DISA STIG version 5 IDs mapped to Klocwork C and C++ checkers
This article maps DISA Security Technical Implementation Guide version 5 IDs to Klocwork C/C++ checkers. For more information about DISA STIG, see the STIG web site.
Rule | Checker name and description |
---|---|
V-222396 (APSC-DV-000160) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt |
V-222397 (APSC-DV-000170) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt |
V-222425 (APSC-DV-000460) |
SV.BRM.HKEY_LOCAL_MACHINE HKEY_LOCAL_MACHINE Used as 'hkey' Parameter for Registry Manipulation Function SV.PIPE.CONST Potential pipe hijacking SV.PIPE.VAR Potential pipe hijacking |
V-222430 (APSC-DV-000510) |
SV.BRM.HKEY_LOCAL_MACHINE HKEY_LOCAL_MACHINE Used as 'hkey' Parameter for Registry Manipulation Function SV.LPP.CONST Use of Insecure Macro for Dangerous Functions SV.LPP.VAR Use of Insecure Parameter for Dangerous Functions SV.PIPE.CONST Potential pipe hijacking SV.PIPE.VAR Potential pipe hijacking SV.SIP.CONST Use of Insecure Macro for Dangerous Functions SV.SIP.VAR Use of Insecure Parameter for Dangerous Functions SV.USAGERULES.PERMISSIONS Use of Privilege Elevation |
V-222432 (APSC-DV-000530) |
CXX.SV.PWD_INPUT.REVIEW Password authentication should be checked against brute force attacks |
V-222511 (APSC-DV-001410) |
SV.BRM.HKEY_LOCAL_MACHINE HKEY_LOCAL_MACHINE Used as 'hkey' Parameter for Registry Manipulation Function SV.LPP.CONST Use of Insecure Macro for Dangerous Functions SV.LPP.VAR Use of Insecure Parameter for Dangerous Functions SV.PIPE.CONST Potential pipe hijacking SV.PIPE.VAR Potential pipe hijacking SV.SIP.CONST Use of Insecure Macro for Dangerous Functions SV.SIP.VAR Use of Insecure Parameter for Dangerous Functions SV.USAGERULES.PERMISSIONS Use of Privilege Elevation |
V-222536 (APSC-DV-001680) |
CXX.SV.PWD.PLAIN.LENGTH Attempt to set password with a length less than 15 characters CXX.SV.PWD.PLAIN.LENGTH.ZERO Attempt to set password with a length of zero characters |
V-222542 (APSC-DV-001740) |
HCC Use of hardcoded credentials HCC.PWD Use of a hardcoded password HCC.USER Use of a hardcoded user name RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
V-222543 (APSC-DV-001750) |
HCC Use of hardcoded credentials HCC.PWD Use of a hardcoded password HCC.USER Use of a hardcoded user name RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
V-222551 (APSC-DV-001820) |
CXX.SV.PRIVATE_KEY.EMPTY_PASSWD Attempt to serialize private key in an unauthorized way CXX.SV.PRIVATE_KEY.UNENCRYPTED Attempt to serialize private key in an unauthorized way |
V-222554 (APSC-DV-001850) |
CXX.SV.PWD.PLAIN Attempt to set password using a plain string |
V-222555 (APSC-DV-001860) |
HCC Use of hardcoded credentials HCC.PWD Use of a hardcoded password HCC.USER Use of a hardcoded user name SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
V-222566 (APSC-DV-001980) |
RH.LEAK Resource leak |
V-222567 (APSC-DV-001995) |
SV.TOCTOU.FILE_ACCESS Time of Creation/Time of Use Race condition in File Access |
V-222568 (APSC-DV-002000) |
RH.LEAK Resource leak |
V-222571 (APSC-DV-002030) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
V-222572 (APSC-DV-002040) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
V-222577 (APSC-DV-002230) |
CXX.SV.INSECURE_COOKIE Insecure cookie |
V-222578 (APSC-DV-002240) |
CXX.SV.PERSISTENT_COOKIE Illegal usage of a persistent cookie |
