Common Weakness Enumeration (CWE)
List and description of CWE security standard rules supported by Polyspace®
Common Weakness Enumeration (CWE™) is a list of software weakness types that can occur in software architecture, design, code, or implementation. These weaknesses can lead to security vulnerabilities.
Polyspace can check your code against subsets of the CWE list including subsets or weaknesses that are specific to C or C++ code. To activate subsets of the CWE list, use analysis option Check CWE (-cwe). Polyspace supports version 4.12 of the CWE standard.
Polyspace 결과
CWE Rule 14 | Compiler Removal of Code to Clear Buffers (R2023a 이후) |
CWE Rule 15 | External Control of System or Configuration Setting (R2024a 이후) |
CWE Rule 20 | Improper Input Validation (R2024a 이후) |
CWE Rule 22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (R2024a 이후) |
CWE Rule 23 | Relative Path Traversal (R2024a 이후) |
CWE Rule 36 | Absolute Path Traversal (R2024a 이후) |
CWE Rule 67 | Improper Handling of Windows Device Names (R2024a 이후) |
CWE Rule 77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') (R2024a 이후) |
CWE Rule 78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (R2024a 이후) |
CWE Rule 88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (R2024a 이후) |
CWE Rule 89 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (R2023a 이후) |
CWE Rule 90 | Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') (R2023a 이후) |
CWE Rule 99 | Improper Control of Resource Identifiers ('Resource Injection') (R2024b 이후) |
CWE Rule 114 | Process Control (R2024a 이후) |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (R2023a 이후) |
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (R2023a 이후) |
CWE Rule 121 | Stack-based Buffer Overflow (R2023a 이후) |
CWE Rule 122 | Heap-based Buffer Overflow (R2023a 이후) |
CWE Rule 123 | Write-what-where Condition (R2023a 이후) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (R2023a 이후) |
CWE Rule 125 | Out-of-bounds Read (R2023a 이후) |
CWE Rule 126 | Buffer Over-read (R2023a 이후) |
CWE Rule 127 | Buffer Under-read (R2023a 이후) |
CWE Rule 128 | Wrap-around Error (R2023a 이후) |
CWE Rule 129 | Improper Validation of Array Index (R2023a 이후) |
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (R2023a 이후) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (R2023a 이후) |
CWE Rule 134 | Use of Externally-Controlled Format String (R2023a 이후) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (R2023a 이후) |
CWE Rule 170 | Improper Null Termination (R2023a 이후) |
CWE Rule 188 | Reliance on Data/Memory Layout (R2023a 이후) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (R2023a 이후) |
CWE Rule 192 | Integer Coercion Error (R2023a 이후) |
CWE Rule 194 | Unexpected Sign Extension (R2023a 이후) |
CWE Rule 195 | Signed to Unsigned Conversion Error (R2023a 이후) |
CWE Rule 196 | Unsigned to Signed Conversion Error (R2023a 이후) |
CWE Rule 197 | Numeric Truncation Error (R2023a 이후) |
CWE Rule 198 | Use of Incorrect Byte Ordering (R2024a 이후) |
CWE Rule 226 | Sensitive Information in Resource Not Removed Before Reuse (R2024a 이후) |
CWE Rule 240 | Improper Handling of Inconsistent Structural Elements (R2024a 이후) |
CWE Rule 242 | Use of Inherently Dangerous Function (R2023a 이후) |
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (R2023a 이후) |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (R2023a 이후) |
CWE Rule 248 | Uncaught Exception (R2023a 이후) |
CWE Rule 250 | Execution with Unnecessary Privileges (R2024a 이후) |
CWE Rule 252 | Unchecked Return Value (R2023a 이후) |
CWE Rule 253 | Incorrect Check of Function Return Value (R2023a 이후) |
CWE Rule 256 | Plaintext storage of a password (R2023a 이후) |
CWE Rule 273 | Improper Check for Dropped Privileges (R2024a 이후) |
CWE Rule 287 | Improper Authentication (R2024a 이후) |
CWE Rule 297 | Improper Validation of Certificate with Host Mismatch (R2024a 이후) |
CWE Rule 304 | Missing Critical Step in Authentication (R2024a 이후) |
