CWE Coding Standard Coverage Using Polyspace

Common Weakness Enumeration (CWE™) is a dictionary of common software weakness types that can occur in software architecture, design, code, or implementation. These weaknesses can lead to security vulnerabilities.

After you run an analysis, use the CWE categories to group and organize the CWE violations in your code by type of issue. See CWE Categories and Polyspace Results.

If you enable all the CWE rules that Polyspace^® supports for your analysis, Polyspace does not report all instances of violations in your code for some rules which are only partially supported. To run an analysis with only rules that Polyspace covers exactly, use the option -cwe all-exact-checkers. For a list of rules which Polyspace covers exactly, see List of CWE Rules Enabled with Option all-exact-checkers.

CWE Categories and Polyspace Results

This table lists CWE categories that you can map to Polyspace defect checkers and Polyspace CWE coding rule checkers. CWE categories are groupings of weaknesses that relate to a common issue, for instance "Improper Error Handling". While the categories are not weaknesses themselves, you can use the categories to organize your CWE results around related weaknesses.

CWE ID	CWE ID Description	Defect or CWE Coding Rule Checker
189	Numeric Errors	`CWE Rule 128` `CWE Rule 191` `CWE Rule 839` `CWE Rule 1335`
227	Improper fulfillment of API contract	`CWE Rule 242` `CWE Rule 243` `CWE Rule 244` `CWE Rule 248` `CWE Rule 558`
251	Often misused: string management	`Destination buffer overflow in string manipulation`
310	Cryptographic issues	`Constant block cipher initialization vector` `Constant cipher key` `Context initialized incorrectly for cryptographic operation` `Context initialized incorrectly for digest operation` `Incompatible padding for RSA algorithm operation` `Incorrect key for cryptographic algorithm` `Missing blinding for RSA algorithm` `Missing block cipher initialization vector` `Missing certification authority list` `Missing cipher algorithm` `Missing cipher key` `Missing data for encryption, decryption or signing operation` `Missing padding for RSA algorithm` `Missing parameters for key generation` `Missing peer key` `Missing private key` `Missing public key` `Missing X.509 certificate` `Nonsecure hash algorithm` `Nonsecure parameters for key generation` `Nonsecure RSA public exponent` `Nonsecure SSL/TLS protocol` `Predictable block cipher initialization vector` `Predictable cipher key` `Weak cipher algorithm` `Weak cipher mode` `Weak padding for RSA algorithm`
320	Key management errors	`Constant cipher key` `Missing cipher key` `Missing peer key` `Missing private key` `Missing public key`
387	Signal errors	`CWE Rule 364` `Return from computational exception signal handler` `Signal call from within signal handler`
398	Indicator of poor code quality	`CWE Rule 401` `CWE Rule 415` `CWE Rule 416` `CWE Rule 457` `CWE Rule 474` `CWE Rule 476`
465	Pointer Issues	`CWE Rule 466` `CWE Rule 468` `CWE Rule 469` `CWE Rule 476` `CWE Rule 587`
872	CERT C++ Secure Coding Section 04 - Integers (INT)	`CWE Rule 129` `CWE Rule 192` `CWE Rule 197` `CWE Rule 466` `CWE Rule 587` `CWE Rule 676`
873	CERT C++ Secure Coding Section 05 - Floating point arithmetic (FLP)	`Absorption of float operand` `CWE Rule 369` `Float overflow` `Floating point comparison with equality operators` `Invalid use of standard library floating point routine`
896	SFP Primary Cluster: Tainted Input	`CWE Rule 130` `CWE Rule 134`

List of CWE Rules Enabled with Option `all-exact-checkers`

This table lists the rules that you enable when you use the option Check CWE (-cwe) all-exact-checkers.

