Category: SFP Secondary Cluster: Faulty Pointer Use
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Faulty Pointer Use cluster (SFP7).
Membership
| ID | Name | Description |
|---|---|---|
| CWE-469 | Use of Pointer Subtraction to Determine Size | The product subtracts one pointer from another in order to determine size, but this calculation can be incorrect if the pointers do not exist in the same memory chunk. |
| CWE-476 | NULL Pointer Dereference | The product dereferences a pointer that it expects to be valid but is NULL. |
| CWE-588 | Attempt to Access Child of a Non-structure Pointer | Casting a non-structure type to a structure type and accessing a field can lead to memory access errors or data corruption. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.