Info |
---|
This page was automatically generated and should not be edited. The information on this page was provided by outside contributors and has not been verified by SEI CERT. |
CERT Rule | Related Guidelines |
---|---|
EXP30-C | CWE-758 |
EXP33-C | CWE-456 |
EXP33-C | CWE-457 |
EXP33-C | CWE-758 |
EXP33-C | CWE-908 |
EXP34-C | CWE-476, NULL Pointer Dereference |
EXP37-C | CWE-628, Function Call with Incorrectly Specified Arguments |
INT36-C | CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer |
EXP39-C | CWE-125, Out-of-bounds Read |
EXP39-C | CWE-704 |
EXP45-C | CWE-480, Use of Incorrect Operator |
EXP45-C | CWE-481 |
EXP46-C | CWE-480, Use of incorrect operator |
EXP46-C | CWE-569 |
INT30-C | CWE-190, Integer Overflow or Wraparound |
INT30-C | CWE-131 | INT30-C | CWE-191
INT30-C | CWE-680 |
INT31-C | CWE-192, Integer Coercion Error |
INT31-C | CWE-197, Numeric Truncation Error |
INT31-C | CWE-681, Incorrect Conversion between Numeric Types |
INT31-C | CWE-704 |
INT32-C | CWE-190, Integer Overflow or Wraparound |
INT32-C | CWE-191 |
INT32-C | CWE-680 |
INT33-C | CWE-369, Divide By Zero |
INT34-C | CWE-682 |
INT34-C | CWE-758 |
INT35-C | CWE-681, Incorrect Conversion between Numeric Types |
INT36-C | CWE- |
466, | |
Return of | |
Pointer Value Outside of Expected Range | |
ARR38-C | CWE-129, Improper Validation of Array Index |
INT36-C | CWE-704 |
INT36-C | CWE-758 |
FLP32-C | CWE-682, Incorrect Calculation |
FLP34-C | CWE-681, Incorrect Conversion between Numeric Types |
FLP34-C | CWE-197 |
ARR30-C | CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer |
ARR30-C | CWE-123, Write-what-where Condition |
ARR30-C | CWE-125, Out-of-bounds Read |
ARR32-C | CWE-758 |
ARR36-C | CWE-469, Use of Pointer Subtraction to Determine Size |
ARR38-C | CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer |
ARR38-C | CWE-121, Stack-based Buffer Overflow |
ARR38-C | CWE-123, Write-what-where Condition |
ARR38-C | CWE-125, Out-of-bounds Read |
ARR38-C | CWE-805, Buffer Access with Incorrect Length Value |
ARR39-C | CWE-468, Incorrect Pointer Scaling |
STR31-C | CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer |
STR31-C | CWE-120, Buffer Copy without Checking Size of Input ("Classic Buffer Overflow") |
STR31-C | CWE-123, Write-what-where Condition |
STR31-C | CWE-125, Out-of-bounds Read |
STR31-C | CWE-676, Off-by-one Error |
STR32-C | CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer |
STR32-C | CWE-123, Write-what-where Condition |
STR32-C | CWE-125, Out-of-bounds Read |
STR32-C | CWE-170, Improper Null Termination |
STR37-C | CWE-704, Incorrect Type Conversion or Cast |
MEM30-C | CWE-416, Use After Free |
MEM30-C | CWE-672 |
MEM31-C | CWE-401, Improper Release of Memory Before Removing Last Reference ("Memory Leak") |
MEM31-C | CWE-404 |
MEM31-C | CWE-459 |
MEM31-C | CWE-771 |
MEM31-C | CWE-772 |
MEM34-C | CWE-590, Free of Memory Not on the Heap |
MEM35-C | CWE-131, Incorrect Calculation of Buffer Size |
MEM35-C | CWE-680 |
MEM35-C | CWE-789 |
FIO30-C | CWE-134, Uncontrolled Format String |
FIO30-C | CWE-20, Improper Input Validation |
FIO34-C | CWE-197 |
FIO37-C | CWE-241, Improper Handling of Unexpected Data Type |
FIO39-C | CWE-664 |
FIO42-C | CWE-404, Improper Resource Shutdown or Release |
FIO42-C | CWE-459 |
FIO42-C | CWE-772 |
FIO42-C | CWE-773 |
FIO42-C | CWE-775 |
FIO42-C | CWE-403 |
FIO47-C | CWE-686, Function Call with Incorrect Argument Type |
FIO47-C | CWE-685 |
ENV32-C | CWE-705, Incorrect Control Flow Scoping |
ENV33-C | CWE-88, Argument Injection or Modification |
ENV33-C | CWE-676 |
SIG30-C | CWE-479, Signal Handler Use of a Non-reentrant Function |
SIG31-C | CWE-662, Improper Synchronization |
SIG31-C | CWE-828, Signal Handler with Functionality that is not Asynchronous-Safe |
ERR30-C | CWE-456, Missing Initialization of a Variable |
ERR33-C | CWE-252, Unchecked Return Value |
ERR33-C | CWE-253, Incorrect Check of Function Return Value |
ERR33-C | CWE-391, Unchecked Error Condition |
ERR34-C | CWE-676, Use of potentially dangerous function |
ERR34-C | CWE-758 |
CON31-C | CWE-667, Improper Locking |
CON33-C | CWE-330 |
CON33-C | CWE-377 |
CON33-C | CWE-676 |
CON40-C | CWE-366, Race Condition within a Thread |
CON43-C | CWE-366, Race condition within a thread |
MSC30-C | CWE-327, Use of a Broken or Risky Cryptographic Algorithm |
MSC30-C | CWE-330, Use of Insufficiently Random Values |
MSC30-C | CWE-338, Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) |
MSC30-C | CWE-676 |
MSC32-C | CWE-327, Use of a Broken or Risky Cryptographic Algorithm |
MSC32-C | CWE-330, Use of Insufficiently Random Values |
MSC32-C | CWE-331, Insufficient Entropy |
MSC37-C | CWE-758 |
POS30-C | CWE-170, Improper null termination |
POS35-C | CWE-363, Race condition enabling link following |
POS36-C | CWE-696, Incorrect behavior order |
POS37-C | CWE-273, Failure to check whether privileges were dropped successfully |
POS48-C | CWE-667, Insufficient locking |
POS52-C | CWE-557 |
POS54-C | CWE-252, Unchecked return value |
POS54-C | CWE-253, Incorrect check of function return value |
POS54-C | CWE-391, Unchecked error condition |
API00-C | CWE-20, Insufficient input validation |
API04-C | CWE-754, Improper check for unusual or exceptional conditions |
ARR00-C | CWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer |
ARR00-C | CWE-123, Write-what-where Condition |
ARR00-C | CWE-125, Out-of-bounds Read |
ARR00-C | CWE-129, Unchecked array indexing |
ARR01-C | CWE-467, Use of sizeof() on a pointer type |
ARR02-C | CWE-665, Incorrect or incomplete initialization | CON06-C | CWE-667, Improper Locking