Page History

...

Rule	Severity	Likelihood	Detectable	Repairable	Priority	Level
FIO05-J	Medium	Likely	No	No	P6	L2

Automated Detection

Sound automated detection of this vulnerability is not feasible. Heuristic approaches may be useful.

Tool

Version

Checker

Description

Include Page

	Parasoft_V
	Parasoft_V

CERT.FIO05.BUFEXP

Do not expose data wrapped by a buffer to untrusted code

Include Page

	Security Reviewer - Static Reviewer_V
	Security Reviewer - Static Reviewer_V

Idor04

Full Implementation

Include Page

	SpotBugs_V
	SpotBugs_V

MS_EXPOSE_BUF
EI_EXPOSE_BUF2
EI_EXPOSE_BUF
EI_EXPOSE_STATIC_BUF2

Implemented (since 4.3.0)

[API 2014]	Class `CharBuffer`
[Hitchens 2002]	Section 2.3 "Duplicating Buffers"

...