For this submission, we used the following configuration:

Tool - LDRA Testbed version 8.3.0

Tool Host OS - Windows XP

Application Build configuration OS - Linux Ubuntu 10.04 with GCC 4.4.3

Report configuration - A custom code review standard was created that included only the Level 1 CERT C Secure Coding Guidelines rules from Volume 1 of Robert Seacord's book, together with the following LDRA standards that were chosen because they are pertinent to security concerns:

        47 S - Array Bound exceeded.
        480 S - memcpy params access same variable.
        486 S - insufficient formats in output function (e.g. printf).
        487 S - Insufficient space allocated.
        489 S - Insufficient space for operation.
        75 D - Attempt to open file pointer more than once.
        76 D - Procedure not called in code analysed.
        77 D - Local structure returned in function result.
        78 D - Variable should be declared const.
        79 D - Member function should be declared static.
        80 D - Potentially unused function return value.