CWE Rule 311 | Missing Encryption of Sensitive Data (R2023b 이후) |
CWE Rule 312 | Cleartext Storage of Sensitive Information (R2023a 이후) |
CWE Rule 316 | Cleartext Storage of Sensitive Information in Memory (R2024a 이후) |
CWE Rule 319 | Cleartext Transmission of Sensitive Information (R2023b 이후) |
CWE Rule 321 | Use of Hard-coded Cryptographic Key (R2023b 이후) |
CWE Rule 322 | Key Exchange without Entity Authentication (R2024a 이후) |
CWE Rule 325 | Missing Cryptographic Step (R2024a 이후) |
CWE Rule 326 | Inadequate Encryption Strength (R2024a 이후) |
CWE Rule 327 | Use of a Broken or Risky Cryptographic Algorithm (R2024a 이후) |
CWE Rule 328 | Use of Weak Hash (R2024a 이후) |
CWE Rule 329 | Generation of Predictable IV with CBC Mode (R2024a 이후) |
CWE Rule 330 | Use of Insufficiently Random Values (R2024a 이후) |
CWE Rule 335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) (R2023a 이후) |
CWE Rule 336 | Same Seed in Pseudo-Random Number Generator (PRNG) (R2024a 이후) |
CWE Rule 337 | Predictable Seed in Pseudo-Random Number Generator (PRNG) (R2024a 이후) |
CWE Rule 338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (R2023a 이후) |
CWE Rule 353 | Missing Support for Integrity Check (R2023a 이후) |
CWE Rule 354 | Improper Validation of Integrity Check Value (R2024a 이후) |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (R2023a 이후) |
CWE Rule 364 | Signal Handler Race Condition (R2023a 이후) |
CWE Rule 366 | Race Condition within a Thread (R2023a 이후) |
CWE Rule 367 | Time-of-check Time-of-use (TOCTOU) Race Condition (R2024a 이후) |
CWE Rule 369 | Divide By Zero (R2023a 이후) |
CWE Rule 372 | Incomplete Internal State Distinction (R2024a 이후) |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method (R2023b 이후) |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (R2023a 이후) |
CWE Rule 377 | Insecure Temporary File (R2024a 이후) |
CWE Rule 391 | Unchecked Error Condition (R2024a 이후) |
CWE Rule 396 | Declaration of Catch for Generic Exception (R2023a 이후) |
CWE Rule 397 | Declaration of Throws for Generic Exception (R2023a 이후) |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime (R2023a 이후) |
CWE Rule 404 | Improper Resource Shutdown or Release (R2024a 이후) |
CWE Rule 413 | Improper Resource Locking (R2023a 이후) |
CWE Rule 415 | Double Free (R2023a 이후) |
CWE Rule 416 | Use After Free (R2023a 이후) |
CWE Rule 426 | Untrusted Search Path (R2024a 이후) |
CWE Rule 427 | Uncontrolled Search Path Element (R2024a 이후) |
CWE Rule 456 | Missing Initialization of a Variable (R2024a 이후) |
CWE Rule 457 | Use of Uninitialized Variable (R2023a 이후) |
CWE Rule 460 | Improper Cleanup on Thrown Exception (R2023a 이후) |
CWE Rule 463 | Deletion of Data Structure Sentinel (R2023a 이후) |
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (R2023a 이후) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (R2023a 이후) |
CWE Rule 468 | Incorrect Pointer Scaling (R2023a 이후) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (R2023a 이후) |
CWE Rule 471 | Modification of Assumed-Immutable Data (MAID) (R2024a 이후) |
CWE Rule 474 | Use of Function with Inconsistent Implementations (R2023a 이후) |
CWE Rule 475 | Undefined Behavior for Input to API (R2024a 이후) |
CWE Rule 476 | NULL Pointer Dereference (R2023a 이후) |
CWE Rule 477 | Use of Obsolete Function (R2023a 이후) |
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (R2023a 이후) |
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (R2023a 이후) |
CWE Rule 480 | Use of Incorrect Operator (R2023a 이후) |
CWE Rule 481 | Assigning instead of Comparing (R2023a 이후) |
CWE Rule 482 | Comparing instead of Assigning (R2023a 이후) |
CWE Rule 483 | Incorrect Block Delimitation (R2023a 이후) |
CWE Rule 484 | Omitted Break Statement in Switch (R2023a 이후) |
CWE Rule 489 | Active Debug Code (R2023a 이후) |
CWE Rule 493 | Critical Public Variable Without Final Modifier (R2023b 이후) |
CWE Rule 495 | Private Data Structure Returned From A Public Method (R2023a 이후) |