V-222583 (APSC-DV-002290) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
V-222589 (APSC-DV-002350) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
V-222592 (APSC-DV-002380) |
SV.USAGERULES.PERMISSIONS Use of Privilege Elevation |
V-222594 (APSC-DV-002400) |
FMM.MIGHT Freeing Mismatched Memory - possible FMM.MUST Freeing Mismatched Memory INFINITE_LOOP.GLOBAL Infinite loop INFINITE_LOOP.LOCAL Infinite loop INFINITE_LOOP.MACRO Infinite loop SV.STR_PAR.UNDESIRED_STRING_PARAMETER Undesired String for File Path SV.TAINTED.ALLOC_SIZE Use of Unvalidated Integer in Memory Allocation |
V-222596 (APSC-DV-002440) |
SPECTRE.VARIANT1 Potential exploit of speculative execution |
V-222602 (APSC-DV-002490) |
SV.TAINTED.XSS.REFLECTED Cross-site Scripting Vulnerability |
V-222604 (APSC-DV-002510) |
SV.CODE_INJECTION.SHELL_EXEC Command Injection into Shell Execution SV.DLLPRELOAD.NONABSOLUTE.DLL Potential DLL-preload hijack vector SV.DLLPRELOAD.NONABSOLUTE.EXE Potential process injection vector SV.DLLPRELOAD.SEARCHPATH Do not use SearchPath to find DLLs SV.FIU.PROCESS_VARIANTS Use of Dangerous Process Creation |
V-222605 (APSC-DV-002520) |
SV.DLLPRELOAD.NONABSOLUTE.DLL Potential DLL-preload hijack vector SV.DLLPRELOAD.NONABSOLUTE.EXE Potential process injection vector SV.DLLPRELOAD.SEARCHPATH Do not use SearchPath to find DLLs |
V-222606 (APSC-DV-002530) |
ABV.TAINTED Buffer Overflow from Unvalidated Input NNTS.TAINTED Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String SV.TAINTED.ALLOC_SIZE Use of Unvalidated Integer in Memory Allocation SV.TAINTED.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.DEREF Dereference Of An Unvalidated Pointer SV.TAINTED.CALL.INDEX_ACCESS Use of Unvalidated Integer as Array Index by Function Call SV.TAINTED.CALL.LOOP_BOUND Use of Unvalidated Integer in Loop Condition through a Function Call SV.TAINTED.FMTSTR Use of Unvalidated Data in a Format String SV.TAINTED.INDEX_ACCESS Use of Unvalidated Integer as Array Index SV.TAINTED.INJECTION Command Injection SV.TAINTED.LOOP_BOUND Use of Unvalidated Integer in Loop Condition SV.TAINTED.PATH_TRAVERSAL Use of Unvalidated Data in a Path Traversal SV.TAINTED.SECURITY_DECISION Security Decision |
V-222607 (APSC-DV-002540) |
ABV.TAINTED Buffer Overflow from Unvalidated Input CXX.SQL.INJECT SQL Injection SV.TAINTED.INJECTION Command Injection SV.USAGERULES.PERMISSIONS Use of Privilege Elevation |
V-222608 (APSC-DV-002550) |
CXX.SV.XXE Attempting to resolve external entities while parsing a XML file can lead to XXE attack |
V-222609 (APSC-DV-002560) |
SV.TAINTED.ALLOC_SIZE Use of Unvalidated Integer in Memory Allocation SV.TAINTED.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.INDEX_ACCESS Use of Unvalidated Integer as Array Index by Function Call SV.TAINTED.CALL.LOOP_BOUND Use of Unvalidated Integer in Loop Condition through a Function Call SV.TAINTED.FMTSTR Use of Unvalidated Data in a Format String SV.TAINTED.INDEX_ACCESS Use of Unvalidated Integer as Array Index SV.TAINTED.INJECTION Command Injection SV.TAINTED.LOOP_BOUND Use of Unvalidated Integer in Loop Condition SV.TAINTED.PATH_TRAVERSAL Use of Unvalidated Data in a Path Traversal SV.TAINTED.SECURITY_DECISION Security Decision |
V-222612 (APSC-DV-002590) |
