CERT C++ Secure Coding Section 03 - Expressions (EXP)

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to rules in the Expressions (EXP) section of the CERT C++ Secure Coding Standard. Since not all rules map to specific weaknesses, this category may be incomplete.

Weaknesses

Incorrect Short Circuit Evaluation

The software contains a conditional statement with multiple logical expressions in which one of the non-leading expressions may produce side effects. This may lead to ...

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Use of Incorrect Operator

The programmer accidentally uses the wrong operator, which changes the application logic in security-relevant ways.

Concepts

Deprecated or Obsolete

Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)

CWE entries in this view (graph) are fully or partially eliminated by following the SEI CERT C++ Coding Standard, as published in 2016.

See Also

  1. 03. Expressions (EXP)

    CERT


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.