CWE Rule 496 | Public Data Assigned to Private Array-Typed Field (R2023b 이후) |
CWE Rule 498 | Cloneable class containing sensitive information (R2023b 이후) |
CWE Rule 500 | Public Static Field Not Marked Final (R2023a 이후) |
CWE Rule 522 | Insufficiently Protected Credentials (R2023a 이후) |
CWE Rule 532 | Insertion of Sensitive Information into Log File (R2024a 이후) |
CWE Rule 534 | |
CWE Rule 535 | Exposure of Information Through Shell Error Message (R2024a 이후) |
CWE Rule 543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context (R2024a 이후) |
CWE Rule 547 | Use of Hard-coded, Security-relevant Constants (R2023a 이후) |
CWE Rule 558 | Use of getlogin() in Multithreaded Application (R2023a 이후) |
CWE Rule 560 | Use of umask() with chmod-style Argument (R2023a 이후) |
CWE Rule 561 | Dead Code (R2023a 이후) |
CWE Rule 562 | Return of Stack Variable Address (R2023a 이후) |
CWE Rule 563 | Assignment to Variable without Use (R2023a 이후) |
CWE Rule 570 | Expression is Always False (R2023a 이후) |
CWE Rule 571 | Expression is Always True (R2023a 이후) |
CWE Rule 573 | Improper Following of Specification by Caller (R2024a 이후) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (R2023a 이후) |
CWE Rule 590 | Free of Memory not on the Heap (R2024a 이후) |
CWE Rule 606 | Unchecked Input for Loop Condition (R2023b 이후) |
CWE Rule 617 | Reachable Assertion (R2023a 이후) |
CWE Rule 628 | Function Call with Incorrectly Specified Arguments (R2024a 이후) |
CWE Rule 663 | Use of a Non-reentrant Function in a Concurrent Context (R2024a 이후) |
CWE Rule 664 | Improper Control of a Resource Through its Lifetime (R2024a 이후) |
CWE Rule 665 | Improper Initialization (R2024a 이후) |
CWE Rule 666 | Operation on Resource in Wrong Phase of Lifetime (R2024a 이후) |
CWE Rule 667 | Improper Locking (R2024a 이후) |
CWE Rule 672 | Operation on a Resource after Expiration or Release (R2024a 이후) |
CWE Rule 674 | Uncontrolled Recursion (R2024a 이후) |
CWE Rule 675 | Multiple Operations on Resource in Single-Operation Context (R2024a 이후) |
CWE Rule 676 | Use of Potentially Dangerous Function (R2023a 이후) |
CWE Rule 681 | Incorrect Conversion between Numeric Types (R2024a 이후) |
CWE Rule 682 | Incorrect Calculation (R2024a 이후) |
CWE Rule 683 | Function Call With Incorrect Order of Arguments (R2023b 이후) |
CWE Rule 685 | Function Call With Incorrect Number of Arguments (R2023a 이후) |
CWE Rule 686 | Function Call With Incorrect Argument Type (R2023b 이후) |
CWE Rule 687 | Function Call With Incorrectly Specified Argument Value (R2023b 이후) |
CWE Rule 688 | Function Call With Incorrect Variable or Reference as Argument (R2023b 이후) |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference (R2023a 이후) |
CWE Rule 691 | Insufficient Control Flow Management (R2024a 이후) |
CWE Rule 693 | Protection Mechanism Failure (R2024a 이후) |
CWE Rule 696 | Incorrect Behavior Order (R2024a 이후) |
CWE Rule 703 | Improper Check or Handling of Exceptional Conditions (R2024a 이후) |
CWE Rule 704 | Incorrect Type Conversion or Cast (R2023a 이후) |
CWE Rule 705 | Incorrect Control Flow Scoping (R2024a 이후) |
CWE Rule 710 | Improper Adherence to Coding Standards (R2024a 이후) |
CWE Rule 732 | Incorrect Permission Assignment for Critical Resource (R2024a 이후) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (R2023a 이후) |
CWE Rule 754 | Improper Check for Unusual or Exceptional Conditions (R2024a 이후) |
CWE Rule 755 | Improper Handling of Exceptional Conditions (R2024a 이후) |
CWE Rule 758 | Reliance on Undefined, Unspecified, or Implementation-Defined Behavior (R2024a 이후) |
CWE Rule 759 | Use of a One-Way Hash without a Salt (R2024a 이후) |
CWE Rule 762 | Mismatched Memory Management Routines (R2023a 이후) |
CWE Rule 763 | Release of Invalid Pointer or Reference (R2023a 이후) |
CWE Rule 764 | Multiple Locks of a Critical Resource (R2024a 이후) |
CWE Rule 765 | Multiple Unlocks of a Critical Resource (R2024a 이후) |
CWE Rule 766 | Critical Data Element Declared Public (R2023a 이후) |
