Main Content
Common Weakness Enumeration (CWE)
List and description of CWE security standard rules supported by Polyspace®
Common Weakness Enumeration (CWE™) is a list of software weakness types that can occur in software architecture, design, code, or implementation. These weaknesses can lead to security vulnerabilities.
Polyspace can check your code against subsets of the CWE list including subsets
or weaknesses that are specific to C or C++ code. To activate subsets of the CWE
list, use analysis option Check CWE
(-cwe). Polyspace supports version 4.12
of the
CWE standard.
Polyspace Results
CWE Rules
CWE Rule 14 | Compiler Removal of Code to Clear Buffers (Since R2023a) |
CWE Rule 15 | External Control of System or Configuration Setting (Since R2024a) |
CWE Rule 20 | Improper Input Validation (Since R2024a) |
CWE Rule 22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (Since R2024a) |
CWE Rule 23 | Relative Path Traversal (Since R2024a) |
CWE Rule 36 | Absolute Path Traversal (Since R2024a) |
CWE Rule 67 | Improper Handling of Windows Device Names (Since R2024a) |
CWE Rule 77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') (Since R2024a) |
CWE Rule 78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (Since R2024a) |
CWE Rule 88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (Since R2024a) |
CWE Rule 114 | Process Control (Since R2024a) |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (Since R2023a) |
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (Since R2023a) |
CWE Rule 121 | Stack-based Buffer Overflow (Since R2023a) |
CWE Rule 122 | Heap-based Buffer Overflow (Since R2023a) |
CWE Rule 123 | Write-what-where Condition (Since R2023a) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (Since R2023a) |
CWE Rule 125 | Out-of-bounds Read (Since R2023a) |
CWE Rule 126 | Buffer Over-read (Since R2023a) |
CWE Rule 127 | Buffer Under-read (Since R2023a) |
CWE Rule 128 | Wrap-around Error (Since R2023a) |
CWE Rule 129 | Improper Validation of Array Index (Since R2023a) |
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (Since R2023a) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (Since R2023a) |
CWE Rule 134 | Use of Externally-Controlled Format String (Since R2023a) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (Since R2023a) |
CWE Rule 170 | Improper Null Termination (Since R2023a) |
CWE Rule 188 | Reliance on Data/Memory Layout (Since R2023a) |
CWE Rule 190 | Integer Overflow or Wraparound (Since R2024a) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (Since R2023a) |
CWE Rule 192 | Integer Coercion Error (Since R2023a) |
CWE Rule 194 | Unexpected Sign Extension (Since R2023a) |
CWE Rule 195 | Signed to Unsigned Conversion Error (Since R2023a) |
CWE Rule 196 | Unsigned to Signed Conversion Error (Since R2023a) |
CWE Rule 197 | Numeric Truncation Error (Since R2023a) |
CWE Rule 198 | Use of Incorrect Byte Ordering (Since R2024a) |
CWE Rule 226 | Sensitive Information in Resource Not Removed Before Reuse (Since R2024a) |
CWE Rule 240 | Improper Handling of Inconsistent Structural Elements (Since R2024a) |
CWE Rule 242 | Use of Inherently Dangerous Function (Since R2023a) |
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (Since R2023a) |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (Since R2023a) |
CWE Rule 248 | Uncaught Exception (Since R2023a) |
CWE Rule 250 | Execution with Unnecessary Privileges (Since R2024a) |
CWE Rule 252 | Unchecked Return Value (Since R2023a) |
CWE Rule 253 | Incorrect Check of Function Return Value (Since R2023a) |
CWE Rule 273 | Improper Check for Dropped Privileges (Since R2024a) |
CWE Rule 287 | Improper Authentication (Since R2024a) |
CWE Rule 297 | Improper Validation of Certificate with Host Mismatch (Since R2024a) |
CWE Rule 304 | Missing Critical Step in Authentication (Since R2024a) |
CWE Rule 311 | Missing Encryption of Sensitive Data (Since R2023b) |
CWE Rule 312 | Cleartext Storage of Sensitive Information (Since R2023a) |
CWE Rule 316 | Cleartext Storage of Sensitive Information in Memory (Since R2024a) |
CWE Rule 319 | Cleartext Transmission of Sensitive Information (Since R2023b) |
CWE Rule 321 | Use of Hard-coded Cryptographic Key (Since R2023b) |
CWE Rule 322 | Key Exchange without Entity Authentication (Since R2024a) |
CWE Rule 325 | Missing Cryptographic Step (Since R2024a) |
CWE Rule 326 | Inadequate Encryption Strength (Since R2024a) |
CWE Rule 327 | Use of a Broken or Risky Cryptographic Algorithm (Since R2024a) |
CWE Rule 328 | Use of Weak Hash (Since R2024a) |
CWE Rule 329 | Generation of Predictable IV with CBC Mode (Since R2024a) |
CWE Rule 330 | Use of Insufficiently Random Values (Since R2024a) |
CWE Rule 335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) (Since R2023a) |
CWE Rule 336 | Same Seed in Pseudo-Random Number Generator (PRNG) (Since R2024a) |
CWE Rule 337 | Predictable Seed in Pseudo-Random Number Generator (PRNG) (Since R2024a) |
