CERT C Secure Coding Section 07 - Characters and Strings (STR)
Category ID: 741 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to rules in the characters and strings section of the CERT C Secure Coding Standard. Since not all rules map to specific weaknesses, this category may be incomplete.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness BaseWeakness Base78Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection')
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base88Argument Injection or Modification
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness ClassWeakness Class119Failure to Constrain Operations within the Bounds of a Memory Buffer
Weaknesses Addressed by the CERT C Secure Coding Standard734
ParentOfWeakness BaseWeakness Base120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base135Incorrect Calculation of Multi-Byte String Length
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base170Improper Null Termination
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base193Off-by-one Error
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base464Addition of Data Structure Sentinel
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant686Function Call With Incorrect Argument Type
Weaknesses Addressed by the CERT C Secure Coding Standard734
ParentOfWeakness ClassWeakness Class704Incorrect Type Conversion or Cast
Weaknesses Addressed by the CERT C Secure Coding Standard734
MemberOfViewView734Weaknesses Addressed by the CERT C Secure Coding Standard
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-11-24Internal CWE Team