SEI CERT C Coding Standard - Guidelines 50. POSIX (POS)

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to the rules and recommendations in the POSIX (POS) section of the SEI CERT C Coding Standard.

Weaknesses

Improper Check for Dropped Privileges

The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

Improper Locking

The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

Improper Null Termination

The software does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.

Incorrect Behavior Order

The product performs multiple related behaviors, but the behaviors are performed in the wrong order in ways which may produce resultant weaknesses.

Incorrect Check of Function Return Value

The software incorrectly checks a return value from a function, which prevents the software from detecting errors or exceptional conditions.

Race Condition Enabling Link Following

The software checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the acc...

Unchecked Error Condition

[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to in...

Unchecked Return Value

The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

Use of Inherently Dangerous Function

The program calls a function that can never be guaranteed to work safely.

Concepts

Weaknesses Addressed by the SEI CERT C Coding Standard

CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommen...

See Also

  1. SEI CERT C Coding Standard : Rule 50. POSIX (POS)

    The Software Engineering Institute

  2. SEI CERT C Coding Standard : Rec 50. POSIX (POS)

    The Software Engineering Institute


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.