CWE Rule 338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (Since R2023a) |
CWE Rule 353 | Missing Support for Integrity Check (Since R2023a) |
CWE Rule 354 | Improper Validation of Integrity Check Value (Since R2024a) |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (Since R2023a) |
CWE Rule 364 | Signal Handler Race Condition (Since R2023a) |
CWE Rule 366 | Race Condition within a Thread (Since R2023a) |
CWE Rule 367 | Time-of-check Time-of-use (TOCTOU) Race Condition (Since R2024a) |
CWE Rule 369 | Divide By Zero (Since R2023a) |
CWE Rule 372 | Incomplete Internal State Distinction (Since R2024a) |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method (Since R2023b) |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (Since R2023a) |
CWE Rule 377 | Insecure Temporary File (Since R2024a) |
CWE Rule 391 | Unchecked Error Condition (Since R2024a) |
CWE Rule 396 | Declaration of Catch for Generic Exception (Since R2023a) |
CWE Rule 397 | Declaration of Throws for Generic Exception (Since R2023a) |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime (Since R2023a) |
CWE Rule 404 | Improper Resource Shutdown or Release (Since R2024a) |
CWE Rule 413 | Improper Resource Locking (Since R2023a) |
CWE Rule 415 | Double Free (Since R2023a) |
CWE Rule 416 | Use After Free (Since R2023a) |
CWE Rule 426 | Untrusted Search Path (Since R2024a) |
CWE Rule 427 | Uncontrolled Search Path Element (Since R2024a) |
CWE Rule 456 | Missing Initialization of a Variable (Since R2024a) |
CWE Rule 457 | Use of Uninitialized Variable (Since R2023a) |
CWE Rule 460 | Improper Cleanup on Thrown Exception (Since R2023a) |
CWE Rule 463 | Deletion of Data Structure Sentinel (Since R2023a) |
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (Since R2023a) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (Since R2023a) |
CWE Rule 468 | Incorrect Pointer Scaling (Since R2023a) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (Since R2023a) |
CWE Rule 471 | Modification of Assumed-Immutable Data (MAID) (Since R2024a) |
CWE Rule 474 | Use of Function with Inconsistent Implementations (Since R2023a) |
CWE Rule 475 | Undefined Behavior for Input to API (Since R2024a) |
CWE Rule 476 | NULL Pointer Dereference (Since R2023a) |
CWE Rule 477 | Use of Obsolete Function (Since R2023a) |
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (Since R2023a) |
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (Since R2023a) |
CWE Rule 480 | Use of Incorrect Operator (Since R2023a) |
CWE Rule 481 | Assigning instead of Comparing (Since R2023a) |
CWE Rule 482 | Comparing instead of Assigning (Since R2023a) |
CWE Rule 483 | Incorrect Block Delimitation (Since R2023a) |
CWE Rule 484 | Omitted Break Statement in Switch (Since R2023a) |
CWE Rule 489 | Active Debug Code (Since R2023a) |
CWE Rule 493 | Critical Public Variable Without Final Modifier (Since R2023b) |
CWE Rule 495 | Private Data Structure Returned From A Public Method (Since R2023a) |
CWE Rule 496 | Public Data Assigned to Private Array-Typed Field (Since R2023b) |
CWE Rule 498 | Cloneable class containing sensitive information (Since R2023b) |
CWE Rule 500 | Public Static Field Not Marked Final (Since R2023a) |
CWE Rule 522 | Insufficiently Protected Credentials (Since R2023a) |
CWE Rule 532 | Insertion of Sensitive Information into Log File (Since R2024a) |
CWE Rule 535 | Exposure of Information Through Shell Error Message (Since R2024a) |
CWE Rule 543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context (Since R2024a) |
CWE Rule 547 | Use of Hard-coded, Security-relevant Constants (Since R2023a) |
CWE Rule 558 | Use of getlogin() in Multithreaded Application (Since R2023a) |
CWE Rule 560 | Use of umask() with chmod-style Argument (Since R2023a) |
CWE Rule 561 | Dead Code (Since R2023a) |
CWE Rule 562 | Return of Stack Variable Address (Since R2023a) |
CWE Rule 563 | Assignment to Variable without Use (Since R2023a) |
CWE Rule 570 | Expression is Always False (Since R2023a) |
CWE Rule 571 | Expression is Always True (Since R2023a) |
CWE Rule 573 | Improper Following of Specification by Caller (Since R2024a) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (Since R2023a) |
CWE Rule 590 | Free of Memory not on the Heap (Since R2024a) |
CWE Rule 606 | Unchecked Input for Loop Condition (Since R2023b) |
CWE Rule 617 | Reachable Assertion (Since R2023a) |
CWE Rule 628 | Function Call with Incorrectly Specified Arguments (Since R2024a) |
CWE Rule 663 | Use of a Non-reentrant Function in a Concurrent Context (Since R2024a) |
CWE Rule 664 | Improper Control of a Resource Through its Lifetime (Since R2024a) |
CWE Rule 665 | Improper Initialization (Since R2024a) |
CWE Rule 666 | Operation on Resource in Wrong Phase of Lifetime (Since R2024a) |
CWE Rule 667 | Improper Locking (Since R2024a) |
CWE Rule 672 | Operation on a Resource after Expiration or Release (Since R2024a) |
CWE Rule 674 | Uncontrolled Recursion (Since R2024a) |