ABV.ANY_SIZE_ARRAY Buffer Overflow - Array Index Out of Bounds ABV.GENERAL Buffer Overflow - Array Index Out of Bounds ABV.GENERAL.MULTIDIMENSION Buffer Overflow - Array Index Out of Bounds ABV.ITERATOR Buffer Overflow - Array Index may be out of Bounds ABV.MEMBER Buffer Overflow - Array Index Out of Bounds ABV.NON_ARRAY Non-array object is used as an array ABV.STACK Buffer Overflow - Local Array Index Out of Bounds ABV.TAINTED Buffer Overflow from Unvalidated Input ABV.UNICODE.BOUND_MAP Buffer overflow in mapping character function ABV.UNICODE.FAILED_MAP Mapping function failed ABV.UNICODE.NNTS_MAP Buffer overflow in mapping character function ABV.UNKNOWN_SIZE Buffer Overflow - Array Index Out of Bounds CXX.FUNC.T2OLE.LOOP Do not call T2OLE or OLE2CT within a loop CXX.SUSPICIOUS_INDEX_CHECK Suspicious use of index after boundary check CXX.SUSPICIOUS_INDEX_CHECK.CALL Suspicious use of index in a function call after a boundary check CXX.SUSPICIOUS_INDEX_CHECK.ZERO Suspicious use of index after index check for zero INCORRECT.ALLOC_SIZE Incorrect Allocation Size MISRA.CAST.FLOAT Non-trivial float expression is cast to a wider type MISRA.CAST.FLOAT.WIDER Cast of floating point expression to a wider floating point type MISRA.CAST.FLOAT_INT Cast of floating point expression to integral type MISRA.CAST.FUNC_PTR Cast between a function pointer and a non-integral type MISRA.CAST.FUNC_PTR.2012 Conversion performed between a pointer to a function and another incompatible type MISRA.CAST.FUNC_PTR.CPP Cast converts function pointer to other pointer type MISRA.CAST.INCOMPLETE_PTR_TO_ANY.2012 Conversion performed between a pointer to an incomplete type and a different type MISRA.CAST.INT Non-trivial integer expression is cast to a wider type, or type with a different signedness MISRA.CAST.INT.SIGN Non-trivial integral expression is cast to type with different signedness MISRA.CAST.INT.WIDER Cast of integral expression to a wider integral type MISRA.CAST.INT_FLOAT Cast of integral expression to floating point type MISRA.CAST.INT_TO_PTR Object with integer type or pointer to void cast to pointer type MISRA.CAST.OBJ_PTR_TO_INT.2012 Conversion performed between a pointer to an object and an integer type MISRA.CAST.OBJ_PTR_TO_NON_INT.2012 A cast between a pointer to object and a non-integer arithmetic type MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012 Cast between a pointer to object type and a pointer to a different object type MISRA.CAST.POLY.TYPE Cast from a polymorphic base class to a derived class MISRA.CAST.PTR Cast between a pointer to object type and a different pointer to object type MISRA.CAST.PTR.UNRELATED Object of pointer type cast to unrelated type MISRA.CAST.PTR.VRCLASS A cast form pointer to a virtual base class to pointer to a derived class does not use 'dynamic_cast' MISRA.CAST.PTR_TO_INT Cast between a pointer and an integral type MISRA.CAST.UNSIGNED_BITS The result of bitwise operation on unsigned char or short is not cast back to original type MISRA.CAST.VOID_PTR_TO_INT.2012 Cast between a pointer to void and an arithmetic type MISRA.CAST.VOID_PTR_TO_OBJ_PTR.2012 Conversion performed from a pointer to void to a pointer to an object MISRA.SIGNED_CHAR.NOT_NUMERIC 'signed char' or 'unsigned char' is used for non-numeric value MISRA.UMINUS.UNSIGNED Operand of unary minus is unsigned NNTS.MIGHT Buffer Overflow - Non-null Terminated String NNTS.MUST Buffer Overflow - Non-null Terminated String NNTS.TAINTED Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String PRECISION.LOSS Loss of Precision PRECISION.LOSS.CALL Loss of Precision during function call PRECISION.LOSS.INIT Loss of Precision during initialization RABV.CHECK Suspicious use of index before boundary check SV.FMTSTR.GENERIC Format String Vulnerability SV.FMT_STR.BAD_SCAN_FORMAT Input format specifier error SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD Incompatible type of a print function parameter SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED Unexpected type of a print function parameter SV.FMT_STR.PRINT_IMPROP_LENGTH Improper use of length modifier in a print function call SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW Too few arguments in a print function call SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY Too many arguments in a print function call SV.FMT_STR.UNKWN_FORMAT Unknown format specifier in a print function call SV.STRBO.BOUND_COPY.OVERFLOW Buffer Overflow in Bound String Copy SV.STRBO.BOUND_COPY.UNTERM Possible Buffer Overflow in Following String Operations SV.STRBO.BOUND_SPRINTF Buffer Overflow in Bound sprintf SV.STRBO.UNBOUND_COPY Buffer Overflow in Unbound String Copy SV.STRBO.UNBOUND_SPRINTF Buffer Overflow in Unbound sprintf SV.TAINTED.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.INDEX_ACCESS Use of Unvalidated Integer as Array Index by Function Call SV.TAINTED.CALL.LOOP_BOUND Use of Unvalidated Integer in Loop Condition through a Function Call SV.TAINTED.INDEX_ACCESS Use of Unvalidated Integer as Array Index SV.TAINTED.LOOP_BOUND Use of Unvalidated Integer in Loop Condition |
V-222625 (APSC-DV-002950) |
CONC.DL Deadlock |
V-222641 (APSC-DV-003100) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt |
V-222642 (APSC-DV-003110) |
HCC Use of hardcoded credentials HCC.PWD Use of a hardcoded password HCC.USER Use of a hardcoded user name |
V-222648 (APSC-DV-003170) |
ABV.ANY_SIZE_ARRAY Buffer Overflow - Array Index Out of Bounds ABV.GENERAL Buffer Overflow - Array Index Out of Bounds ABV.GENERAL.MULTIDIMENSION Buffer Overflow - Array Index Out of Bounds ABV.ITERATOR Buffer Overflow - Array Index may be out of Bounds ABV.MEMBER Buffer Overflow - Array Index Out of Bounds ABV.NON_ARRAY Non-array object is used as an array ABV.STACK Buffer Overflow - Local Array Index Out of Bounds ABV.TAINTED Buffer Overflow from Unvalidated Input ABV.UNICODE.BOUND_MAP Buffer overflow in mapping character function ABV.UNICODE.FAILED_MAP Mapping function failed ABV.UNICODE.NNTS_MAP Buffer overflow in mapping character function ABV.UNKNOWN_SIZE Buffer Overflow - Array Index Out of Bounds CL.MLK Memory Leak - in destructor CL.MLK.ASSIGN Memory Leak - in assignment operator CL.MLK.VIRTUAL Memory Leak - possible in destructor CXX.FUNC.T2OLE.LOOP Do not call T2OLE or OLE2CT within a loop CXX.SQL.INJECT SQL Injection CXX.SUSPICIOUS_INDEX_CHECK Suspicious use of index after boundary check CXX.SUSPICIOUS_INDEX_CHECK.CALL Suspicious use of index in a function call after a boundary check CXX.SUSPICIOUS_INDEX_CHECK.ZERO Suspicious use of index after index check for zero INCORRECT.ALLOC_SIZE Incorrect Allocation Size LA_UNUSED Label unused LV_UNUSED.GEN Local variable unused MISRA.CAST.FLOAT Non-trivial float expression is cast to a wider type MISRA.CAST.FLOAT.WIDER