Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:CERT C Secure Coding Standard (2008) Chapter 4 - Expressions (EXP)
Category ID:737
Vulnerability Mapping:Prohibited
Status:Obsolete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to the rules and recommendations in the Expressions (EXP) chapter of the CERT C Secure Coding Standard (2008).

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV734Weaknesses Addressed by the CERT C Secure Coding Standard (2008)
HasMemberAllowedV467Use of sizeof() on a Pointer Type
HasMemberAllowedB468Incorrect Pointer Scaling
HasMemberAllowedB476NULL Pointer Dereference
HasMemberAllowedB628Function Call with Incorrectly Specified Arguments
HasMemberAllowed-with-ReviewC704Incorrect Type Conversion or Cast
HasMemberAllowedB783Operator Precedence Logic Error
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 734
Name: Weaknesses Addressed by the CERT C Secure Coding Standard (2008)
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 467
Name: Use of sizeof() on a Pointer Type
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 468
Name: Incorrect Pointer Scaling
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 476
Name: NULL Pointer Dereference
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 628
Name: Function Call with Incorrectly Specified Arguments
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 704
Name: Incorrect Type Conversion or Cast
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 783
Name: Operator Precedence Logic Error
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.

▼Notes
Relationship

In the 2008 version of the CERT C Secure Coding standard, the following rules were mapped to the following CWE IDs: CWE-467 EXP01-C Do not take the size of a pointer to determine the size of the pointed-to type CWE-468 EXP08-C Ensure pointer arithmetic is used correctly CWE-476 EXP34-C Ensure a null pointer is not dereferenced CWE-628 EXP37-C Call functions with the arguments intended by the API CWE-704 EXP05-C Do not cast away a const qualification CWE-783 EXP00-C Use parentheses for precedence of operation

N/A

▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-597
Title: The CERT C Secure Coding Standard
Version: v4.15
Author: Robert C. Seacord
Publication:
Publisher:Addison-Wesley Professional
Edition:1st Edition
URL:
URL Date:
Day:14
Month:10
Year:2008
Details not found