CWE Rule 675 | Multiple Operations on Resource in Single-Operation Context (Since R2024a) |
CWE Rule 676 | Use of Potentially Dangerous Function (Since R2023a) |
CWE Rule 681 | Incorrect Conversion between Numeric Types (Since R2024a) |
CWE Rule 682 | Incorrect Calculation (Since R2024a) |
CWE Rule 683 | Function Call With Incorrect Order of Arguments (Since R2023b) |
CWE Rule 685 | Function Call With Incorrect Number of Arguments (Since R2023a) |
CWE Rule 686 | Function Call With Incorrect Argument Type (Since R2023b) |
CWE Rule 687 | Function Call With Incorrectly Specified Argument Value (Since R2023b) |
CWE Rule 688 | Function Call With Incorrect Variable or Reference as Argument (Since R2023b) |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference (Since R2023a) |
CWE Rule 691 | Insufficient Control Flow Management (Since R2024a) |
CWE Rule 693 | Protection Mechanism Failure (Since R2024a) |
CWE Rule 696 | Incorrect Behavior Order (Since R2024a) |
CWE Rule 703 | Improper Check or Handling of Exceptional Conditions (Since R2024a) |
CWE Rule 704 | Incorrect Type Conversion or Cast (Since R2023a) |
CWE Rule 705 | Incorrect Control Flow Scoping (Since R2024a) |
CWE Rule 710 | Improper Adherence to Coding Standards (Since R2024a) |
CWE Rule 732 | Incorrect Permission Assignment for Critical Resource (Since R2024a) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (Since R2023a) |
CWE Rule 754 | Improper Check for Unusual or Exceptional Conditions (Since R2024a) |
CWE Rule 755 | Improper Handling of Exceptional Conditions (Since R2024a) |
CWE Rule 758 | Reliance on Undefined, Unspecified, or Implementation-Defined Behavior (Since R2024a) |
CWE Rule 759 | Use of a One-Way Hash without a Salt (Since R2024a) |
CWE Rule 762 | Mismatched Memory Management Routines (Since R2023a) |
CWE Rule 763 | Release of Invalid Pointer or Reference (Since R2023a) |
CWE Rule 764 | Multiple Locks of a Critical Resource (Since R2024a) |
CWE Rule 765 | Multiple Unlocks of a Critical Resource (Since R2024a) |
CWE Rule 766 | Critical Data Element Declared Public (Since R2023a) |
CWE Rule 767 | Access to Critical Private Variable via Public Method (Since R2023a) |
CWE Rule 770 | Allocation of Resources Without Limits or Throttling (Since R2024a) |
CWE Rule 772 | Missing Release of Resource after Effective Lifetime (Since R2024a) |
CWE Rule 780 | Use of RSA Algorithm without OAEP (Since R2024a) |
CWE Rule 783 | Operator Precedence Logic Error (Since R2023a) |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer (Since R2023a) |
CWE Rule 786 | Access of Memory Location Before Start of Buffer (Since R2024a) |
CWE Rule 787 | Out-of-bounds Write (Since R2023a) |
CWE Rule 789 | Memory Allocation with Excessive Size Value (Since R2023a) |
CWE Rule 798 | Use of Hard-coded Credentials (Since R2023a) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (Since R2023a) |
CWE Rule 806 | Buffer Access Using Size of Source Buffer (Since R2023a) |
CWE Rule 822 | Untrusted Pointer Dereference (Since R2023b) |
CWE Rule 823 | Use of Out-of-range Pointer Offset (Since R2024a) |
CWE Rule 824 | Access of Uninitialized Pointer (Since R2023a) |
CWE Rule 825 | Expired Pointer Dereference (Since R2023a) |
CWE Rule 826 | Premature Release of Resource During Expected Lifetime (Since R2024a) |
CWE Rule 828 | Signal Handler with Functionality that is not Asynchronous-Safe (Since R2024a) |
CWE Rule 832 | Unlock of a Resource that is not Locked (Since R2024a) |
CWE Rule 833 | Deadlock (Since R2024a) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (Since R2023a) |
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (Since R2023a) |
CWE Rule 908 | Use of Uninitialized Resource (Since R2024a) |
CWE Rule 910 | Use of Expired File Descriptor (Since R2023a) |
CWE Rule 922 | Insecure Storage of Sensitive Information (Since R2023a) |
CWE Rule 1071 | Empty code block (Since R2023a) |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer (Since R2023a) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (Since R2023a) |
CWE Rules Specific to C and C++ (CWE 658 and CWE 659)
CWE-658
CWE Rule 14 | Compiler Removal of Code to Clear Buffers (Since R2023a) |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (Since R2023a) |
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (Since R2023a) |
CWE Rule 121 | Stack-based Buffer Overflow (Since R2023a) |
CWE Rule 122 | Heap-based Buffer Overflow (Since R2023a) |
CWE Rule 123 | Write-what-where Condition (Since R2023a) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (Since R2023a) |
CWE Rule 125 | Out-of-bounds Read (Since R2023a) |
CWE Rule 126 | Buffer Over-read (Since R2023a) |
CWE Rule 127 | Buffer Under-read (Since R2023a) |
CWE Rule 128 | Wrap-around Error (Since R2023a) |
CWE Rule 129 | Improper Validation of Array Index (Since R2023a) |
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (Since R2023a) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (Since R2023a) |
