...
A programmer performing maintenance on this program would need to identify the relationship and modify both definitions accordingly. While this sort of error appears relatively benign, it can easily lead to serious security vulnerabilities, such as buffer overflows.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
This rule appears in the C++ Secure Coding Standard as : DCL08-CPP. Properly encode relationships in constant definitions.
This rule appears in the Java Secure Coding Standard as : DCL03-J. Properly encode relationships in constant definitions.
...
| Wiki Markup |
|---|
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.10, "Preprocessing directives," and Section 5.1.1, "Translation environment" \[[Plum 851985|AA. Bibliography#Plum 85]\] Rule 1-4 |
...