MITRE CWE 2.11
This page was automatically generated and should not be edited.
The information on this page was provided by outside contributors and has not been verified by SEI CERT.
| CERT Rule | Related Guidelines |
| EXP30-C | CWE-758 |
| EXP33-C | CWE-456 |
| EXP33-C | CWE-457 |
| EXP33-C | CWE-758 |
| EXP33-C | CWE-908 |
| EXP34-C | CWE-476 , NULL Pointer Dereference |
| EXP37-C | CWE-628 , Function Call with Incorrectly Specified Arguments |
| EXP39-C | CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer |
| EXP39-C | CWE-125 , Out-of-bounds Read |
| EXP39-C | CWE-704 |
| EXP45-C | CWE-480 , Use of Incorrect Operator |
| EXP45-C | CWE-481 |
| EXP46-C | CWE-480 , Use of incorrect operator |
| EXP46-C | CWE-569 |
| INT30-C | CWE-190 , Integer Overflow or Wraparound |
| INT30-C | CWE-131 |
| INT30-C | CWE-191 |
| INT30-C | CWE-680 |
| INT31-C | CWE-192 , Integer Coercion Error |
| INT31-C | CWE-197 , Numeric Truncation Error |
| INT31-C | CWE-681 , Incorrect Conversion between Numeric Types |
| INT31-C | CWE-704 |
| INT32-C | CWE-190 , Integer Overflow or Wraparound |
| INT32-C | CWE-191 |
| INT32-C | CWE-680 |
| INT33-C | CWE-369 , Divide By Zero |
| INT34-C | CWE-682 |
| INT34-C | CWE-758 |
| INT35-C | CWE-681 , Incorrect Conversion between Numeric Types |
| INT36-C | CWE-587 , Assignment of a Fixed Address to a Pointer |
| INT36-C | CWE-704 |
| INT36-C | CWE-758 |
| FLP32-C | CWE-682 , Incorrect Calculation |
| FLP34-C | CWE-681 , Incorrect Conversion between Numeric Types |
| FLP34-C | CWE-197 |
| ARR30-C | CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer |
| ARR30-C | CWE-123 , Write-what-where Condition |
| ARR30-C | CWE-125 , Out-of-bounds Read |
| ARR32-C | CWE-758 |
| ARR36-C | CWE-469 , Use of Pointer Subtraction to Determine Size |
| ARR38-C | CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer |
| ARR38-C | CWE-121 , Stack-based Buffer Overflow |
| ARR38-C | CWE-123 , Write-what-where Condition |
| ARR38-C | CWE-125 , Out-of-bounds Read |
| ARR38-C | CWE-805 , Buffer Access with Incorrect Length Value |
| ARR39-C | CWE-468 , Incorrect Pointer Scaling |
| STR31-C | CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer |
| STR31-C | CWE-120 , Buffer Copy without Checking Size of Input ("Classic Buffer Overflow") |
| STR31-C | CWE-123 , Write-what-where Condition |
| STR31-C | CWE-125 , Out-of-bounds Read |
| STR31-C | CWE-676 , Off-by-one Error |
| STR32-C | CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer |
| STR32-C | CWE-123 , Write-what-where Condition |
| STR32-C | CWE-125 , Out-of-bounds Read |
| STR32-C | CWE-170 , Improper Null Termination |
| STR37-C | CWE-704 , Incorrect Type Conversion or Cast |
| MEM30-C | CWE-416 , Use After Free |
| MEM30-C | CWE-672 |
| MEM31-C | CWE-401 , Improper Release of Memory Before Removing Last Reference ("Memory Leak") |
| MEM31-C | CWE-404 |
| MEM31-C | CWE-459 |
| MEM31-C | CWE-771 |
| MEM31-C | CWE-772 |
| MEM34-C | CWE-590 , Free of Memory Not on the Heap |
| MEM35-C | CWE-131 , Incorrect Calculation of Buffer Size |
| MEM35-C | CWE-680 |
| MEM35-C | CWE-789 |
| FIO30-C | CWE-134 , Uncontrolled Format String |
| FIO30-C | CWE-20 , Improper Input Validation |
| FIO34-C | CWE-197 |
| FIO37-C | CWE-241 , Improper Handling of Unexpected Data Type |
| FIO39-C | CWE-664 |
| FIO42-C | CWE-404 , Improper Resource Shutdown or Release |
| FIO42-C | CWE-459 |
| FIO42-C | CWE-772 |
| FIO42-C | CWE-773 |
| FIO42-C | CWE-775 |
| FIO42-C | CWE-403 |
| FIO47-C | CWE-686 , Function Call with Incorrect Argument Type |
| FIO47-C | CWE-685 |
| ENV32-C | CWE-705 , Incorrect Control Flow Scoping |
| ENV33-C | CWE-88 , Argument Injection or Modification |
| ENV33-C | CWE-676 |
| SIG30-C | CWE-479 , Signal Handler Use of a Non-reentrant Function |
| SIG31-C | CWE-662 , Improper Synchronization |
| SIG31-C | CWE-828 , Signal Handler with Functionality that is not Asynchronous-Safe |
| ERR30-C | CWE-456 , Missing Initialization of a Variable |
| ERR33-C | CWE-252 , Unchecked Return Value |
| ERR33-C | CWE-253 , Incorrect Check of Function Return Value |
| ERR33-C | CWE-391 , Unchecked Error Condition |
| ERR34-C | CWE-676 , Use of potentially dangerous function |
| ERR34-C | CWE-758 |
| CON31-C | CWE-667 , Improper Locking |
| CON33-C | CWE-330 |
| CON33-C | CWE-377 |
| CON33-C | CWE-676 |
| CON40-C | CWE-366 , Race Condition within a Thread |
| CON43-C | CWE-366 , Race condition within a thread |
| MSC30-C | CWE-327 , Use of a Broken or Risky Cryptographic Algorithm |
| MSC30-C | CWE-330 , Use of Insufficiently Random Values |
| MSC30-C | CWE-338 , Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) |
| MSC30-C | CWE-676 |
| MSC32-C | CWE-327 , Use of a Broken or Risky Cryptographic Algorithm |
| MSC32-C | CWE-330 , Use of Insufficiently Random Values |
| MSC32-C | CWE-331 , Insufficient Entropy |
| MSC37-C | CWE-758 |
| POS30-C | CWE-170 , Improper null termination |
| POS35-C | CWE-363 , Race condition enabling link following |
| POS36-C | CWE-696 , Incorrect behavior order |
| POS37-C | CWE-273 , Failure to check whether privileges were dropped successfully |
| POS48-C | CWE-667 , Insufficient locking |
| POS52-C | CWE-557 |
| POS54-C | CWE-252 , Unchecked return value |
| POS54-C | CWE-253 , Incorrect check of function return value |
| POS54-C | CWE-391 , Unchecked error condition |
| API00-C | CWE-20 , Insufficient input validation |
| API04-C | CWE-754 , Improper check for unusual or exceptional conditions |
| ARR00-C | CWE-119 , Improper Restriction of Operations within the Bounds of a Memory Buffer |
| ARR00-C | CWE-123 , Write-what-where Condition |
| ARR00-C | CWE-125 , Out-of-bounds Read |
| ARR00-C | CWE-129 , Unchecked array indexing |
| ARR01-C | CWE-467 , Use of sizeof() on a pointer type |
| ARR02-C | CWE-665 , Incorrect or incomplete initialization |
| CON06-C | CWE-667 , Improper Locking |