SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 168

changes.mady.by.user Aleksandr Karbyshev

Saved on

compared with

New Version 169

changes.mady.by.user Anirban Gangopadhyay

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-FIO30Partially implemented
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

IO.INJ.FMT
MISC.FMT

Format string injection
Format string

Compass/ROSE



Coverity
Include Page
Coverity_V
Coverity_V

TAINTED_STRING

Implemented
GCC
Include Page
GCC_V
GCC_V

Can detect violations of this rule when the -Wformat-security flag is used

Klocwork
Include Page
Klocwork_V
Klocwork_V

SV.FMTSTR.GENERIC
SV.TAINTED.FMTSTR


LDRA tool suite
Include Page
LDRA_V
LDRA_V

86 D

Partially Implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-FIO30-a
CERT_C-FIO30-b
CERT_C-FIO30-c

Avoid calling functions printf/wprintf with only one argument other than string constant
Avoid using functions fprintf/fwprintf with only two parameters, when second parameter is a variable
Never use unfiltered data from an untrusted user as the format parameter

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

Tainted string formatCERT C: Rule FIO30-C

Checks for tainted string format (rule partially covered)Input format argument is from an unsecure source

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V618
Splint
Include Page
Splint_V
Splint_V


...