CERT C Secure Coding Standard (2008) Chapter 4 - Expressions (EXP)
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Summary
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to the rules and recommendations in the Expressions (EXP) chapter of the CERT C Secure Coding Standard (2008).
Weaknesses
The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses.
In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled.
The product does not correctly convert an object, resource, or structure from one type to a different type.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
The product uses an expression in which operator precedence causes incorrect logic to be used.
The code calls sizeof() on a malloced pointer type, which always returns the wordsize/8. This can produce an unexpected result if the programmer intended to determine ...
Concepts
Deprecated or Obsolete
CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the book "The CERT C Secure Coding Standard" published in 200...
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.