Cast of floating point expression to a wider floating point type MISRA.CAST.FLOAT_INT Cast of floating point expression to integral type MISRA.CAST.FUNC_PTR Cast between a function pointer and a non-integral type MISRA.CAST.FUNC_PTR.2012 Conversion performed between a pointer to a function and another incompatible type MISRA.CAST.FUNC_PTR.CPP Cast converts function pointer to other pointer type MISRA.CAST.INCOMPLETE_PTR_TO_ANY.2012 Conversion performed between a pointer to an incomplete type and a different type MISRA.CAST.INT Non-trivial integer expression is cast to a wider type, or type with a different signedness MISRA.CAST.INT.SIGN Non-trivial integral expression is cast to type with different signedness MISRA.CAST.INT.WIDER Cast of integral expression to a wider integral type MISRA.CAST.INT_FLOAT Cast of integral expression to floating point type MISRA.CAST.INT_TO_PTR Object with integer type or pointer to void cast to pointer type MISRA.CAST.OBJ_PTR_TO_INT.2012 Conversion performed between a pointer to an object and an integer type MISRA.CAST.OBJ_PTR_TO_NON_INT.2012 A cast between a pointer to object and a non-integer arithmetic type MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012 Cast between a pointer to object type and a pointer to a different object type MISRA.CAST.POLY.TYPE Cast from a polymorphic base class to a derived class MISRA.CAST.PTR Cast between a pointer to object type and a different pointer to object type MISRA.CAST.PTR.UNRELATED Object of pointer type cast to unrelated type MISRA.CAST.PTR.VRCLASS A cast form pointer to a virtual base class to pointer to a derived class does not use 'dynamic_cast' MISRA.CAST.PTR_TO_INT Cast between a pointer and an integral type MISRA.CAST.UNSIGNED_BITS The result of bitwise operation on unsigned char or short is not cast back to original type MISRA.CAST.VOID_PTR_TO_INT.2012 Cast between a pointer to void and an arithmetic type MISRA.CAST.VOID_PTR_TO_OBJ_PTR.2012 Conversion performed from a pointer to void to a pointer to an object MISRA.SIGNED_CHAR.NOT_NUMERIC 'signed char' or 'unsigned char' is used for non-numeric value MISRA.UMINUS.UNSIGNED Operand of unary minus is unsigned MLK.MIGHT Memory Leak - possible MLK.MUST Memory Leak MLK.RET.MIGHT Memory Leak - possible MLK.RET.MUST Memory Leak NNTS.MIGHT Buffer Overflow - Non-null Terminated String NNTS.MUST Buffer Overflow - Non-null Terminated String NNTS.TAINTED Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String PRECISION.LOSS Loss of Precision PRECISION.LOSS.CALL Loss of Precision during function call PRECISION.LOSS.INIT Loss of Precision during initialization RABV.CHECK Suspicious use of index before boundary check SV.FMTSTR.GENERIC Format String Vulnerability SV.FMT_STR.BAD_SCAN_FORMAT Input format specifier error SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD Incompatible type of a print function parameter SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED Unexpected type of a print function parameter SV.FMT_STR.PRINT_IMPROP_LENGTH Improper use of length modifier in a print function call SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW Too few arguments in a print function call SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY Too many arguments in a print function call SV.FMT_STR.UNKWN_FORMAT Unknown format specifier in a print function call SV.STRBO.BOUND_COPY.OVERFLOW Buffer Overflow in Bound String Copy SV.STRBO.BOUND_COPY.UNTERM Possible Buffer Overflow in Following String Operations SV.STRBO.BOUND_SPRINTF Buffer Overflow in Bound sprintf SV.STRBO.UNBOUND_COPY Buffer Overflow in Unbound String Copy SV.STRBO.UNBOUND_SPRINTF Buffer Overflow in Unbound sprintf SV.TAINTED.ALLOC_SIZE Use of Unvalidated Integer in Memory Allocation SV.TAINTED.