CWE Rule 767 | Access to Critical Private Variable via Public Method (R2023a 이후) |
CWE Rule 770 | Allocation of Resources Without Limits or Throttling (R2024a 이후) |
CWE Rule 772 | Missing Release of Resource after Effective Lifetime (R2024a 이후) |
CWE Rule 780 | Use of RSA Algorithm without OAEP (R2024a 이후) |
CWE Rule 783 | Operator Precedence Logic Error (R2023a 이후) |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer (R2023a 이후) |
CWE Rule 786 | Access of Memory Location Before Start of Buffer (R2024a 이후) |
CWE Rule 787 | Out-of-bounds Write (R2023a 이후) |
CWE Rule 789 | Memory Allocation with Excessive Size Value (R2023a 이후) |
CWE Rule 798 | Use of Hard-coded Credentials (R2023a 이후) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (R2023a 이후) |
CWE Rule 806 | Buffer Access Using Size of Source Buffer (R2023a 이후) |
CWE Rule 822 | Untrusted Pointer Dereference (R2023b 이후) |
CWE Rule 823 | Use of Out-of-range Pointer Offset (R2024a 이후) |
CWE Rule 824 | Access of Uninitialized Pointer (R2023a 이후) |
CWE Rule 825 | Expired Pointer Dereference (R2023a 이후) |
CWE Rule 826 | Premature Release of Resource During Expected Lifetime (R2024a 이후) |
CWE Rule 828 | Signal Handler with Functionality that is not Asynchronous-Safe (R2024a 이후) |
CWE Rule 832 | Unlock of a Resource that is not Locked (R2024a 이후) |
CWE Rule 833 | Deadlock (R2024a 이후) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (R2023a 이후) |
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (R2023a 이후) |
CWE Rule 908 | Use of Uninitialized Resource (R2024a 이후) |
CWE Rule 910 | Use of Expired File Descriptor (R2023a 이후) |
CWE Rule 922 | Insecure Storage of Sensitive Information (R2023a 이후) |
CWE Rule 1071 | Empty code block (R2023a 이후) |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer (R2023a 이후) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (R2023a 이후) |
CWE-658
CWE Rule 14 | Compiler Removal of Code to Clear Buffers (R2023a 이후) |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (R2023a 이후) |
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (R2023a 이후) |
CWE Rule 121 | Stack-based Buffer Overflow (R2023a 이후) |
CWE Rule 122 | Heap-based Buffer Overflow (R2023a 이후) |
CWE Rule 123 | Write-what-where Condition (R2023a 이후) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (R2023a 이후) |
CWE Rule 125 | Out-of-bounds Read (R2023a 이후) |
CWE Rule 126 | Buffer Over-read (R2023a 이후) |
CWE Rule 127 | Buffer Under-read (R2023a 이후) |
CWE Rule 128 | Wrap-around Error (R2023a 이후) |
CWE Rule 129 | Improper Validation of Array Index (R2023a 이후) |
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (R2023a 이후) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (R2023a 이후) |
CWE Rule 134 | Use of Externally-Controlled Format String (R2023a 이후) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (R2023a 이후) |
CWE Rule 170 | Improper Null Termination (R2023a 이후) |
CWE Rule 188 | Reliance on Data/Memory Layout (R2023a 이후) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (R2023a 이후) |
CWE Rule 192 | Integer Coercion Error (R2023a 이후) |
CWE Rule 194 | Unexpected Sign Extension (R2023a 이후) |
CWE Rule 195 | Signed to Unsigned Conversion Error (R2023a 이후) |
CWE Rule 196 | Unsigned to Signed Conversion Error (R2023a 이후) |
CWE Rule 197 | Numeric Truncation Error (R2023a 이후) |
CWE Rule 242 | Use of Inherently Dangerous Function (R2023a 이후) |
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (R2023a 이후) |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (R2023a 이후) |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (R2023a 이후) |
CWE Rule 364 | Signal Handler Race Condition (R2023a 이후) |
CWE Rule 366 | Race Condition within a Thread (R2023a 이후) |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method (R2023b 이후) |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (R2023a 이후) |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime (R2023a 이후) |
CWE Rule 415 | Double Free (R2023a 이후) |
