New Klocwork Taxonomy for ISO/IEC TS 17961 available


Developed by Emenda, the Klocwork ISO/IEC TS 17961 Taxonomy allows for the checking and reporting of violations to the ISO/IEC TS 17961 coding standard. To request a copy of the taxonomy and instructions on how to install it, click here.

As of writing, the rules covered (full and partial) by the taxonomy are in the table below. Please note this content is subject to change in future.

RuleDescription
5.1Accessing an object through a pointer to an incompatible type [ptrcomp]
5.2Accessing freed memory [accfree]
5.4No assignment in conditional expressions [boolasgn]
5.6Calling functions with incorrect arguments [argcomp]
5.10Converting a pointer to integer or integer to pointer [intptrconv]
5.12Copying a FILE object [filecpy]
5.13Declaring the same function or object in incompatible ways [funcdecl]
5.14Dereferencing an out-of-domain pointer [nullref]
5.15Escaping the address of an automatic object [addrescape]
5.17Use of an implied default in a switch statement [switchdflt]
5.18Failing to close files or free dynamic memory when they are no longer needed [fileclose]
5.21Allocating insufficient memory [insufmem]
5.22Forming or using out-of-bounds pointers or array subscripts [invptr]
5.23Freeing memory multiple times [dblfree]
5.24Including tainted or out-of-domain input in a format string [usrfmt]
5.25Incorrectly setting and using errno [inverrno]
5.26Integer division errors [diverr]
5.28Modifying string literals [strmod]
5.31Passing a non-null-terminated character sequence to a library function that expects a string [nonnullcs]
5.34Reallocating or freeing memory that was not dynamically allocated [xfree]
5.35Referencing unintialized memory [uninitref]
5.37Tainted strings are passed to a string copying function [taintstrcpy]
5.38Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr]
5.40Using a tainted value to write to an object using a formatted input or output function [taintformatio]
5.44Using identifiers that are reserved for the implementation [resident]
5.45Using invalid format strings [invfmtstr]
5.46Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink [taintsink]

The coverage of the standard may increase with future releases of the tool, as new checkers are added. Emenda also offers checker writing and maintenance as a professional service, if your organisation would benefit from increased coverage of this standard, internal guidelines or other standards not yet supported – please contact us or click here to find out more information.



Get in touch

Full Name (required)

Work Email (required)

Title

Company

Contact number

Priority
HighResearch

Product
KlocworkUnderstandPerforceLattixSecurity InnovationFlexNet Code InsightSemios

Platform
CC++C#JavaPythonPerlPHPOther Language

Certificate Standard(s)

Additional information