CERT C Secure Coding Section 09 - Input Output (FIO) |
Category ID: 743 (Category) | Status: Incomplete |
Description Summary
Weaknesses in this category are related to rules in the input/output section of the CERT C Secure Coding Standard. Since not all rules map to specific weaknesses, this category may be incomplete.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ParentOf | Weakness Class | 22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 37 | Path Traversal: '/absolute/pathname/here' | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 38 | Path Traversal: '\absolute\pathname\here' | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 39 | Path Traversal: 'C:dirname' | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 41 | Improper Resolution of Path Equivalence | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 59 | Improper Link Resolution Before File Access ('Link Following') | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 62 | UNIX Hard Link | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 64 | Windows Shortcut Following (.LNK) | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 65 | Windows Hard Link | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 67 | Improper Handling of Windows Device Names | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Class | 119 | Failure to Constrain Operations within the Bounds of a Memory Buffer | Weaknesses Addressed by the CERT C Secure Coding Standard734 |
ParentOf | Weakness Base | 134 | Uncontrolled Format String | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 241 | Improper Handling of Unexpected Data Type | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 276 | Incorrect Default Permissions | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Variant | 279 | Incorrect Execution-Assigned Permissions | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Class | 362 | Race Condition | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 367 | Time-of-check Time-of-use (TOCTOU) Race Condition | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 379 | Creation of Temporary File in Directory with Incorrect Permissions | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 391 | Unchecked Error Condition | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 403 | UNIX File Descriptor Leak | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 404 | Improper Resource Shutdown or Release | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 552 | Files or Directories Accessible to External Parties | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Class | 675 | Duplicate Operations on Resource | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ParentOf | Weakness Base | 676 | Use of Potentially Dangerous Function | Weaknesses Addressed by the CERT C Secure Coding Standard734 |
ParentOf | Weakness Variant | 686 | Function Call With Incorrect Argument Type | Weaknesses Addressed by the CERT C Secure Coding Standard734 |
MemberOf | View | 734 | Weaknesses Addressed by the CERT C Secure Coding Standard | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
CERT. "09. Input Output (FIO)". <https://www.securecoding.cert.org/confluence/display/seccode/09.+Input+Output+%28FIO%29>. |