CERT C Secure Coding Standard (2008) Appendix - POSIX (POS)

The product calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may lead to resultant weaknesses.

The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an uni...

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.

The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

The product checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the acce...

If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution...

A function returns the address of a stack variable, which will cause unintended program behavior, typically in the form of a crash.

The product calls a function that can never be guaranteed to work safely.

CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the book "The CERT C Secure Coding Standard" published in 200...