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.BINOP Use of Unvalidated Integer in Binary Operation SV.TAINTED.CALL.DEREF Dereference Of An Unvalidated Pointer SV.TAINTED.CALL.INDEX_ACCESS Use of Unvalidated Integer as Array Index by Function Call SV.TAINTED.CALL.LOOP_BOUND Use of Unvalidated Integer in Loop Condition through a Function Call SV.TAINTED.FMTSTR Use of Unvalidated Data in a Format String SV.TAINTED.INDEX_ACCESS Use of Unvalidated Integer as Array Index SV.TAINTED.INJECTION Command Injection SV.TAINTED.LOOP_BOUND Use of Unvalidated Integer in Loop Condition SV.TAINTED.PATH_TRAVERSAL Use of Unvalidated Data in a Path Traversal SV.TAINTED.SECURITY_DECISION Security Decision SV.TOCTOU.FILE_ACCESS Time of Creation/Time of Use Race condition in File Access SV.USAGERULES.PERMISSIONS Use of Privilege Elevation UNUSED.FUNC.GEN Function defined but not used UNUSED.FUNC.WARN Potential unused function VA_UNUSED.GEN Value is Never Used after Assignment VA_UNUSED.INIT Value is Never Used after Initialization |
V-222656 (APSC-DV-003235) |
CERT.EXIT.HANDLER_TERMINATE All exit handlers must return normally CWARN.PASSBYVALUE.EXC Exception object passed by value is too large CXX.ERRNO.INCORRECTLY_CHECKED Errno condition check not required after calling library function CXX.ERRNO.NOT_CHECKED Errno condition check is missing after calling library function CXX.ERRNO.NOT_SET Errno is not reset to zero before calling library function MISRA.CATCH.ALL No ellipsis exception handler in a try-catch block MISRA.CATCH.BY_VALUE Exception object of class type is caught by value MISRA.CATCH.NOALL Ellipsis exception handler is not the last one in a try-catch block MISRA.CATCH.WRONGORD Handler for a base exception class precedes to a handler for a derived exception class in a try-catch block MISRA.DECL.EXCPT.SPEC Function is declared with different exception specifications MISRA.THROW.EMPTY Empty throw expression does not belong to a catch block MISRA.THROW.NULL NULL is thrown explicitly MISRA.THROW.PTR Exception object is a pointer SV.INCORRECT_RESOURCE_HANDLING.URH Insecure Resource Handling SV.INCORRECT_RESOURCE_HANDLING.WRONG_STATUS Insecure Resource Handling SV.RVT.RETVAL_NOTTESTED Ignored Return Value |
V-222662 (APSC-DV-003280) |
HCC.PWD Use of a hardcoded password |
V-222667 (APSC-DV-003320) |
FMM.MIGHT Freeing Mismatched Memory - possible FMM.MUST Freeing Mismatched Memory INFINITE_LOOP.GLOBAL Infinite loop INFINITE_LOOP.LOCAL Infinite loop INFINITE_LOOP.MACRO Infinite loop SV.STR_PAR.UNDESIRED_STRING_PARAMETER Undesired String for File Path SV.TAINTED.ALLOC_SIZE Use of Unvalidated Integer in Memory Allocation |
V-254803 (APSC-DV-002010) |
RCA Risky cryptographic algorithm used RCA.HASH.SALT.EMPTY Use of a one-way hash with an empty salt SV.WEAK_CRYPTO.WEAK_HASH Weak Hash Function |
Support Summary:
- 28 rules
"MISRA", "MISRA C" and "MISRA C++" are registered trademarks of The MISRA Consortium Limited.