CWE Rule 134 | Use of Externally-Controlled Format String (Since R2023a) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (Since R2023a) |
CWE Rule 170 | Improper Null Termination (Since R2023a) |
CWE Rule 188 | Reliance on Data/Memory Layout (Since R2023a) |
CWE Rule
190 | Integer Overflow or Wraparound (Since R2024a) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (Since R2023a) |
CWE Rule 192 | Integer Coercion Error (Since R2023a) |
CWE Rule 194 | Unexpected Sign Extension (Since R2023a) |
CWE Rule 195 | Signed to Unsigned Conversion Error (Since R2023a) |
CWE Rule 196 | Unsigned to Signed Conversion Error (Since R2023a) |
CWE Rule 197 | Numeric Truncation Error (Since R2023a) |
CWE Rule 242 | Use of Inherently Dangerous Function (Since R2023a) |
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (Since R2023a) |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (Since R2023a) |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (Since R2023a) |
CWE Rule 364 | Signal Handler Race Condition (Since R2023a) |
CWE Rule 366 | Race Condition within a Thread (Since R2023a) |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method (Since R2023b) |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (Since R2023a) |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime (Since R2023a) |
CWE Rule 415 | Double Free (Since R2023a) |
CWE Rule 416 | Use After Free (Since R2023a) |
CWE Rule 457 | Use of Uninitialized Variable (Since R2023a) |
CWE Rule 460 | Improper Cleanup on Thrown Exception (Since R2023a) |
CWE Rule 463 | Deletion of Data Structure Sentinel (Since R2023a) |
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (Since R2023a) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (Since R2023a) |
CWE Rule 468 | Incorrect Pointer Scaling (Since R2023a) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (Since R2023a) |
CWE Rule 474 | Use of Function with Inconsistent Implementations (Since R2023a) |
CWE Rule 476 | NULL Pointer Dereference (Since R2023a) |
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (Since R2023a) |
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (Since R2023a) |
CWE Rule 480 | Use of Incorrect Operator (Since R2023a) |
CWE Rule 481 | Assigning instead of Comparing (Since R2023a) |
CWE Rule 482 | Comparing instead of Assigning (Since R2023a) |
CWE Rule 483 | Incorrect Block Delimitation (Since R2023a) |
CWE Rule 484 | Omitted Break Statement in Switch (Since R2023a) |
CWE Rule 495 | Private Data Structure Returned From A Public Method (Since R2023a) |
CWE Rule 496 | Public Data Assigned to Private Array-Typed Field (Since R2023b) |
CWE Rule 558 | Use of getlogin() in Multithreaded Application (Since R2023a) |
CWE Rule 560 | Use of umask() with chmod-style Argument (Since R2023a) |
CWE Rule 562 | Return of Stack Variable Address (Since R2023a) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (Since R2023a) |
CWE Rule 676 | Use of Potentially Dangerous Function (Since R2023a) |
CWE Rule 685 | Function Call With Incorrect Number of Arguments (Since R2023a) |
CWE Rule 688 | Function Call With Incorrect Variable or Reference as Argument (Since R2023b) |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference (Since R2023a) |
CWE Rule 704 | Incorrect Type Conversion or Cast (Since R2023a) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (Since R2023a) |
CWE Rule 762 | Mismatched Memory Management Routines (Since R2023a) |
CWE Rule 783 | Operator Precedence Logic Error (Since R2023a) |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer (Since R2023a) |
CWE Rule 787 | Out-of-bounds Write (Since R2023a) |
CWE Rule 789 | Memory Allocation with Excessive Size Value (Since R2023a) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (Since R2023a) |
CWE Rule 806 | Buffer Access Using Size of Source Buffer (Since R2023a) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (Since R2023a) |
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (Since R2023a) |
CWE Rule 910 | Use of Expired File Descriptor (Since R2023a) |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer (Since R2023a) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (Since R2023a) |
CWE-659
CWE Rule 14 | Compiler Removal of Code to Clear Buffers (Since R2023a) |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (Since R2023a) |
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (Since R2023a) |
CWE Rule 121 | Stack-based Buffer Overflow (Since R2023a) |
CWE Rule 122 | Heap-based Buffer Overflow (Since R2023a) |
CWE Rule 123 | Write-what-where Condition (Since R2023a) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (Since R2023a) |
CWE Rule 125 | Out-of-bounds Read (Since R2023a) |
CWE Rule 126 | Buffer Over-read (Since R2023a) |
CWE Rule 127 | Buffer Under-read (Since R2023a) |
CWE Rule 128 | Wrap-around Error (Since R2023a) |
CWE Rule 129 | Improper Validation of Array Index (Since R2023a) |