CWE Rule 416 | Use After Free (R2023a 이후) |
CWE Rule 457 | Use of Uninitialized Variable (R2023a 이후) |
CWE Rule 460 | Improper Cleanup on Thrown Exception (R2023a 이후) |
CWE Rule 463 | Deletion of Data Structure Sentinel (R2023a 이후) |
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (R2023a 이후) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (R2023a 이후) |
CWE Rule 468 | Incorrect Pointer Scaling (R2023a 이후) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (R2023a 이후) |
CWE Rule 474 | Use of Function with Inconsistent Implementations (R2023a 이후) |
CWE Rule 476 | NULL Pointer Dereference (R2023a 이후) |
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (R2023a 이후) |
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (R2023a 이후) |
CWE Rule 480 | Use of Incorrect Operator (R2023a 이후) |
CWE Rule 481 | Assigning instead of Comparing (R2023a 이후) |
CWE Rule 482 | Comparing instead of Assigning (R2023a 이후) |
CWE Rule 483 | Incorrect Block Delimitation (R2023a 이후) |
CWE Rule 484 | Omitted Break Statement in Switch (R2023a 이후) |
CWE Rule 495 | Private Data Structure Returned From A Public Method (R2023a 이후) |
CWE Rule 558 | Use of getlogin() in Multithreaded Application (R2023a 이후) |
CWE Rule 560 | Use of umask() with chmod-style Argument (R2023a 이후) |
CWE Rule 562 | Return of Stack Variable Address (R2023a 이후) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (R2023a 이후) |
CWE Rule 676 | Use of Potentially Dangerous Function (R2023a 이후) |
CWE Rule 685 | Function Call With Incorrect Number of Arguments (R2023a 이후) |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference (R2023a 이후) |
CWE Rule 704 | Incorrect Type Conversion or Cast (R2023a 이후) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (R2023a 이후) |
CWE Rule 762 | Mismatched Memory Management Routines (R2023a 이후) |
CWE Rule 783 | Operator Precedence Logic Error (R2023a 이후) |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer (R2023a 이후) |
CWE Rule 787 | Out-of-bounds Write (R2023a 이후) |
CWE Rule 789 | Memory Allocation with Excessive Size Value (R2023a 이후) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (R2023a 이후) |
CWE Rule 806 | Buffer Access Using Size of Source Buffer (R2023a 이후) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (R2023a 이후) |
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (R2023a 이후) |
CWE Rule 910 | Use of Expired File Descriptor (R2023a 이후) |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer (R2023a 이후) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (R2023a 이후) |
CWE-659
CWE Rule 14 | Compiler Removal of Code to Clear Buffers (R2023a 이후) |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (R2023a 이후) |
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (R2023a 이후) |
CWE Rule 121 | Stack-based Buffer Overflow (R2023a 이후) |
CWE Rule 122 | Heap-based Buffer Overflow (R2023a 이후) |
CWE Rule 123 | Write-what-where Condition (R2023a 이후) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (R2023a 이후) |
CWE Rule 125 | Out-of-bounds Read (R2023a 이후) |
CWE Rule 126 | Buffer Over-read (R2023a 이후) |
CWE Rule 127 | Buffer Under-read (R2023a 이후) |
CWE Rule 128 | Wrap-around Error (R2023a 이후) |
CWE Rule 129 | Improper Validation of Array Index (R2023a 이후) |
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (R2023a 이후) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (R2023a 이후) |
CWE Rule 134 | Use of Externally-Controlled Format String (R2023a 이후) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (R2023a 이후) |
CWE Rule 170 | Improper Null Termination (R2023a 이후) |
CWE Rule 188 | Reliance on Data/Memory Layout (R2023a 이후) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (R2023a 이후) |
CWE Rule 192 | Integer Coercion Error (R2023a 이후) |
CWE Rule 194 | Unexpected Sign Extension (R2023a 이후) |
CWE Rule 195 | Signed to Unsigned Conversion Error (R2023a 이후) |
CWE Rule 196 | Unsigned to Signed Conversion Error (R2023a 이후) |
