| Checker | CERT-C | CERT-CPP | Description |
| arithOperationsOnVoidPointer | API04-C. Provide a consistent and usable error-checking mechanism |
| Fully implemented |
| arrayIndexOutOfBoundsCond | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| assignmentInAssert | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| autoVariables | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Fully implemented |
| autovarInvalidDeallocation | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Fully implemented |
| C01 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | CTR52-CPP. Guarantee that library functions do not overflow | Fully implemented |
| C02 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C03 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C04 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | CTR52-CPP. Guarantee that library functions do not overflow | Fully implemented |
| C05 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Fully implemented |
| C06 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C07 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Fully implemented |
| C08 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C08 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts | | Fully implemented |
| C09 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Fully implemented |
| C10 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Fully implemented |
| C101 | ARR32-C. Ensure size arguments for variable length arrays are in a valid range | | Fully implemented |
| C107 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array | | Fully implemented |
| C109 | ARR38-C. Guarantee that library functions do not form invalid pointers |
| Fully implemented |
| C11 | CON02-C. Do not use volatile as a synchronization primitive |
| Fully implemented |
| C12 | CON05-C. Do not perform operations that can block while holding a lock |
| Fully implemented |
| C122 | CON40-C. Do not refer to an atomic variable twice in an expression |
| Fully implemented |
| C123 | CON40-C. Do not refer to an atomic variable twice in an expression |
| Fully implemented |
| C126 | DCL01-C. Do not reuse variable names in subscopes |
| Fully implemented |
| C127 | DCL01-C. Do not reuse variable names in subscopes |
| Fully implemented |
| C129 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C13 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C130 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C132 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C133 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C135 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C14 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C15 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C154 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C155 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C16 | DCL13-C. Declare function parameters that are pointers to values not changed by the function as const |
| Fully implemented |
| C17 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | FIO50-CPP. Do not alternately input and output from a file stream without an intervening positioning call | Fully implemented |
| C176 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C177 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C178 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C179 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C18 | DCL30-C. Declare objects with appropriate storage durations | | Fully implemented |
| C19 | DCL31-C. Declare identifiers before using them |
| Fully implemented |
| C20 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| Fully implemented |
| C21 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| Fully implemented |
| C22 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| Fully implemented |
| C23 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| Fully implemented |
| C24 | ARR36-C. Do not subtract or compare two pointers that do not refer to the same array | STR52-CPP. Use valid references, pointers, and iterators to reference elements of a basic_string | Fully implemented |
| C25 | DCL39-C. Avoid information leakage when passing a structure across a trust boundary |
| Fully implemented |
| C26 | DCL40-C. Do not create incompatible declarations of the same function or object |
| Fully implemented |
| C27 | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| Fully implemented |
| C28 | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| Fully implemented |
| C29 | ENV30-C. Do not modify the object referenced by the return value of certain functions |
| Fully implemented |
| C31 | ERR04-C. Choose an appropriate termination strategy |
| Fully implemented |
| C32 | ERR05-C. Application-independent code should provide error detection without dictating error handling |
| Fully implemented |
| C32 | ERR05-C. Application-independent code should provide error detection without dictating error handling |
| Fully implemented |
| C33 | ERR05-C. Application-independent code should provide error detection without dictating error handling |
| Fully implemented |
| C33 | ERR05-C. Application-independent code should provide error detection without dictating error handling |
| Fully implemented |
| C34 | ERR32-C. Do not rely on indeterminate values of errno |
| Fully implemented |
| C35 |
| ERR51-CPP. Handle all exceptions | Fully implemented |
| C36 | EXP00-C. Use parentheses for precedence of operation |
| Fully implemented |
| C37 | EXP08-C. Ensure pointer arithmetic is used correctly |
| Fully implemented |
| C38 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C39 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C40 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C42 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C44 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C45 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C46 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C46 | EXP09-C. Use sizeof to determine the size of a type or variable |
| Fully implemented |
| C47 | EXP12-C. Do not ignore values returned by functions | | Fully implemented |
