Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

IO.RACE

IO.TAINT.FNAME

BADFUNC.TEMP.*

File System Race Condition

Tainted Filename

A collection of warning classes that report uses of library functions associated with temporary file vulnerabilities (including name issues).

Compass/ROSE



Can detect some violations of this recommendation. In particular, it warns when chown(), stat(), or chmod() are called on an open file

Coverity6.5TOCTOUFully implemented
Klocwork
Include Page
Klocwork_V
Klocwork_V

SV.TOCTOU.FILE_ACCESS


LDRA tool suite
Include Page
LDRA_V
LDRA_V

592 S

Fully implemented

Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V

CERT_C-FIO01-a
CERT_C-FIO01-b

Don't use chmod(), chown(), chgrp()
Usage of functions prone to race is not allowed

Polyspace Bug FinderR2016a

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

File access between time of check and use (TOCTOU)

File or folder might change state due to access race

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
5011Partially implemented

...