CWE ID	Description
`CWE Rule 14`	Compiler Removal of Code to Clear Buffers
`CWE Rule 119`	Improper Restriction of Operations within the Bounds of a Memory Buffer
`CWE Rule 120`	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
`CWE Rule 121`	Stack-based Buffer Overflow
`CWE Rule 122`	Heap-based Buffer Overflow
`CWE Rule 123`	Write-what-where Condition
`CWE Rule 124`	Buffer Underwrite ('Buffer Underflow')
`CWE Rule 125`	Out-of-bounds Read
`CWE Rule 126`	Buffer Over-read
`CWE Rule 127`	Buffer Under-read
`CWE Rule 128`	Wrap-around Error
`CWE Rule 129`	Improper Validation of Array Index
`CWE Rule 130`	Improper Handling of Length Parameter Inconsistency
`CWE Rule 131`	Incorrect Calculation of Buffer Size
`CWE Rule 134`	Use of Externally-Controlled Format String
`CWE Rule 135`	Incorrect Calculation of Multi-Byte String Length
`CWE Rule 170`	Improper Null Termination
`CWE Rule 188`	Reliance on Data/Memory Layout
`CWE Rule 191`	Integer Underflow (Wrap or Wraparound)
`CWE Rule 192`	Integer Coercion Error
`CWE Rule 194`	Unexpected Sign Extension
`CWE Rule 195`	Signed to Unsigned Conversion Error
`CWE Rule 196`	Unsigned to Signed Conversion Error
`CWE Rule 197`	Numeric Truncation Error
`CWE Rule 242`	Use of Inherently Dangerous Function
`CWE Rule 243`	Creation of chroot Jail Without Changing Working Directory
`CWE Rule 244`	Improper Clearing of Heap Memory Before Release ('Heap Inspection')
`CWE Rule 248`	Uncaught Exception
`CWE Rule 252`	Unchecked Return Value
`CWE Rule 253`	Incorrect Check of Function Return Value
`CWE Rule 311`	Missing Encryption of Sensitive Data
`CWE Rule 312`	Cleartext Storage of Sensitive Information
`CWE Rule 319`	Cleartext Transmission of Sensitive Information
`CWE Rule 321`	Use of Hard-coded Cryptographic Key
`CWE Rule 335`	Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
`CWE Rule 338`	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
`CWE Rule 353`	Missing Support for Integrity Check
`CWE Rule 362`	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
`CWE Rule 364`	Signal Handler Race Condition
`CWE Rule 366`	Race Condition within a Thread
`CWE Rule 369`	Divide By Zero
`CWE Rule 374`	Passing Mutable Objects to an Untrusted Method
`CWE Rule 375`	Returning a Mutable Object to an Untrusted Caller
`CWE Rule 396`	Declaration of Catch for Generic Exception
`CWE Rule 397`	Declaration of Throws for Generic Exception
`CWE Rule 401`	Missing Release of Memory after Effective Lifetime
`CWE Rule 413`	Improper Resource Locking
`CWE Rule 415`	Double Free
`CWE Rule 416`	Use After Free
`CWE Rule 457`	Use of Uninitialized Variable
`CWE Rule 460`	Improper Cleanup on Thrown Exception
`CWE Rule 463`	Deletion of Data Structure Sentinel
`CWE Rule 466`	Return of Pointer Value Outside of Expected Range
`CWE Rule 467`	Use of sizeof() on a Pointer Type
`CWE Rule 468`	Incorrect Pointer Scaling
`CWE Rule 469`	Use of Pointer Subtraction to Determine Size
`CWE Rule 474`	Use of Function with Inconsistent Implementations
`CWE Rule 476`	NULL Pointer Dereference
`CWE Rule 477`	Use of Obsolete Function
`CWE Rule 478`	Missing Default Case in Multiple Condition Expression
`CWE Rule 479`	Signal Handler Use of a Non-reentrant Function
`CWE Rule 480`	Use of Incorrect Operator
`CWE Rule 481`	Assigning instead of Comparing
`CWE Rule 482`	Comparing instead of Assigning
`CWE Rule 483`	Incorrect Block Delimitation
`CWE Rule 484`	Omitted Break Statement in Switch
`CWE Rule 489`	Active Debug Code
`CWE Rule 493`	Critical Public Variable Without Final Modifier
`CWE Rule 495`	Private Data Structure Returned From A Public Method
`CWE Rule 496`	Public Data Assigned to Private Array-Typed Field
`CWE Rule 498`	Cloneable class containing sensitive information
`CWE Rule 500`	Public Static Field Not Marked Final
`CWE Rule 522`	Insufficiently Protected Credentials
`CWE Rule 543`	Use of Singleton Pattern Without Synchronization in a Multithreaded Context
`CWE Rule 547`	Use of Hard-coded, Security-relevant Constants
`CWE Rule 558`	Use of getlogin() in Multithreaded Application
`CWE Rule 560`	Use of umask() with chmod-style Argument
`CWE Rule 561`	Dead Code
`CWE Rule 562`	Return of Stack Variable Address
`CWE Rule 563`	Assignment to Variable without Use
`CWE Rule 570`	Expression is Always False
`CWE Rule 571`	Expression is Always True
`CWE Rule 587`	Assignment of a Fixed Address to a Pointer
`CWE Rule 606`	Unchecked Input for Loop Condition
`CWE Rule 617`	Reachable Assertion
`CWE Rule 674`	Uncontrolled Recursion
`CWE Rule 676`	Use of Potentially Dangerous Function
`CWE Rule 683`	Function Call With Incorrect Order of Arguments
`CWE Rule 685`	Function Call With Incorrect Number of Arguments
`CWE Rule 686`	Function Call With Incorrect Argument Type
`CWE Rule 687`	Function Call With Incorrectly Specified Argument Value
`CWE Rule 688`	Function Call With Incorrect Variable or Reference as Argument
`CWE Rule 690`	Unchecked Return Value to NULL Pointer Dereference
`CWE Rule 704`	Incorrect Type Conversion or Cast
`CWE Rule 733`	Compiler Optimization Removal or Modification of Security-critical Code
`CWE Rule 762`	Mismatched Memory Management Routines
`CWE Rule 763`	Release of Invalid Pointer or Reference
`CWE Rule 766`	Critical Data Element Declared Public
`CWE Rule 767`	Access to Critical Private Variable via Public Method
`CWE Rule 783`	Operator Precedence Logic Error
`CWE Rule 785`	Use of Path Manipulation Function without Maximum-sized Buffer
`CWE Rule 787`	Out-of-bounds Write
`CWE Rule 789`	Memory Allocation with Excessive Size Value
`CWE Rule 798`	Use of Hard-coded Credentials
`CWE Rule 805`	Buffer Access with Incorrect Length Value
`CWE Rule 806`	Buffer Access Using Size of Source Buffer
`CWE Rule 822`	Untrusted Pointer Dereference
`CWE Rule 824`	Access of Uninitialized Pointer
`CWE Rule 825`	Expired Pointer Dereference
`CWE Rule 839`	Numeric Range Comparison Without Minimum Check
`CWE Rule 843`	Access of Resource Using Incompatible Type ('Type Confusion')
`CWE Rule 910`	Use of Expired File Descriptor
`CWE Rule 922`	Insecure Storage of Sensitive Information
`CWE Rule 1071`	Empty code block
`CWE Rule 1335`	Incorrect Bitwise Shift of Integer
`CWE Rule 1341`	Multiple Releases of Same Resource or Handle