Category: CERT C Secure Coding Standard (2008) Chapter 4 - Expressions (EXP)
Obsolete
Summary
Weaknesses in this category are related to the rules and recommendations in the Expressions (EXP) chapter of the CERT C Secure Coding Standard (2008).
Membership
| ID | Name | Description |
|---|---|---|
| CWE-467 | Use of sizeof() on a Pointer Type | The code calls sizeof() on a pointer type, which can be an incorrect calculation if the programmer intended to determine the size of the data that is being pointed to. |
| CWE-468 | Incorrect Pointer Scaling | In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled. |
| CWE-476 | NULL Pointer Dereference | The product dereferences a pointer that it expects to be valid but is NULL. |
| CWE-628 | Function Call with Incorrectly Specified Arguments | The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses. |
| CWE-704 | Incorrect Type Conversion or Cast | The product does not correctly convert an object, resource, or structure from one type to a different type. |
| CWE-783 | Operator Precedence Logic Error | The product uses an expression in which operator precedence causes incorrect logic to be used. |
| CWE-734 | Weaknesses Addressed by the CERT C Secure Coding Standard (2008) | CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the book "The CERT C Secure Coding Standard" published in 2008. This view is considered obsolete, as a newer version of the coding standard is available. This view statically represents the coding rules as they were in 2008. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.