| C48 | EXP12-C. Do not ignore values returned by functions | | Fully implemented |
| C49 | ARR30-C. Do not form or use out-of-bounds pointers or array subscripts |
| Fully implemented |
| C50 | EXP14-C. Beware of integer promotion when performing bitwise operations on integer types smaller than int |
| Fully implemented |
| C51 | EXP19-C. Use braces for the body of an if, for, or while statement |
| Fully implemented |
| C52 | DCL03-C. Use a static assertion to test the value of a constant expression |
| Fully implemented |
| C53 | EXP30-C. Do not depend on the order of evaluation for side effects | EXP50-CPP. Do not depend on the order of evaluation for side effects | Fully implemented |
| C54 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C55 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C56 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C57 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C58 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C59 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C60 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C61 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C62 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C63 | EXP33-C. Do not read uninitialized memory | EXP53-CPP. Do not read uninitialized memory | Fully implemented |
| C64 | EXP34-C. Do not dereference null pointers | | Fully implemented |
| C64 | EXP34-C. Do not dereference null pointers |
| Fully implemented |
| C65 | EXP34-C. Do not dereference null pointers |
| Fully implemented |
| C65 | EXP34-C. Do not dereference null pointers |
| Fully implemented |
| C66 | EXP34-C. Do not dereference null pointers | | Fully implemented |
| C67 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| Fully implemented |
| C68 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| Fully implemented |
| C69 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| Fully implemented |
| C70 | EXP36-C. Do not cast pointers into more strictly aligned pointer types |
| Fully implemented |
| C71 | EXP37-C. Call functions with the correct number and type of arguments |
| Fully implemented |
| C73 | EXP40-C. Do not modify constant objects |
| Fully implemented |
| C73 | EXP46-C. Do not use a bitwise operator with a Boolean-like operand | | Fully implemented |
| C74 | EXP46-C. Do not use a bitwise operator with a Boolean-like operand |
| Fully implemented |
| C75 | EXP47-C. Do not call va_arg with an argument of the incorrect type |
| Fully implemented |
| C76 | FIO21-C. Do not create temporary files in shared directories |
| Fully implemented |
| C77 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | | Fully implemented |
| C78 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | | Fully implemented |
| C79 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call |
| Fully implemented |
| C80 | FIO39-C. Do not alternately input and output from a stream without an intervening flush or positioning call | | Fully implemented |
| C80 | FIO42-C. Close files when they are no longer needed | FIO51-CPP. Close files when they are no longer needed | Fully implemented |
| C81 | FIO47-C. Use valid format strings | | Fully implemented |
| C82 | FIO47-C. Use valid format strings | | Fully implemented |
| C83 | FIO47-C. Use valid format strings | | Fully implemented |
| C83 | FIO47-C. Use valid format strings | | Fully implemented |
| C84 | FIO47-C. Use valid format strings | | Fully implemented |
| C85 | FIO47-C. Use valid format strings | | Fully implemented |
| C86 | FIO47-C. Use valid format strings | | Fully implemented |
| C86 | FIO47-C. Use valid format strings |
| Fully implemented |
| C87 | FLP03-C. Detect and handle floating-point errors |
| Fully implemented |
| c88 | FLP34-C. Ensure that floating-point conversions are within range of the new type | | Fully implemented |
| C92 | FLP34-C. Ensure that floating-point conversions are within range of the new type | | Fully implemented |
| C999 | INT01-C. Use size_t or rsize_t for all integer values representing the size of an object |
| Fully implemented |
| CbOB | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CconstVariable | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CdLT | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CdoubleFree | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CduplicateCondition | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CE8 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| CE11 | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CE12 | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CE13 | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CE256 | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CE6 | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CE6_S | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CE7 | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CfCO | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CinvalidLifetime | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CinvalidScanfArgType_int | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CiRV | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CiSFW | INT02-C. Understand integer conversion rules |
| Fully implemented |
| CknownConditionTrueFalse | INT02-C. Understand integer conversion rules |
| Fully implemented |
| clarifyCalculation | INT08-C. Verify that all integer values are in range |
| Fully implemented |
| ClRVNU | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| Fully implemented |
| CmAD | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| Fully implemented |
| CmemleakOnRealloc | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| Fully implemented |
| CmissingReturn | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| Fully implemented |
| CMR | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data |
| Fully implemented |
| CmVOOR | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | | Fully implemented |
| CnAS | INT31-C. Ensure that integer conversions do not result in lost or misinterpreted data | | Fully implemented |
| CNI | INT32-C. Ensure that operations on signed integers do not result in overflow |
| Fully implemented |
