Category: SEI CERT C Coding Standard - Guidelines 50. POSIX (POS)
Stable
Summary
Weaknesses in this category are related to the rules and recommendations in the POSIX (POS) section of the SEI CERT C Coding Standard.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-170 | Improper Null Termination | The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator. |
| CWE-242 | Use of Inherently Dangerous Function | The product calls a function that can never be guaranteed to work safely. |
| CWE-252 | Unchecked Return Value | The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions. |
| CWE-253 | Incorrect Check of Function Return Value | The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions. |
| CWE-273 | Improper Check for Dropped Privileges | The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded. |
| CWE-363 | Race Condition Enabling Link Following | The product checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the access is performed, causing the product to access the wrong file. |
| CWE-391 | Unchecked Error Condition | [PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed. |
| CWE-667 | Improper Locking | The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors. |
| CWE-696 | Incorrect Behavior Order | The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses. |
| CWE-1154 | Weaknesses Addressed by the SEI CERT C Coding Standard | CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommendations of the SEI CERT C Coding Standard. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.