CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.3)  
ID

CWE CATEGORY: SEI CERT C Coding Standard - Guidelines 04. Integers (INT)

Category ID: 1158
Status: Stable
+ Summary
Weaknesses in this category are related to the rules and recommendations in the Integers (INT) section of the SEI CERT C Coding Standard.
+ Membership
NatureTypeIDName
MemberOfViewView - a subset of CWE entries that provides a way of examining CWE content. The two main view structures are Slices (flat lists) and Graphs (containing relationships between entries).1154Weaknesses Addressed by the SEI CERT C Coding Standard
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.131Incorrect Calculation of Buffer Size
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.190Integer Overflow or Wraparound
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.191Integer Underflow (Wrap or Wraparound)
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.192Integer Coercion Error
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.194Unexpected Sign Extension
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.195Signed to Unsigned Conversion Error
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.197Numeric Truncation Error
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.369Divide By Zero
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.587Assignment of a Fixed Address to a Pointer
HasMemberChainChain - a Compound Element that is a sequence of two or more separate weaknesses that can be closely linked together within software. One weakness, X, can directly create the conditions that are necessary to cause another weakness, Y, to enter a vulnerable condition. When this happens, CWE refers to X as "primary" to Y, and Y is "resultant" from X. Chains can involve more than two weaknesses, and in some cases, they might have a tree-like structure.680Integer Overflow to Buffer Overflow
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.681Incorrect Conversion between Numeric Types
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.682Incorrect Calculation
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.704Incorrect Type Conversion or Cast
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.758Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
+ References
[REF-602] The Software Engineering Institute. "SEI CERT C Coding Standard : Rule 04. Integers (INT)". <https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87152052>.
[REF-982] The Software Engineering Institute. "SEI CERT C Coding Standard : Rec. 04. Integers (INT)". <https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87151979>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2018-12-18CWE Content TeamMITRE
More information is available — Please select a different filter.
Page Last Updated: June 20, 2019