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (Since R2023a) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (Since R2023a) |
CWE Rule 134 | Use of Externally-Controlled Format String (Since R2023a) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (Since R2023a) |
CWE Rule 170 | Improper Null Termination (Since R2023a) |
CWE Rule 188 | Reliance on Data/Memory Layout (Since R2023a) |
CWE Rule
190 | Integer Overflow or Wraparound (Since R2024a) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (Since R2023a) |
CWE Rule 192 | Integer Coercion Error (Since R2023a) |
CWE Rule 194 | Unexpected Sign Extension (Since R2023a) |
CWE Rule 195 | Signed to Unsigned Conversion Error (Since R2023a) |
CWE Rule 196 | Unsigned to Signed Conversion Error (Since R2023a) |
CWE Rule 197 | Numeric Truncation Error (Since R2023a) |
CWE Rule 242 | Use of Inherently Dangerous Function (Since R2023a) |
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (Since R2023a) |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (Since R2023a) |
CWE Rule 248 | Uncaught Exception (Since R2023a) |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (Since R2023a) |
CWE Rule 364 | Signal Handler Race Condition (Since R2023a) |
CWE Rule 366 | Race Condition within a Thread (Since R2023a) |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method (Since R2023b) |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (Since R2023a) |
CWE Rule 396 | Declaration of Catch for Generic Exception (Since R2023a) |
CWE Rule 397 | Declaration of Throws for Generic Exception (Since R2023a) |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime (Since R2023a) |
CWE Rule 415 | Double Free (Since R2023a) |
CWE Rule 416 | Use After Free (Since R2023a) |
CWE Rule 457 | Use of Uninitialized Variable (Since R2023a) |
CWE Rule 460 | Improper Cleanup on Thrown Exception (Since R2023a) |
CWE Rule 463 | Deletion of Data Structure Sentinel (Since R2023a) |
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (Since R2023a) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (Since R2023a) |
CWE Rule 468 | Incorrect Pointer Scaling (Since R2023a) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (Since R2023a) |
CWE Rule 476 | NULL Pointer Dereference (Since R2023a) |
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (Since R2023a) |
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (Since R2023a) |
CWE Rule 480 | Use of Incorrect Operator (Since R2023a) |
CWE Rule 481 | Assigning instead of Comparing (Since R2023a) |
CWE Rule 482 | Comparing instead of Assigning (Since R2023a) |
CWE Rule 483 | Incorrect Block Delimitation (Since R2023a) |
CWE Rule 484 | Omitted Break Statement in Switch (Since R2023a) |
CWE Rule 493 | Critical Public Variable Without Final Modifier (Since R2023b) |
CWE Rule 495 | Private Data Structure Returned From A Public Method (Since R2023a) |
CWE Rule 496 | Public Data Assigned to Private Array-Typed Field (Since R2023b) |
CWE Rule 498 | Cloneable class containing sensitive information (Since R2023b) |
CWE Rule 500 | Public Static Field Not Marked Final (Since R2023a) |
CWE Rule 543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context (Since R2024a) |
CWE Rule 558 | Use of getlogin() in Multithreaded Application (Since R2023a) |
CWE Rule 562 | Return of Stack Variable Address (Since R2023a) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (Since R2023a) |
CWE Rule 676 | Use of Potentially Dangerous Function (Since R2023a) |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference (Since R2023a) |
CWE Rule 704 | Incorrect Type Conversion or Cast (Since R2023a) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (Since R2023a) |
CWE Rule 762 | Mismatched Memory Management Routines (Since R2023a) |
CWE Rule 766 | Critical Data Element Declared Public (Since R2023a) |
CWE Rule 767 | Access to Critical Private Variable via Public Method (Since R2023a) |
CWE Rule 783 | Operator Precedence Logic Error (Since R2023a) |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer (Since R2023a) |
CWE Rule 787 | Out-of-bounds Write (Since R2023a) |
CWE Rule 789 | Memory Allocation with Excessive Size Value (Since R2023a) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (Since R2023a) |
CWE Rule 806 | Buffer Access Using Size of Source Buffer (Since R2023a) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (Since R2023a) |
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (Since R2023a) |
CWE Rule 910 | Use of Expired File Descriptor (Since R2023a) |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer (Since R2023a) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (Since R2023a) |
CWE Rules by Category
API / Function Errors
CWE Rule 242 | Use of Inherently Dangerous Function (Since R2023a) |
CWE Rule 474 | Use of Function with Inconsistent Implementations (Since R2023a) |
CWE Rule 475 | Undefined Behavior for Input to API (Since R2024a) |
CWE Rule 477 | Use of Obsolete Function (Since R2023a) |