| CnPDA | INT32-C. Ensure that operations on signed integers do not result in overflow |
| Fully implemented |
| ConfigurationNotChecked | INT32-C. Ensure that operations on signed integers do not result in overflow |
| Fully implemented |
| constParameter | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| Fully implemented |
| CoOB | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| Fully implemented |
| CPP_01 | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors | | Fully implemented |
| CPP_02 | INT33-C. Ensure that division and remainder operations do not result in divide-by-zero errors |
| Fully implemented |
| CPP_03 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand | | Fully implemented |
| CPP_04 | INT34-C. Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand | | Fully implemented |
| CPP_05 | INT36-C. Converting a pointer to integer or integer to pointer |
| Fully implemented |
| CPP_06 | INT36-C. Converting a pointer to integer or integer to pointer |
| Fully implemented |
| CPP_07 | MEM03-C. Clear sensitive information stored in reusable resources |
| Fully implemented |
| CPP_08 | MEM04-C. Beware of zero-length allocations |
| Fully implemented |
| CPP_09 | MEM04-C. Beware of zero-length allocations |
| Fully implemented |
| CPP_10 | MEM05-C. Avoid large stack allocations |
| Fully implemented |
| CPP_11 | MEM10-C. Define and use a pointer validation function |
| Fully implemented |
| CPP_12 | MEM30-C. Do not access freed memory | MEM50-CPP. Do not access freed memory | Fully implemented |
| CPP_14 | MEM30-C. Do not access freed memory | MEM50-CPP. Do not access freed memory | Fully implemented |
| CPP_15 | MEM30-C. Do not access freed memory | MEM50-CPP. Do not access freed memory | Fully implemented |
| CPP_17 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_18 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_22 | MEM31-C. Free dynamically allocated memory when no longer needed |
| Fully implemented |
| CPP_23 | MEM31-C. Free dynamically allocated memory when no longer needed |
| Fully implemented |
| CPP_24 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_25 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_26 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_27 | MEM31-C. Free dynamically allocated memory when no longer needed | | Fully implemented |
| CPP_28 | MEM33-C. Allocate and copy structures containing a flexible array member dynamically | MEM53-CPP. Explicitly construct and destruct objects when manually managing object lifetime | Fully implemented |
| CPP_29 | MEM33-C. Allocate and copy structures containing a flexible array member dynamically | MEM53-CPP. Explicitly construct and destruct objects when manually managing object lifetime | Fully implemented |
| CPP_31 | MEM34-C. Only free memory allocated dynamically | | Fully implemented |
| CPP_32 | MEM34-C. Only free memory allocated dynamically |
| Fully implemented |
| CPP_33 | MEM34-C. Only free memory allocated dynamically |
| Fully implemented |
| CPP_34 | MEM34-C. Only free memory allocated dynamically | | Fully implemented |
| CPP_35 | MEM34-C. Only free memory allocated dynamically |
| Fully implemented |
| CPP_36 | MEM34-C. Only free memory allocated dynamically |
| Fully implemented |
| CPP_39 | MEM35-C. Allocate sufficient memory for an object |
| Fully implemented |
| CPP_40 | MEM35-C. Allocate sufficient memory for an object |
| Fully implemented |
| CPP_41 | MEM35-C. Allocate sufficient memory for an object |
| Fully implemented |
| CPP_42 | MEM50-CPP. Do not access freed memory |
| Fully implemented |
| CPP_43 | MEM50-CPP. Do not access freed memory |
| Fully implemented |
| CPP_44 | MSC01-C. Strive for logical completeness |
| Fully implemented |
| CPP_45 | MSC01-C. Strive for logical completeness |
| Fully implemented |
| CPP_46 | MSC01-C. Strive for logical completeness |
| Fully implemented |
| CPP_47 | MSC01-C. Strive for logical completeness |
| Fully implemented |
| CPP_48 | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| Fully implemented |
| CPP_55 | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| Fully implemented |
| CPP_56 | MEM12-C. Consider using a goto chain when leaving a function on error when using and releasing resources |
| Fully implemented |
| CPP_57 | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPP_58 | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPP_59 | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPP_60 | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPP_61 | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPP_62 | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPP_uninitvar | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPCrypt | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPDSLHardcoded | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPDSLRAND | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPDSLWES | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CpPED | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPEnterCriticalSection | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPIsBadWritePtr | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPLoadLibrary | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPLoop | MSC07-C. Detect and remove dead code |
| Fully implemented |
| CPPOftenMisused | MSC09-C. Character encoding: Use subset of ASCII for safety |
| Fully implemented |
| CPPPBE | MSC11-C. Incorporate diagnostic tests using assertions |
| Fully implemented |
| CPPStackBased | MSC11-C. Incorporate diagnostic tests using assertions |
| Fully implemented |
| CPtr | MSC12-C. Detect and remove code that has no effect or is never executed |
| Fully implemented |
| CredundantInitialization | MSC12-C. Detect and remove code that has no effect or is never executed |
| Fully implemented |
| CreturnDanglingLifetime | MSC12-C. Detect and remove code that has no effect or is never executed |
| Fully implemented |
| CsFPC | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| Fully implemented |
| CsTMB | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| Fully implemented |
| CstrdupCalled | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| Fully implemented |
