...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT CSEI CERT C++ Coding Standard | EXP50-CPP. Do not depend on the order of evaluation for side effects | Prior to 2018-01-12: CERT: Unspecified Relationship |
| CERT Oracle Secure Coding Standard for Java | EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TR 24772:2013 | Operator Precedence/Order of Evaluation Evaluation [JCW] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TR 24772:2013 | Side-effects and Order of Evaluation [SAM] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| MISRA C:2012 | Rule 12.1 (advisory) | Prior to 2018-01-12: CERT: Unspecified Relationship |
| CWE 2.11 | CWE-758 | 2017-07-07: CERT: Rule subset of CWE |
CERT-CWE Mapping Notes
Key here for mapping notes
CWE-758 and EXP30-C
Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)
CWE-758 = Union( EXP30-C, list) where list =
- Undefined behavior that results from anything other than reading and writing to a variable twice without an intervening sequence point.
Bibliography
| [ISO/IEC 9899:2011] | 6.5, "Expressions" 6.5.2.2, "Function Calls" Annex C, "Sequence Points" |
| [Saks 2007] | |
| [Summit 2005] | Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, and 3.11 |
...