CWE Rule 676 | Use of Potentially Dangerous Function (Since R2023a) |
Bad Coding Practices
CWE Rule 478 | Missing Default Case in Multiple Condition Expression (Since R2023a) |
CWE Rule 489 | Active Debug Code (Since R2023a) |
CWE Rule 547 | Use of Hard-coded, Security-relevant Constants (Since R2023a) |
CWE Rule 561 | Dead Code (Since R2023a) |
CWE Rule 562 | Return of Stack Variable Address (Since R2023a) |
CWE Rule 563 | Assignment to Variable without Use (Since R2023a) |
CWE Rule 628 | Function Call with Incorrectly Specified Arguments (Since R2024a) |
CWE Rule 1071 | Empty code block (Since R2023a) |
Behavioral Problems
CWE Rule 480 | Use of Incorrect Operator (Since R2023a) |
CWE Rule 483 | Incorrect Block Delimitation (Since R2023a) |
CWE Rule 484 | Omitted Break Statement in Switch (Since R2023a) |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code (Since R2023a) |
CWE Rule 783 | Operator Precedence Logic Error (Since R2023a) |
Concurrency Issues
CWE Rule 366 | Race Condition within a Thread (Since R2023a) |
CWE Rule 367 | Time-of-check Time-of-use (TOCTOU) Race Condition (Since R2024a) |
CWE Rule 663 | Use of a Non-reentrant Function in a Concurrent Context (Since R2024a) |
Credentials Management Errors
CWE Rule 798 | Use of Hard-coded Credentials (Since R2023a) |
Cryptographic Issues
CWE Rule 325 | Missing Cryptographic Step (Since R2024a) |
CWE Rule 328 | Use of Weak Hash (Since R2024a) |
Data Integrity Issues
CWE Rule 353 | Missing Support for Integrity Check (Since R2023a) |
CWE Rule 354 | Improper Validation of Integrity Check Value (Since R2024a) |
Data Neutralization Issues
CWE Rule 78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (Since R2024a) |
CWE Rule 170 | Improper Null Termination (Since R2023a) |
CWE Rule 188 | Reliance on Data/Memory Layout (Since R2023a) |
CWE Rule 463 | Deletion of Data Structure Sentinel (Since R2023a) |
Data Processing Errors
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency (Since R2023a) |
Data Validation Issues
CWE Rule 129 | Improper Validation of Array Index (Since R2023a) |
CWE Rule 606 | Unchecked Input for Loop Condition (Since R2023b) |
Error Conditions, Return Values, Status Codes
CWE Rule 248 | Uncaught Exception (Since R2023a) |
CWE Rule 252 | Unchecked Return Value (Since R2023a) |
CWE Rule 253 | Incorrect Check of Function Return Value (Since R2023a) |
CWE Rule 391 | Unchecked Error Condition (Since R2024a) |
CWE Rule 396 | Declaration of Catch for Generic Exception (Since R2023a) |
CWE Rule 397 | Declaration of Throws for Generic Exception (Since R2023a) |
CWE Rule 617 | Reachable Assertion (Since R2023a) |
Expression Issues
CWE Rule 570 | Expression is Always False (Since R2023a) |
CWE Rule 571 | Expression is Always True (Since R2023a) |
File Handling Issues
CWE Rule 22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (Since R2024a) |
CWE Rule 426 | Untrusted Search Path (Since R2024a) |
CWE Rule 427 | Uncontrolled Search Path Element (Since R2024a) |
Handler Errors
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function (Since R2023a) |
Information Management Errors
CWE Rule 312 | Cleartext Storage of Sensitive Information (Since R2023a) |
CWE Rule 319 | Cleartext Transmission of Sensitive Information (Since R2023b) |
CWE Rule 321 | Use of Hard-coded Cryptographic Key (Since R2023b) |
Initialization and Cleanup Errors
CWE Rule 460 | Improper Cleanup on Thrown Exception (Since R2023a) |
Key Management Errors
CWE Rule 322 | Key Exchange without Entity Authentication (Since R2024a) |
Memory Buffer Errors
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (Since R2023a) |
CWE Rule 123 | Write-what-where Condition (Since R2023a) |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') (Since R2023a) |
CWE Rule 125 | Out-of-bounds Read (Since R2023a) |
CWE Rule 131 | Incorrect Calculation of Buffer Size (Since R2023a) |
CWE Rule 786 | Access of Memory Location Before Start of Buffer (Since R2024a) |
CWE Rule 787 | Out-of-bounds Write (Since R2023a) |
CWE Rule 805 | Buffer Access with Incorrect Length Value (Since R2023a) |
Numeric Errors
CWE Rule 128 | Wrap-around Error (Since R2023a) |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) (Since R2023a) |
CWE Rule 192 | Integer Coercion Error (Since R2023a) |
CWE Rule 197 | Numeric Truncation Error (Since R2023a) |
CWE Rule 369 | Divide By Zero (Since R2023a) |
CWE Rule 681 | Incorrect Conversion between Numeric Types (Since R2024a) |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check (Since R2023a) |
Others
CWE Rule 14 | Compiler Removal of Code to Clear Buffers (Since R2023a) |
CWE Rule 20 | Improper Input Validation (Since R2024a) |
CWE Rule 23 | Relative Path Traversal (Since R2024a) |
CWE Rule 36 | Absolute Path Traversal (Since R2024a) |
CWE Rule 67 | Improper Handling of Windows Device Names (Since R2024a) |
CWE Rule 77 | Improper Neutralization of Special Elements used in a Command ('Command Injection') (Since R2024a) |
