| MisraC2025 |
MisraC2025:1.3 |
There shall be no occurrence of undefined or critical unspecified behaviour |
|---|
| |
MisraC2025:18.1 |
A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand |
| |
MisraC2025:18.2 |
Subtraction between pointers shall only be applied to pointers that address elements of the same array |
| |
MisraC2025:21.17 |
Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters |
| |
MisraC2025:D.4.1 |
Run-time failures shall be minimized |
| MisraC2023 |
MisraC2023:1.3 |
There shall be no occurrence of undefined or critical unspecified behaviour |
|---|
| |
MisraC2023:18.1 |
A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand |
| |
MisraC2023:18.2 |
Subtraction between pointers shall only be applied to pointers that address elements of the same array |
| |
MisraC2023:21.17 |
Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters |
| |
MisraC2023:D.4.1 |
Run-time failures shall be minimized |
| Misra2012 |
Misra2012:1.3 |
There shall be no occurrence of undefined or critical unspecified behaviour |
|---|
| |
Misra2012:18.1 |
A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand |
| |
Misra2012:18.2 |
Subtraction between pointers shall only be applied to pointers that address elements of the same array |
| |
Misra2012:21.17 |
Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters |
| |
Misra2012:D.4.1 |
Run-time failures shall be minimized |
| Misra2004 |
Misra2004:17.1 |
Pointer arithmetic shall only be applied to pointers that address an array or array element |
|---|
| |
Misra2004:17.2 |
Pointer subtraction shall only be applied to pointers that address elements of the same array |
| AUTOSARC++14 |
AUTOSARC++14:M5-0-16 |
A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array. |
|---|
| |
AUTOSARC++14:A5-2-5 |
An array or container shall not be accessed beyond its range. |
| |
AUTOSARC++14:A27-0-2 |
A C-style string shall guarantee sufficient space for data and the null terminator. |
| MisraC++2008 |
MisraC++2008:5-0-16 |
A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array. |
|---|
| MisraC++2023 |
MisraC++2023:0.3.2 |
A function call shall not violate the function's preconditions |
|---|
| |
MisraC++2023:4.1.3 |
There shall be no occurrence of undefined or critical unspecified behaviour |
| |
MisraC++2023:8.7.1 |
Pointer arithmetic shall not form an invalid pointer |
| CWE |
CWE:120 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
|---|
| |
CWE:788 |
Access of Memory Location After End of Buffer |
| TS17961 |
TS17961:5.45-taintsink |
Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink |
|---|
| CERT-C |
CERT-C:ARR30-C |
Do not form or use out-of-bounds pointers or array subscripts |
|---|
| |
CERT-C:ARR37-C |
Do not add or subtract an integer to a pointer to a non-array object |
| |
CERT-C:ARR38-C |
Guarantee that library functions do not form invalid pointers |
| |
CERT-C:ARR39-C |
Do not add or subtract a scaled integer to a pointer |
| |
CERT-C:ENV01-C |
Do not make assumptions about the size of an environment variable |
| |
CERT-C:EXP08-C |
Ensure pointer arithmetic is used correctly |
| |
CERT-C:MEM35-C |
Allocate sufficient memory for an object |
| |
CERT-C:POS30-C |
Use the readlink() function properly |
| |
CERT-C:STR31-C |
Guarantee that storage for strings has sufficient space for character data and the null terminator |
| |
CERT-C:STR38-C |
Do not confuse narrow and wide character strings and functions |
| CERT-CPP |
CERT-CPP:CTR50-CPP |
Guarantee that container indices and iterators are within the valid range |
|---|
| |
CERT-CPP:CTR52-CPP |
Guarantee that library functions do not overflow |
| |
CERT-CPP:CTR53-CPP |
Use valid iterator ranges |
| |
CERT-CPP:MEM54-CPP |
Provide placement new with properly aligned pointers to sufficient storage capacity |
| |
CERT-CPP:STR50-CPP |
Guarantee that storage for strings has sufficient space for character data and the null terminator |
| JSF++ |
JSF++:211 |
Algorithms shall not assume that shorts, ints, longs, floats, doubles or long doubles begin at particular addresses. |
|---|
| DISA-6r1 |
DISA-6r1:V-222612 |
The application must not be vulnerable to overflow attacks. |
|---|
| DISA-5r3 |
DISA-5r3:V-70277 |
The application must not be vulnerable to overflow attacks. |
|---|
| DISA-4r3 |
DISA-4r3:V-70277 |
The application must not be vulnerable to overflow attacks. |
|---|
| DISA-3r10 |
DISA-3r10:V-6165 |
The designer will ensure the application does not have buffer overflows, use functions known to be vulnerable to buffer overflows, and does not use signed values for memory allocation where permitted by the programming language. |
|---|
| OWASP-2017 |
OWASP-2017:A8 |
Insecure deserialization |
|---|
| OWASP-2021 |
OWASP-2021:A8 |
Software and data integrity failures |
|---|
English (en)