

changes.mady.by.user Joerg Herter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported

Astrée reports all buffer overflows resulting from copying data to a buffer that is not large enough to hold that data.

bad-function-use
stdlib-string-size
strcpy-limits
string-initializer-null

Partially checked + soundly supported
Axivion Bauhaus Suite
Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V
CertC-STR31

Detects calls to unsafe string function that may cause buffer overflow
Detects potential buffer overruns, including those caused by unsafe usage of fscanf()

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.MEM.BO
LANG.MEM.TO
MISC.MEM.NTERM
BADFUNC.BO.*

Buffer overrun
Type overrun
No space for null terminator
A collection of warning classes that report uses of library functions prone to internal buffer overflows

Compass/ROSE



Can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example

Coverity
Include Page
Coverity_V
Coverity_V

STRING_OVERFLOW

BUFFER_SIZE

OVERRUN

STRING_SIZE

Fully implemented

Fortify SCA

5.0



Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C2840,  C5009, C5038

C++0145, C++5009, C++5038

DF2840, DF2841, DF2842, DF2843, DF2845, DF2846, DF2847, DF2848, DF2930, DF2931, DF2932, DF2933, DF2935, DF2936, DF2937, DF2938, DF3581, DF3582, DF3583, DF3586, DF3587, DF3589


Klocwork

Include Page
Klocwork_V
Klocwork_V

SV.FMT_STR.BAD_SCAN_FORMAT
SV.UNBOUND_STRING_INPUT.FUNC


LDRA tool suite

Include Page
LDRA_V
LDRA_V

489 S, 109 D, 66 X, 70 X, 71 X

Partially implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-STR31-a
CERT_C-STR31-b
CERT_C-STR31-c
CERT_C-STR31-d
CERT_C-STR31-e

Avoid accessing arrays out of bounds
Avoid overflow when writing to a buffer
Prevent buffer overflows from tainted data
Avoid buffer write overflow from tainted data
Avoid using unsafe string functions which may cause buffer overflows

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

421, 498

Partially supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule STR31-C

Checks for:

  • Use of dangerous standard function
  • Missing null in string array
  • Buffer overflow from incorrect string format specifier
  • Destination buffer overflow in string manipulation
  • Insufficient destination buffer size

Rule partially covered.

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V518, V645, V727, V755
RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

bad-function-use
stdlib-string-size
strcpy-limits
string-initializer-null		Partially checked
Security Reviewer - Static Reviewer

Include Page
Security Reviewer - Static Reviewer_V
Security Reviewer - Static Reviewer_V

RTOS_33
RTOS_34
shadowVariable
UNSAFE_03
UNSAFE_04
Fully implemented

Splint

Include Page
Splint_V
Splint_V



TrustInSoft Analyzer

Include Page
TrustInSoft Analyzer_V
TrustInSoft Analyzer_V

mem_access

Exhaustively verified (see one compliant and one non-compliant example).

...