CERT C Secure Coding Standard (2008) Appendix - POSIX (POS)
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to the rules and recommendations in the POSIX (POS) appendix of the CERT C Secure Coding Standard (2008).
The software calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may lead to resultant weaknesses.
The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an un...
The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
The software does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.
The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.
The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
The software checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the acc...
If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution...
A function returns the address of a stack variable, which will cause unintended program behavior, typically in the form of a crash.
The program calls a function that can never be guaranteed to work safely.
Deprecated or Obsolete
CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the book "The CERT C Secure Coding Standard" published in 200...