CWE Rule 197 | Numeric Truncation Error (R2023a 이후) |
CWE Rule 242 | Use of Inherently Dangerous Function (R2023a 이후) |
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (R2023a 이후) |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (R2023a 이후) |
CWE Rule 248 | Uncaught Exception (R2023a 이후) |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (R2023a 이후) |
CWE Rule 364 | Signal Handler Race Condition (R2023a 이후) |
CWE Rule 366 | Race Condition within a Thread (R2023a 이후) |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method (R2023b 이후) |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (R2023a 이후) |
CWE Rule 396 | Declaration of Catch for Generic Exception (R2023a 이후) |
CWE Rule 397 | Declaration of Throws for Generic Exception (R2023a 이후) |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime (R2023a 이후) |
CWE Rule 415 | Double Free (R2023a 이후) |
CWE Rule 416 | Use After Free (R2023a 이후) |
CWE Rule 457 | Use of Uninitialized Variable (R2023a 이후) |
CWE Rule 460 | Improper Cleanup on Thrown Exception (R2023a 이후) |
CWE Rule 463 | Deletion of Data Structure Sentinel (R2023a 이후) |
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (R2023a 이후) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (R2023a 이후) |
CWE Rule 468 | Incorrect Pointer Scaling (R2023a 이후) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (R2023a 이후) |
CWE Rule 476 | NULL Pointer Dereference (R2023a 이후) |
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (R2023a 이후) |
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (R2023a 이후) |
CWE Rule 480 | Use of Incorrect Operator (R2023a 이후) |
CWE Rule 481 | Assigning instead of Comparing (R2023a 이후) |
CWE Rule 482 | Comparing instead of Assigning (R2023a 이후) |
CWE Rule 483 | Incorrect Block Delimitation (R2023a 이후) |
CWE Rule 484 | Omitted Break Statement in Switch (R2023a 이후) |
CWE Rule 495 | Private Data Structure Returned From A Public Method (R2023a 이후) |
CWE Rule 500 | Public Static Field Not Marked Final (R2023a 이후) |
CWE Rule 558 | Use of getlogin() in Multithreaded Application (R2023a 이후) |
CWE Rule 562 | Return of Stack Variable Address (R2023a 이후) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (R2023a 이후) |
CWE Rule 676 | Use of Potentially Dangerous Function (R2023a 이후) |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference (R2023a 이후) |
CWE Rule 704 | Incorrect Type Conversion or Cast (R2023a 이후) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (R2023a 이후) |
CWE Rule 762 | Mismatched Memory Management Routines (R2023a 이후) |
CWE Rule 766 | Critical Data Element Declared Public (R2023a 이후) |
CWE Rule 767 | Access to Critical Private Variable via Public Method (R2023a 이후) |
CWE Rule 783 | Operator Precedence Logic Error (R2023a 이후) |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer (R2023a 이후) |
CWE Rule 787 | Out-of-bounds Write (R2023a 이후) |
CWE Rule 789 | Memory Allocation with Excessive Size Value (R2023a 이후) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (R2023a 이후) |
CWE Rule 806 | Buffer Access Using Size of Source Buffer (R2023a 이후) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (R2023a 이후) |
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (R2023a 이후) |
CWE Rule 910 | Use of Expired File Descriptor (R2023a 이후) |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer (R2023a 이후) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (R2023a 이후) |
API / Function Errors
CWE Rule 242 | Use of Inherently Dangerous Function (R2023a 이후) |
CWE Rule 474 | Use of Function with Inconsistent Implementations (R2023a 이후) |
CWE Rule 477 | Use of Obsolete Function (R2023a 이후) |
CWE Rule 676 | Use of Potentially Dangerous Function (R2023a 이후) |
Bad Coding Practices
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (R2023a 이후) |
CWE Rule 489 | Active Debug Code (R2023a 이후) |
CWE Rule 547 | Use of Hard-coded, Security-relevant Constants (R2023a 이후) |
CWE Rule 561 | Dead Code (R2023a 이후) |
