...
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT C | INT11-CPP. Take care when converting from pointer to integer or integer to pointer | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TR 24772:2013 | Pointer Casting and Pointer Type Changes [HFC] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TS 17961:2013 | Converting a pointer to integer or integer to pointer [intptrconv] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| CWE 2.11 | CWE-587, Assignment of a Fixed Address to a Pointer | 2017-07-07: CERT: Partial overlap |
| CWE 2.11 | CWE-704 | 2017-06-14: CERT: Rule subset of CWE |
| CWE 2.11 | CWE-758 | 2017-07-07: CERT: Rule subset of CWE |
| CWE 3.1 | CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer | 2018-10-19:CERT:None |
| CWE 3.1 | CWE-466, Return of Pointer Value Outside of Expected Range | 2018-10-19:CERT:None |
CERT-CWE Mapping Notes
Key here for mapping notes
...
- Setting a pointer to a valid integer value (eg points to an object of the correct t ype)
INT36-C – CweCWE-587 =
- Illegal pointer-to-integer conversion
Intersection(INT36-C,CWE-466) = ∅
Intersection(INT36-C,CWE-466) = ∅
An example explaining the above two equations follows:
static char x[3];
char* foo() {
int x_int = (int) x; // x_int = 999 eg
return x_int + 5; // returns 1004 , violates CWE 466
}
...
int y_int = foo(); // violates CWE-466
char* y = (char*) y_int; // // well-defined but y may be invalid, violates INT36-C
char c = *y; // indeterminate value, out-of-bounds read, violates CWE-119
Bibliography
| [ISO/IEC 9899:2011] | 6.3.2.3, "Pointers" |
...