...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT CSEI CERT C++ Coding Standard | INT11-CPP. Take care when converting from pointer to integer or integer to pointer | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TR 24772:2013 | Pointer Casting and Pointer Type Changes [HFC] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TS 17961:2013 | Converting a pointer to integer or integer to pointer [intptrconv] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| CWE 2.11MITRE CWE | CWE-466587, Return Assignment of Pointer Value Outside of Expected Range CWE-587, Assignment of a Fixed Address to a Pointera Fixed Address to a Pointer | 2017-07-07: CERT: Partial overlap |
| CWE 2.11 | CWE-704 | 2017-06-14: CERT: Rule subset of CWE |
| CWE 2.11 | CWE-758 | 2017-07-07: CERT: Rule subset of CWE |
CERT-CWE Mapping Notes
Key here for mapping notes
CWE-758 and INT36-C
Independent( INT34-C, INT36-C, MEM30-C, MSC37-C, FLP32-C, EXP33-C, EXP30-C, ERR34-C, ARR32-C)
CWE-758 = Union( INT36-C, list) where list =
- Undefined behavior that results from anything other than integer <-> pointer conversion
CWE-704 and INT36-C
CWE-704 = Union( INT36-C, list) where list =
- Incorrect (?) typecast that is not between integers and pointers
CWE-587 and INT36-C
Intersection( CWE-587, INT36-C) =
- Setting a pointer to an integer value that is ill-defined (trap representation, improperly aligned, mis-typed, etc)
CWE-587 – INT36-C =
- Setting a pointer to a valid integer value (eg points to an object of the correct t ype)
INT36-C – Cwe-587 =
- Illegal pointer-to-integer conversion
Bibliography
| [ISO/IEC 9899:2011] | 6.3.2.3, "Pointers" |
...