| ctuArrayIndex | MSC18-C. Be careful while handling sensitive data, such as passwords, in program code |
| Fully implemented |
| ctuNullPointer | MSC20-C. Do not use a switch statement to transfer control into a complex block |
| Fully implemented |
| ctuOneDefinitionRuleViolation | MSC21-C. Use robust loop termination conditions |
| Fully implemented |
| CuEV | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| CvariableScope | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| CWE395TEST_2_CPP | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| CWE561P25 | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| CwPSPPE | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| CzDC | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| deallocret | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| integerOverflowCond | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| invalidContainer | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| invalidFunctionArg | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| leakUnsafeArgAlloc | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| memleak | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| memleakOnRealloc | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| noCopyConstructor | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| noOperatorEq | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| nullPointerRedundantCheck | MSC24-C. Do not use deprecated or obsolescent functions |
| Fully implemented |
| oppositeExpression | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| redundantPointerOp | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_01 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_02 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_03 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_04 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_05 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_06 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_07 | MSC30-C. Do not use the rand() function for generating pseudorandom numbers | MSC50-CPP. Do not use std::rand() for generating pseudorandom numbers | Fully implemented |
| RTOS_08 | MSC32-C. Properly seed pseudorandom number generators | MSC51-CPP. Ensure your random number generator is properly seeded | Fully implemented |
| RTOS_09 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
| RTOS_10 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
| RTOS_11 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
| RTOS_12 | MSC37-C. Ensure that control never reaches the end of a non-void function | MSC52-CPP. Value-returning functions must return a value from all exit paths | Fully implemented |
| RTOS_13 | MSC39-C. Do not call va_arg() on a va_list that has an indeterminate value |
| Fully implemented |
| RTOS_14 | MSC41-C. Never hard code sensitive information |
| Fully implemented |
| RTOS_15 | MSC41-C. Never hard code sensitive information |
| Fully implemented |
| RTOS_16 | MSC41-C. Never hard code sensitive information |
| Fully implemented |
| RTOS_17 | MSC41-C. Never hard code sensitive information |
| Fully implemented |
| RTOS_18 | MSC25-C. Do not use insecure or weak cryptographic algorithms |
| Fully implemented |
| RTOS_19 | POS01-C. Check for the existence of links when dealing with files |
| Fully implemented |
| RTOS_20 | POS52-C. Do not perform operations that can block while holding a POSIX lock |
| Fully implemented |
| RTOS_22 | PRE04-C. Do not reuse a standard header file name |
| Fully implemented |
| RTOS_23 | PRE04-C. Do not reuse a standard header file name |
| Fully implemented |
| RTOS_24 | PRE04-C. Do not reuse a standard header file name |
| Fully implemented |
| RTOS_25 | PRE04-C. Do not reuse a standard header file name |
| Fully implemented |
| RTOS_26 | PRE13-C. Use the Standard predefined macros to test for versions and features. |
| Fully implemented |
| RTOS_27 | PRE30-C. Do not create a universal character name through concatenation | | Fully implemented |
| RTOS_28 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| Fully implemented |
| RTOS_29 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| Fully implemented |
| RTOS_30 | PRE31-C. Avoid side effects in arguments to unsafe macros |
| Fully implemented |
| RTOS_31 | STR05-C. Use pointers to const when referring to string literals |
| Fully implemented |
| RTOS_33 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| RTOS_34 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| shadowVariable | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| shiftTooManyBits | STR32-C. Do not pass a non-null-terminated character sequence to a library function that expects a string | STR51-CPP. Do not attempt to create a std::string from a null pointer | Fully implemented |
| UNSAFE_01 | STR37-C. Arguments to character-handling functions must be representable as an unsigned char |
| Fully implemented |
| UNSAFE_02 | STR38-C. Do not confuse narrow and wide character strings and functions |
| Fully implemented |
| UNSAFE_03 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| UNSAFE_04 | STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator | STR50-CPP. Guarantee that storage for strings has sufficient space for character data and the null terminator | Fully implemented |
| UNSAFE_05 | WIN02-C. Restrict privileges when spawning child processes |
| Fully implemented |
| UNSAFE_06 |
| OOP52-CPP. Do not delete a polymorphic object without a virtual destructor | Fully implemented |
| UNSAFE_07 |
| OOP50-CPP. Do not invoke virtual functions from constructors or destructors | Fully implemented |
| UNSAFE_08 |
| CON53-CPP. Avoid deadlock by locking in a predefined order | Fully implemented |
| UNSAFE_09 |
| DCL50-CPP. Do not define a C-style variadic function | Fully implemented |
| va_end_missing |
| ERR59-CPP. Do not throw an exception across execution boundaries | Fully implemented |
| va_start_subsequentCalls |
| MEM56-CPP. Do not store an already-owned pointer value in an unrelated smart pointer | Fully implemented |
| wcsdupCalled |
| MEM51-CPP. Properly deallocate dynamically allocated resources | Fully implemented |
| zerodiv |
|
| Fully implemented |