CWE Rule 88 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (Since R2024a) |
CWE Rule 114 | Process Control (Since R2024a) |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer (Since R2023a) |
CWE Rule 121 | Stack-based Buffer Overflow (Since R2023a) |
CWE Rule 122 | Heap-based Buffer Overflow (Since R2023a) |
CWE Rule 126 | Buffer Over-read (Since R2023a) |
CWE Rule 127 | Buffer Under-read (Since R2023a) |
CWE Rule
190 | Integer Overflow or Wraparound (Since R2024a) |
CWE Rule 194 | Unexpected Sign Extension (Since R2023a) |
CWE Rule 195 | Signed to Unsigned Conversion Error (Since R2023a) |
CWE Rule 196 | Unsigned to Signed Conversion Error (Since R2023a) |
CWE Rule 198 | Use of Incorrect Byte Ordering (Since R2024a) |
CWE Rule 226 | Sensitive Information in Resource Not Removed Before Reuse (Since R2024a) |
CWE Rule 240 | Improper Handling of Inconsistent Structural Elements (Since R2024a) |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') (Since R2023a) |
CWE Rule 287 | Improper Authentication (Since R2024a) |
CWE Rule 297 | Improper Validation of Certificate with Host Mismatch (Since R2024a) |
CWE Rule 304 | Missing Critical Step in Authentication (Since R2024a) |
CWE Rule 311 | Missing Encryption of Sensitive Data (Since R2023b) |
CWE Rule 316 | Cleartext Storage of Sensitive Information in Memory (Since R2024a) |
CWE Rule 326 | Inadequate Encryption Strength (Since R2024a) |
CWE Rule 327 | Use of a Broken or Risky Cryptographic Algorithm (Since R2024a) |
CWE Rule 329 | Generation of Predictable IV with CBC Mode (Since R2024a) |
CWE Rule 330 | Use of Insufficiently Random Values (Since R2024a) |
CWE Rule 336 | Same Seed in Pseudo-Random Number Generator (PRNG) (Since R2024a) |
CWE Rule 337 | Predictable Seed in Pseudo-Random Number Generator (PRNG) (Since R2024a) |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (Since R2023a) |
CWE Rule 377 | Insecure Temporary File (Since R2024a) |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime (Since R2023a) |
CWE Rule 404 | Improper Resource Shutdown or Release (Since R2024a) |
CWE Rule 415 | Double Free (Since R2023a) |
CWE Rule 416 | Use After Free (Since R2023a) |
CWE Rule 456 | Missing Initialization of a Variable (Since R2024a) |
CWE Rule 457 | Use of Uninitialized Variable (Since R2023a) |
CWE Rule 471 | Modification of Assumed-Immutable Data (MAID) (Since R2024a) |
CWE Rule 481 | Assigning instead of Comparing (Since R2023a) |
CWE Rule 482 | Comparing instead of Assigning (Since R2023a) |
CWE Rule 493 | Critical Public Variable Without Final Modifier (Since R2023b) |
CWE Rule 495 | Private Data Structure Returned From A Public Method (Since R2023a) |
CWE Rule 496 | Public Data Assigned to Private Array-Typed Field (Since R2023b) |
CWE Rule 498 | Cloneable class containing sensitive information (Since R2023b) |
CWE Rule 500 | Public Static Field Not Marked Final (Since R2023a) |
CWE Rule 522 | Insufficiently Protected Credentials (Since R2023a) |
CWE Rule 532 | Insertion of Sensitive Information into Log File (Since R2024a) |
CWE Rule 535 | Exposure of Information Through Shell Error Message (Since R2024a) |
CWE Rule 543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context (Since R2024a) |
CWE Rule 558 | Use of getlogin() in Multithreaded Application (Since R2023a) |
CWE Rule 560 | Use of umask() with chmod-style Argument (Since R2023a) |
CWE Rule 573 | Improper Following of Specification by Caller (Since R2024a) |
CWE Rule 590 | Free of Memory not on the Heap (Since R2024a) |
CWE Rule 664 | Improper Control of a Resource Through its Lifetime (Since R2024a) |
CWE Rule 665 | Improper Initialization (Since R2024a) |
CWE Rule 666 | Operation on Resource in Wrong Phase of Lifetime (Since R2024a) |
CWE Rule 667 | Improper Locking (Since R2024a) |
CWE Rule 672 | Operation on a Resource after Expiration or Release (Since R2024a) |
CWE Rule 674 | Uncontrolled Recursion (Since R2024a) |
CWE Rule 675 | Multiple Operations on Resource in Single-Operation Context (Since R2024a) |
CWE Rule 682 | Incorrect Calculation (Since R2024a) |
CWE Rule 683 | Function Call With Incorrect Order of Arguments (Since R2023b) |
CWE Rule 685 | Function Call With Incorrect Number of Arguments (Since R2023a) |
CWE Rule 686 | Function Call With Incorrect Argument Type (Since R2023b) |
CWE Rule 687 | Function Call With Incorrectly Specified Argument Value (Since R2023b) |
CWE Rule 688 | Function Call With Incorrect Variable or Reference as Argument (Since R2023b) |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference (Since R2023a) |
CWE Rule 691 | Insufficient Control Flow Management (Since R2024a) |
CWE Rule 693 | Protection Mechanism Failure (Since R2024a) |
CWE Rule 696 | Incorrect Behavior Order (Since R2024a) |
CWE Rule 703 | Improper Check or Handling of Exceptional Conditions (Since R2024a) |
CWE Rule 704 | Incorrect Type Conversion or Cast (Since R2023a) |
CWE Rule 705 | Incorrect Control Flow Scoping (Since R2024a) |
