...
Tool | Version | Checker | Description | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE | Could detect some violations of this rule. This rule applies only to untrusted file name strings, and ROSE cannot tell which strings are trusted and which are not. The best heuristic is to note if there is any verification of the file name before or after the | |||||||||||||||||||
Helix QAC |
| DF4921, DF4922, DF4923 | ||||||||||||||||||
Parasoft C/C++test |
| CERT_C-FIO32-a | Protect against file name injection | |||||||||||||||||
Polyspace Bug Finder |
| CERT C: Rule FIO32-C | Checks for inappropriate I/O operation on device files (rule fully covered) | PRQA QA-C | ||||||||||||||||
Include Page | PRQA QA-C_v | PRQA QA-C_v | 4921, 4922, 4923 | Enforced by QAC | PRQA QA-C++ | |||||||||||||||
Include Page | cplusplus:PRQA QA-C++_V | cplusplus:PRQA QA-C++_V | 4921, 4922, 4923 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...