CWE Rule 562 | Return of Stack Variable Address (R2023a 이후) |
CWE Rule 563 | Assignment to Variable without Use (R2023a 이후) |
CWE Rule 1071 | Empty code block (R2023a 이후) |
Behavioral Problems
CWE Rule 480 | Use of Incorrect Operator (R2023a 이후) |
CWE Rule 483 | Incorrect Block Delimitation (R2023a 이후) |
CWE Rule 484 | Omitted Break Statement in Switch (R2023a 이후) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (R2023a 이후) |
CWE Rule 783 | Operator Precedence Logic Error (R2023a 이후) |
Concurrency Issues
CWE Rule 366 | Race Condition within a Thread (R2023a 이후) |
Credentials Management Errors
CWE Rule 798 | Use of Hard-coded Credentials (R2023a 이후) |
Data Integrity Issues
CWE Rule 353 | Missing Support for Integrity Check (R2023a 이후) |
Data Neutralization Issues
CWE Rule 170 | Improper Null Termination (R2023a 이후) |
CWE Rule 188 | Reliance on Data/Memory Layout (R2023a 이후) |
CWE Rule 463 | Deletion of Data Structure Sentinel (R2023a 이후) |
Data Processing Errors
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (R2023a 이후) |
Data Validation Issues
CWE Rule 129 | Improper Validation of Array Index (R2023a 이후) |
CWE Rule
606 | Unchecked Input for Loop Condition (R2023b 이후) |
Error Conditions, Return Values, Status Codes
CWE Rule 248 | Uncaught Exception (R2023a 이후) |
CWE Rule 252 | Unchecked Return Value (R2023a 이후) |
CWE Rule 253 | Incorrect Check of Function Return Value (R2023a 이후) |
CWE Rule 396 | Declaration of Catch for Generic Exception (R2023a 이후) |
CWE Rule 397 | Declaration of Throws for Generic Exception (R2023a 이후) |
CWE Rule 617 | Reachable Assertion (R2023a 이후) |
Expression Issues
CWE Rule 570 | Expression is Always False (R2023a 이후) |
CWE Rule 571 | Expression is Always True (R2023a 이후) |
Handler Errors
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (R2023a 이후) |
Information Management Errors
CWE Rule 312 | Cleartext Storage of Sensitive Information (R2023a 이후) |
CWE Rule
353 | Missing Support for Integrity Check (R2023a 이후) |
Initialization and Cleanup Errors
CWE Rule 460 | Improper Cleanup on Thrown Exception (R2023a 이후) |
Memory Buffer Errors
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (R2023a 이후) |
CWE Rule 123 | Write-what-where Condition (R2023a 이후) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (R2023a 이후) |
CWE Rule 125 | Out-of-bounds Read (R2023a 이후) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (R2023a 이후) |
CWE Rule 787 | Out-of-bounds Write (R2023a 이후) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (R2023a 이후) |
Numeric Errors
CWE Rule 128 | Wrap-around Error (R2023a 이후) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (R2023a 이후) |
CWE Rule 192 | Integer Coercion Error (R2023a 이후) |
CWE Rule 197 | Numeric Truncation Error (R2023a 이후) |
CWE Rule 369 | Divide By Zero (R2023a 이후) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (R2023a 이후) |
Others
CWE Rule
14 | Compiler Removal of Code to Clear Buffers (R2023a 이후) |
CWE Rule
119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (R2023a 이후) |
CWE Rule
121 | Stack-based Buffer Overflow (R2023a 이후) |
CWE Rule
122 | Heap-based Buffer Overflow (R2023a 이후) |
CWE Rule
126 | Buffer Over-read (R2023a 이후) |
CWE Rule
127 | Buffer Under-read (R2023a 이후) |
CWE Rule
194 | Unexpected Sign Extension (R2023a 이후) |
CWE Rule
195 | Signed to Unsigned Conversion Error (R2023a 이후) |
CWE Rule
196 | Unsigned to Signed Conversion Error (R2023a 이후) |
CWE Rule
244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (R2023a 이후) |
CWE Rule
311 | Missing Encryption of Sensitive Data (R2023b 이후) |
CWE Rule
362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (R2023a 이후) |
CWE Rule
401 | Missing Release of Memory after Effective Lifetime (R2023a 이후) |
CWE Rule
415 | Double Free (R2023a 이후) |
CWE Rule
416 | Use After Free (R2023a 이후) |
CWE Rule
457 | Use of Uninitialized Variable (R2023a 이후) |
CWE Rule
481 | Assigning instead of Comparing (R2023a 이후) |
CWE Rule