CWE Rule 710 | Improper Adherence to Coding Standards (Since R2024a) |
CWE Rule 732 | Incorrect Permission Assignment for Critical Resource (Since R2024a) |
CWE Rule 754 | Improper Check for Unusual or Exceptional Conditions (Since R2024a) |
CWE Rule 755 | Improper Handling of Exceptional Conditions (Since R2024a) |
CWE Rule 758 | Reliance on Undefined, Unspecified, or Implementation-Defined Behavior (Since R2024a) |
CWE Rule 759 | Use of a One-Way Hash without a Salt (Since R2024a) |
CWE Rule 762 | Mismatched Memory Management Routines (Since R2023a) |
CWE Rule 780 | Use of RSA Algorithm without OAEP (Since R2024a) |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer (Since R2023a) |
CWE Rule 789 | Memory Allocation with Excessive Size Value (Since R2023a) |
CWE Rule 806 | Buffer Access Using Size of Source Buffer (Since R2023a) |
CWE Rule 828 | Signal Handler with Functionality that is not Asynchronous-Safe (Since R2024a) |
CWE Rule 922 | Insecure Storage of Sensitive Information (Since R2023a) |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer (Since R2023a) |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle (Since R2023a) |
Permission Issues
CWE Rule 766 | Critical Data Element Declared Public (Since R2023a) |
CWE Rule 767 | Access to Critical Private Variable via Public Method (Since R2023a) |
Pointer Issues
CWE Rule 466 | Return of Pointer Value Outside of Expected Range (Since R2023a) |
CWE Rule 467 | Use of sizeof() on a Pointer Type (Since R2023a) |
CWE Rule 468 | Incorrect Pointer Scaling (Since R2023a) |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size (Since R2023a) |
CWE Rule 476 | NULL Pointer Dereference (Since R2023a) |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer (Since R2023a) |
CWE Rule 763 | Release of Invalid Pointer or Reference (Since R2023a) |
CWE Rule 822 | Untrusted Pointer Dereference (Since R2023b) |
CWE Rule 823 | Use of Out-of-range Pointer Offset (Since R2024a) |
CWE Rule 824 | Access of Uninitialized Pointer (Since R2023a) |
CWE Rule 825 | Expired Pointer Dereference (Since R2023a) |
Privilege Issues
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory (Since R2023a) |
CWE Rule 250 | Execution with Unnecessary Privileges (Since R2024a) |
CWE Rule 273 | Improper Check for Dropped Privileges (Since R2024a) |
Random Number Issues
CWE Rule 335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) (Since R2023a) |
CWE Rule 338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (Since R2023a) |
Resource Locking Problems
CWE Rule 413 | Improper Resource Locking (Since R2023a) |
CWE Rule 764 | Multiple Locks of a Critical Resource (Since R2024a) |
CWE Rule 765 | Multiple Unlocks of a Critical Resource (Since R2024a) |
CWE Rule 832 | Unlock of a Resource that is not Locked (Since R2024a) |
CWE Rule 833 | Deadlock (Since R2024a) |
Resource Management Errors
CWE Rule 770 | Allocation of Resources Without Limits or Throttling (Since R2024a) |
CWE Rule 772 | Missing Release of Resource after Effective Lifetime (Since R2024a) |
CWE Rule 826 | Premature Release of Resource During Expected Lifetime (Since R2024a) |
CWE Rule 908 | Use of Uninitialized Resource (Since R2024a) |
CWE Rule 910 | Use of Expired File Descriptor (Since R2023a) |
Signal Errors
CWE Rule 364 | Signal Handler Race Condition (Since R2023a) |
State Issues
CWE Rule 15 | External Control of System or Configuration Setting (Since R2024a) |
CWE Rule 372 | Incomplete Internal State Distinction (Since R2024a) |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method (Since R2023b) |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller (Since R2023a) |
String Errors
CWE Rule 134 | Use of Externally-Controlled Format String (Since R2023a) |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length (Since R2023a) |
Type Errors
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') (Since R2023a) |
Topics
- CWE Coding Standard Coverage Using Polyspace
Group CWE results by category and view list of
all-exact-checkers. - Polyspace Support for Coding Standards
Check the Polyspace support for different coding standards.
- Check for and Review Coding Standard Violations
Check for violations of AUTOSAR C++14, CERT® C, CERT C++, CWE, MISRA C™, MISRA™ C++, JSF AV C++, or ISO-17961 standards with Polyspace Bug Finder.
MATLAB Command
You clicked a link that corresponds to this MATLAB command:
Run the command by entering it in the MATLAB Command Window. Web browsers do not support MATLAB commands.
Select a Web Site
Choose a web site to get translated content where available and see local events and offers. Based on your location, we recommend that you select: .
You can also select a web site from the following list
How to Get Best Site Performance
Select the China site (in Chinese or English) for best site performance. Other MathWorks country sites are not optimized for visits from your location.
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)