Weaknesses Addressed by the CERT C Secure Coding Standard
View ID: 734 (View: Graph)Status: Incomplete
+ View Data

View Objective

CWE entries in this view (graph) are fully or partially eliminated by following the CERT C Secure Coding Standard. Since not all rules map to specific weaknesses, this view is incomplete.

+ View Metrics
CWEs in this viewTotal CWEs
Total103out of810
Views0out of23
Categories15out of110
Weaknesses87out of668
Compound_Elements1out of9
+ View Audience
StakeholderDescription
Developers

By following the CERT C Secure Coding Standard, developers will be able to fully or partially prevent the weaknesses that are identified in this view. In addition, developers can use a CWE coverage graph to determine which weaknesses are not directly addressed by the standard, which will help identify and resolve remaining gaps in training, tool acquisition, or other approaches for reducing weaknesses.

Software Customers

If a software developer claims to be following the CERT C Secure Coding standard, then customers can search for the weaknesses in this view in order to formulate independent evidence of that claim.

Educators

Educators can use this view in multiple ways. For example, if there is a focus on teaching weaknesses, the educator could link them to the relevant Secure Coding Standard.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberCategoryCategory735CERT C Secure Coding Section 01 - Preprocessor (PRE)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory736CERT C Secure Coding Section 02 - Declarations and Initialization (DCL)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory737CERT C Secure Coding Section 03 - Expressions (EXP)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory738CERT C Secure Coding Section 04 - Integers (INT)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory739CERT C Secure Coding Section 05 - Floating Point (FLP)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory740CERT C Secure Coding Section 06 - Arrays (ARR)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory741CERT C Secure Coding Section 07 - Characters and Strings (STR)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory742CERT C Secure Coding Section 08 - Memory Management (MEM)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory743CERT C Secure Coding Section 09 - Input Output (FIO)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory744CERT C Secure Coding Section 10 - Environment (ENV)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory745CERT C Secure Coding Section 11 - Signals (SIG)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory746CERT C Secure Coding Section 12 - Error Handling (ERR)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory747CERT C Secure Coding Section 49 - Miscellaneous (MSC)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
HasMemberCategoryCategory748CERT C Secure Coding Section 50 - POSIX (POS)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
+ Relationship Notes

The relationships in this view were determined based on specific statements within the rules from the standard. Not all rules have direct relationships to individual weaknesses, although they likely have chaining relationships in specific circumstances.

+ References
"The CERT C Secure Coding Standard". Addison-Wesley Professional. 2008-10-14.
"The CERT C Secure Coding Standard". <https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-11-24Internal CWE Team
Back to top