482 | Comparing instead of Assigning (R2023a 이후) |
CWE Rule
495 | Private Data Structure Returned From A Public Method (R2023a 이후) |
CWE Rule
500 | Public Static Field Not Marked Final (R2023a 이후) |
CWE Rule
522 | Insufficiently Protected Credentials (R2023a 이후) |
CWE Rule
543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context (R2024a 이후) |
CWE Rule
558 | Use of getlogin() in Multithreaded Application (R2023a 이후) |
CWE Rule
560 | Use of umask() with chmod-style Argument (R2023a 이후) |
CWE Rule
685 | Function Call With Incorrect Number of Arguments (R2023a 이후) |
CWE Rule
686 | Function Call With Incorrect Argument Type (R2023b 이후) |
CWE Rule
687 | Function Call With Incorrectly Specified Argument Value (R2023b 이후) |
CWE Rule
690 | Unchecked Return Value to NULL Pointer Dereference (R2023a 이후) |
CWE Rule
704 | Incorrect Type Conversion or Cast (R2023a 이후) |
CWE Rule
762 | Mismatched Memory Management Routines (R2023a 이후) |
CWE Rule
785 | Use of Path Manipulation Function without Maximum-sized Buffer (R2023a 이후) |
CWE Rule
789 | Memory Allocation with Excessive Size Value (R2023a 이후) |
CWE Rule
806 | Buffer Access Using Size of Source Buffer (R2023a 이후) |
CWE Rule
922 | Insecure Storage of Sensitive Information (R2023a 이후) |
CWE Rule
1335 | Incorrect Bitwise Shift of Integer (R2023a 이후) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (R2023a 이후) |
Permission Issues
CWE Rule 766 | Critical Data Element Declared Public (R2023a 이후) |
CWE Rule 767 | Access to Critical Private Variable via Public Method (R2023a 이후) |
Pointer Issues
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (R2023a 이후) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (R2023a 이후) |
CWE Rule 468 | Incorrect Pointer Scaling (R2023a 이후) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (R2023a 이후) |
CWE Rule 476 | NULL Pointer Dereference (R2023a 이후) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (R2023a 이후) |
CWE Rule 763 | Release of Invalid Pointer or Reference (R2023a 이후) |
CWE Rule
822 | Untrusted Pointer Dereference (R2023b 이후) |
CWE Rule 824 | Access of Uninitialized Pointer (R2023a 이후) |
CWE Rule 825 | Expired Pointer Dereference (R2023a 이후) |
Privilege Issues
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (R2023a 이후) |
Random Number Issues
CWE Rule 335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) (R2023a 이후) |
CWE Rule 338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (R2023a 이후) |
Resource Locking Problems
CWE Rule 413 | Improper Resource Locking (R2023a 이후) |
Resource Management Errors
CWE Rule 910 | Use of Expired File Descriptor (R2023a 이후) |
Signal Errors
CWE Rule 364 | Signal Handler Race Condition (R2023a 이후) |
State Issues
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (R2023a 이후) |
String Errors
CWE Rule 134 | Use of Externally-Controlled Format String (R2023a 이후) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (R2023a 이후) |
Type Errors
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (R2023a 이후) |
도움말 항목
- CWE Coding Standard Coverage Using Polyspace
Group CWE results by category and view list of
all-exact-checkers. - Polyspace Support for Coding Standards
Check the Polyspace support for different coding standards.
- Check for and Review Coding Standard Violations
Check for violations of AUTOSAR C++14, CERT® C, CERT C++, CWE, MISRA C™, MISRA™ C++, JSF AV C++, or ISO-17961 standards with Polyspace Bug Finder.
MATLAB Command
You clicked a link that corresponds to this MATLAB command:
Run the command by entering it in the MATLAB Command Window. Web browsers do not support MATLAB commands.
웹사이트 선택
번역된 콘텐츠를 보고 지역별 이벤트와 혜택을 살펴보려면 웹사이트를 선택하십시오. 현재 계신 지역에 따라 다음 웹사이트를 권장합니다:
또한 다음 목록에서 웹사이트를 선택하실 수도 있습니다.
사이트 성능 최적화 방법
최고의 사이트 성능을 위해 중국 사이트(중국어 또는 영어)를 선택하십시오. 현재 계신 지역에서는 다른 국가의 MathWorks 사이트 방문이 최적화되지 않았습니다.
미주
- América Latina (Español)
- Canada (English)
- United States (English)
유럽
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)