Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:CERT C++ Secure Coding Section 08 - Memory Management (MEM)
Category ID:876
Vulnerability Mapping:Prohibited
Status:Incomplete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to rules in the Memory Management (MEM) section of the CERT C++ Secure Coding Standard. Since not all rules map to specific weaknesses, this category may be incomplete.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV868Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)
HasMemberDiscouragedC119Improper Restriction of Operations within the Bounds of a Memory Buffer
HasMemberAllowedB128Wrap-around Error
HasMemberAllowedB131Incorrect Calculation of Buffer Size
HasMemberAllowedB190Integer Overflow or Wraparound
HasMemberDiscouragedC20Improper Input Validation
HasMemberAllowedB226Sensitive Information in Resource Not Removed Before Reuse
HasMemberAllowedV244Improper Clearing of Heap Memory Before Release ('Heap Inspection')
HasMemberAllowedB252Unchecked Return Value
HasMemberProhibitedB391Unchecked Error Condition
HasMemberAllowed-with-ReviewC404Improper Resource Shutdown or Release
HasMemberAllowedV415Double Free
HasMemberAllowedV416Use After Free
HasMemberAllowedV528Exposure of Core Dump File to an Unauthorized Control Sphere
HasMemberAllowedB476NULL Pointer Dereference
HasMemberAllowedV590Free of Memory not on the Heap
HasMemberAllowedV591Sensitive Data Storage in Improperly Locked Memory
HasMemberDiscouragedC665Improper Initialization
HasMemberAllowedV687Function Call With Incorrectly Specified Argument Value
HasMemberDiscouragedC690Unchecked Return Value to NULL Pointer Dereference
HasMemberDiscouragedP703Improper Check or Handling of Exceptional Conditions
HasMemberAllowedB822Untrusted Pointer Dereference
HasMemberAllowed-with-ReviewC754Improper Check for Unusual or Exceptional Conditions
HasMemberAllowedV762Mismatched Memory Management Routines
HasMemberAllowedB770Allocation of Resources Without Limits or Throttling
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 868
Name: Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 119
Name: Improper Restriction of Operations within the Bounds of a Memory Buffer
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 128
Name: Wrap-around Error
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 131
Name: Incorrect Calculation of Buffer Size
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 190
Name: Integer Overflow or Wraparound
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 20
Name: Improper Input Validation
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 226
Name: Sensitive Information in Resource Not Removed Before Reuse
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 244
Name: Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 252
Name: Unchecked Return Value
Nature: HasMember
Mapping: Prohibited
Type: Base
ID: 391
Name: Unchecked Error Condition
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 404
Name: Improper Resource Shutdown or Release
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 415
Name: Double Free
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 416
Name: Use After Free
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 528
Name: Exposure of Core Dump File to an Unauthorized Control Sphere
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 476
Name: NULL Pointer Dereference
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 590
Name: Free of Memory not on the Heap
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 591
Name: Sensitive Data Storage in Improperly Locked Memory
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 665
Name: Improper Initialization
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 687
Name: Function Call With Incorrectly Specified Argument Value
Nature: HasMember
Mapping: Discouraged
Type: Compound
ID: 690
Name: Unchecked Return Value to NULL Pointer Dereference
Nature: HasMember
Mapping: Discouraged
Type: Pillar
ID: 703
Name: Improper Check or Handling of Exceptional Conditions
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 822
Name: Untrusted Pointer Dereference
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 754
Name: Improper Check for Unusual or Exceptional Conditions
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 762
Name: Mismatched Memory Management Routines
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 770
Name: Allocation of Resources Without Limits or Throttling
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.

Comments:

See member weaknesses of this category.

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-855
Title: 08. Memory Management (MEM)
Version: v4.15
Author: CERT
Publication:
Publisher:
Edition:
URL:https://www.securecoding.cert.org/confluence/display/cplusplus/08.+Memory+Management+%28MEM%29
URL Date:
Day:N/A
Month:N/A
Year:N/A
Details not found