View-1154: Weaknesses Addressed by the SEI CERT C Coding Standard

admin 2022年1月7日02:23:31CWE(弱点枚举)评论11 views1875字阅读6分15秒阅读模式

View-1154: Weaknesses Addressed by the SEI CERT C Coding Standard

ID: 1154

Type: Graph

Status: Stable

Objective

CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommendations of the SEI CERT C Coding Standard.

Audience

Software Developers

By following the SEI CERT C Coding Standard, developers will be able to fully or partially prevent the weaknesses that are identified in this view. In addition, developers can use a CWE coverage graph to determine which weaknesses are not directly addressed by the standard, which will help identify and resolve remaining gaps in training, tool acquisition, or other approaches for reducing weaknesses.

Software Customers

If a software developer claims to be following the SEI CERT C Coding standard, then customers can search for the weaknesses in this view in order to formulate independent evidence of that claim.

Educators

Educators can use this view in multiple ways. For example, if there is a focus on teaching weaknesses, the educator could link them to the relevant Secure Coding Standard.

Membership

CWE-ID title
CWE-1155 SEI CERT C编码标准-准则01.预处理程序(PRE)
CWE-1156 SEI CERT C编码标准-准则02.声明和初始化(DCL)
CWE-1157 SEI CERT C编码标准-准则03.表达式(EXP)
CWE-1158 SEI CERT C编码标准-准则04.整数(INT)
CWE-1159 SEI CERT C编码标准-准则05.浮点(FLP)
CWE-1160 SEI CERT C编码标准-准则06.数组(ARR)
CWE-1161 SEI CERT C编码标准-准则07.字符和字符串(STR)
CWE-1162 SEI CERT C编码标准-准则08.内存管理(MEM)
CWE-1163 SEI CERT C编码标准-准则09.输入输出(FIO)
CWE-1165 SEI CERT C编码标准-准则10.环境(ENV)
CWE-1166 SEI CERT C编码标准-准则11.信号(SIG)
CWE-1167 SEI CERT C编码标准-准则12.错误处理(ERR)
CWE-1168 SEI CERT C编码标准-准则13.应用程序编程接口(API)
CWE-1169 SEI CERT C编码标准-准则14.并发性(CON)
CWE-1170 SEI CERT C编码标准-准则48.其他(MSC)
CWE-1171 SEI CERT C编码标准-准则50.POSIX(POS)
CWE-1172 SEI CERT C编码标准-准则51. Microsoft Windows(WIN)

Notes

Relationship

The relationships in this view were determined based on specific statements within the rules from the standard. Not all rules have direct relationships to individual weaknesses, although they likely have chaining relationships in specific circumstances.

引用

REF-598 SEI CERT C Coding Standard

文章来源于互联网:scap中文网

特别标注: 本站(CN-SEC.COM)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
  • 我的微信
  • 微信扫一扫
  • weinxin
  • 我的微信公众号
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年1月7日02:23:31
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                  View-1154: Weaknesses Addressed by the SEI CERT C Coding Standard http://cn-sec.com/archives/612747.html

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: