...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship | |
|---|---|---|---|
| CERT C Secure Coding Standard | FIO14-C. Understand the difference between text mode and binary mode with file streams | Prior to 2018-01-12: CERT: Unspecified Relationship | |
| CERT C Secure Coding Standard | FIO20-C. Avoid unintentional truncation when using fgets() or fgetws() | Prior to 2018-01-12: CERT: Unspecified Relationship | |
| CWE 2.11MITRE CWE | CWE-119241, Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-123, Write-what-where Condition CWE-125, Out-of-bounds Read CWE-241, Improper Handling of Unexpected Data TypeHandling of Unexpected Data Type | 2017-07-05: CERT: Rule subset of CWE |
CERT-CWE Mapping Notes
Key here for mapping notes
CWE-241 and FIO37-C
CWE-241 = Union( FIO37-C, list) where list =
- Improper handling of unexpected data type that does not come from the fgets() function.
Bibliography
| [ISO/IEC 9899:2011] | Subclause 7.21.7.2, "The |
| [Lai 2006] | |
| [Seacord 2013] | Chapter 2, "Strings" |
...