SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 127

changes.mady.by.user Arthur Hicken

Saved on

compared with

New Version 128

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

pointered-deallocation

array-index-range

null-dereferencing

Partially checked
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.MEM.BO
LANG.MEM.BU

LANG.MEM.TBA

LANG.MEM.TO
LANG.MEM.TU

LANG.STRUCT.PBB
LANG.STRUCT.PPE

BADFUNC.BO.*

Buffer overrun
Buffer underrun

Tainted buffer access

Type overrun
Type underrun

Pointer before beginning of object
Pointer past end of object

A collection of warning classes that report uses of library functions prone to internal buffer overflows.

Compass/ROSE

Could be configured to catch violations of this rule. The way to catch the noncompliant code example is to first hunt for example code that follows this pattern:

   for (LPWSTR pwszTemp = pwszPath + 2; *pwszTemp != L'\\';
   *pwszTemp++;)

In particular, the iteration variable is a pointer, it gets incremented, and the loop condition does not set an upper bound on the pointer. Once this case is handled, ROSE can handle cases like the real noncompliant code example, which is effectively the same semantics, just different syntax

Coverity

Include Page
Coverity_V
Coverity_V

OVERRUN

NEGATIVE_RETURNS

ARRAY_VS_SINGLETON

BUFFER_SIZE

Can detect the access of memory past the end of a memory buffer/array

Can detect when the loop bound may become negative

Can detect the out-of-bound read/write to array allocated statically or dynamically

Can detect buffer overflows

Cppcheck
Include Page
Cppcheck_V
Cppcheck_V
arrayIndexOutOfBounds, outOfBounds, negativeIndex, arrayIndexThenCheck, arrayIndexOutOfBoundsCond,  possibleBufferAccessOutOfBounds

Context sensitive analysis of array index, pointers, etc.

Array index out of bounds

Buffer overflow when calling various functions memset,strcpy,..

Warns about condition (a[i] == 0 && i < unknown_value) and recommends that (i < unknown_value && a[i] == 0) is used instead

Detects unsafe code when array is accessed before/after it is tested if the array index is out of bounds

Klocwork
Include Page
Klocwork_V
Klocwork_V

ABV.ANY_SIZE_ARRAY
ABV.GENERAL
ABV.STACK
ABV.TAINTED
ABV.UNICODE.BOUND_MAP
ABV.UNICODE.FAILED_MAP
ABV.UNICODE.NNTS_MAP
ABV.UNICODE.SELF_MAP
ABV.UNKNOWN_SIZE
NNTS.MIGHT
NNTS.MUST
NNTS.TAINTED
SV.STRBO.BOUND_COPY.OVERFLOW
SV.STRBO.BOUND_COPY.UNTERM
SV.STRBO.BOUND_SPRINTF
SV.TAINTED.ALLOC_SIZE
SV.TAINTED.CALL.INDEX_ACCESS
SV.TAINTED.CALL.LOOP_BOUND
SV.TAINTED.INDEX_ACCESS
SV.TAINTED.LOOP_BOUND
SV.UNBOUND_STRING_INPUT.CIN
SV.UNBOUND_STRING_INPUT.FUNC


LDRA tool suite
 
Include Page
LDRA_V
LDRA_V

45 D, 47 S, 476 S, 489 S, 64 X, 66 X, 68 X, 69 X, 70 X, 71 X, 79 X

Partially implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
BD-PB-ARRAYPartially implemented
Parasoft Insure++

Runtime
Polyspace Bug FinderR2016a

Array access out of bounds, Array access with tainted index, Pointer access out of bounds, Pointer dereference with tainted offset, Use of tainted pointer

Array index outside bounds during array access

Array index from unsecure source possibly outside array bounds

Pointer dereferenced outside its bounds

Offset is from an unsecure source and dereference may be out of bounds

Pointer from an unsecure source may be NULL or point to unknown memory

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v

2840, 2841, 2842, 2843, 2844, 2930, 2931, 2932, 2933, 2934, 2950,
2951, 2952, 2953

Partially implemented
PRQA QA-C++
Include Page
cplusplus:PRQA QA-C++_V
cplusplus:PRQA QA-C++_V

2820, 2821, 2822, 2823, 2824, 2840, 2841, 2842, 2843, 2844, 2930,
2931, 2932, 2950, 2951, 2952

Partially implemented
PVS-Studio6.22

Include Page
PVS-Studio_V
PVS-Studio_V

V512, V557, V582, V594, V643, V645, V694

...