このページの内容は最新ではありません。最新版の英語を参照するには、ここをクリックします。
Polyspace を使用した CWE コーディング規約カバレッジ
共通脆弱性タイプ一覧 (CWE™) はソフトウェアのアーキテクチャ、設計、コードまたは実装で発生するソフトウェア共通の脆弱性タイプに関するディクショナリです。これらの脆弱性はセキュリティの脆弱性につながります。
解析の実行後に CWE カテゴリを使用して、コードの CWE 違反を問題タイプ別にグループ化して整理します。CWE カテゴリと Polyspace の結果を参照してください。
解析で Polyspace® によってサポートされているすべての CWE ルールを有効にすると、部分的にのみサポートされる一部のルールについて、Polyspace はコードの違反のインスタンスをすべては報告しません。Polyspace で完全にサポートされるルールのみで解析を実行するには、オプション -cwe all-exact-checkers を使用します。Polyspace で完全にサポートされるルールのリストについては、オプション all-exact-checkers の使用時に有効にする CWE ルールのリストを参照してください。
CWE カテゴリと Polyspace の結果
次の表に、Polyspace 欠陥チェッカーおよび Polyspace CWE コーディング ルール チェッカーにマッピングできる CWE カテゴリを示します。CWE カテゴリは、一般的な問題に関連する脆弱性のグループです ("Improper Error Handling" など)。カテゴリ自体は脆弱性ではありませんが、関連する脆弱性に関する CWE の結果を整理するときにカテゴリを使用できます。
| CWE ID | CWE ID の説明 | 欠陥チェッカーまたは CWE コーディング ルール チェッカー |
|---|---|---|
| 189 | Numeric Errors | |
| 227 | Improper fulfillment of API contract | |
| 251 | Often misused: string management | |
| 310 | Cryptographic issues |
|
| 320 | Key management errors | |
| 387 | Signal errors | |
| 398 | Indicator of poor code quality | |
| 465 | Pointer Issues | |
| 872 | CERT C++ Secure Coding Section 04 - Integers (INT) | |
| 873 | CERT C++ Secure Coding Section 05 - Floating point arithmetic (FLP) | |
| 896 | SFP Primary Cluster:Tainted Input |
|
オプション all-exact-checkers の使用時に有効にする CWE ルールのリスト
次の表に、オプション [CWE チェック] (-cwe)all-exact-checkers を使用するときに有効にするルールを示します。
| CWE ID | 説明 |
|---|---|
CWE Rule 14 | Compiler Removal of Code to Clear Buffers |
CWE Rule 119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE Rule 120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE Rule 121 | Stack-based Buffer Overflow |
CWE Rule 122 | Heap-based Buffer Overflow |
CWE Rule 123 | Write-what-where Condition |
CWE Rule 124 | Buffer Underwrite ('Buffer Underflow') |
CWE Rule 125 | Out-of-bounds Read |
CWE Rule 126 | Buffer Over-read |
CWE Rule 127 | Buffer Under-read |
CWE Rule 128 | Wrap-around Error |
CWE Rule 129 | Improper Validation of Array Index |
CWE Rule 130 | Improper Handling of Length Parameter Inconsistency |
CWE Rule 131 | Incorrect Calculation of Buffer Size |
CWE Rule 134 | Use of Externally-Controlled Format String |
CWE Rule 135 | Incorrect Calculation of Multi-Byte String Length |
CWE Rule 170 | Improper Null Termination |
CWE Rule 188 | Reliance on Data/Memory Layout |
CWE Rule 191 | Integer Underflow (Wrap or Wraparound) |
CWE Rule 192 | Integer Coercion Error |
CWE Rule 194 | Unexpected Sign Extension |
CWE Rule 195 | Signed to Unsigned Conversion Error |
CWE Rule 196 | Unsigned to Signed Conversion Error |
CWE Rule 197 | Numeric Truncation Error |
CWE Rule 242 | Use of Inherently Dangerous Function |
CWE Rule 243 | Creation of chroot Jail Without Changing Working Directory |
CWE Rule 244 | Improper Clearing of Heap Memory Before Release ('Heap Inspection') |
CWE Rule 248 | Uncaught Exception |
CWE Rule 252 | Unchecked Return Value |
CWE Rule 253 | Incorrect Check of Function Return Value |
CWE Rule 311 | Missing Encryption of Sensitive Data |
CWE Rule 312 | Cleartext Storage of Sensitive Information |
CWE Rule 319 | Cleartext Transmission of Sensitive Information |
CWE Rule 321 | Use of Hard-coded Cryptographic Key |
CWE Rule 335 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) |
CWE Rule 338 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) |
CWE Rule 353 | Missing Support for Integrity Check |
CWE Rule 362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') |
CWE Rule 364 | Signal Handler Race Condition |
CWE Rule 366 | Race Condition within a Thread |
CWE Rule 369 | Divide By Zero |
CWE Rule 374 | Passing Mutable Objects to an Untrusted Method |
CWE Rule 375 | Returning a Mutable Object to an Untrusted Caller |
CWE Rule 396 | Declaration of Catch for Generic Exception |
CWE Rule 397 | Declaration of Throws for Generic Exception |
CWE Rule 401 | Missing Release of Memory after Effective Lifetime |
CWE Rule 413 | Improper Resource Locking |
CWE Rule 415 | Double Free |
CWE Rule 416 | Use After Free |
CWE Rule 457 | Use of Uninitialized Variable |
CWE Rule 460 | Improper Cleanup on Thrown Exception |
CWE Rule 463 | Deletion of Data Structure Sentinel |
CWE Rule 466 | Return of Pointer Value Outside of Expected Range |
CWE Rule 467 | Use of sizeof() on a Pointer Type |
CWE Rule 468 | ポインターのスケーリングが無効です |
CWE Rule 469 | Use of Pointer Subtraction to Determine Size |
CWE Rule 474 | Use of Function with Inconsistent Implementations |
CWE Rule 476 | NULL Pointer Dereference |
CWE Rule 477 | Use of Obsolete Function |
CWE Rule 478 | Missing Default Case in Multiple Condition Expression |
CWE Rule 479 | Signal Handler Use of a Non-reentrant Function |
CWE Rule 480 | Use of Incorrect Operator |
CWE Rule 481 | Assigning instead of Comparing |
CWE Rule 482 | Comparing instead of Assigning |
CWE Rule 483 | Incorrect Block Delimitation |
CWE Rule 484 | Omitted Break Statement in Switch |
CWE Rule 489 | Active Debug Code |
CWE Rule 493 | Critical Public Variable Without Final Modifier |
CWE Rule 495 | Private Data Structure Returned From A Public Method |
CWE Rule 496 | Public Data Assigned to Private Array-Typed Field |
CWE Rule 498 | Cloneable class containing sensitive information |
CWE Rule 500 | Public Static Field Not Marked Final |
CWE Rule 522 | Insufficiently Protected Credentials |
CWE Rule 543 | Use of Singleton Pattern Without Synchronization in a Multithreaded Context |
CWE Rule 547 | Use of Hard-coded, Security-relevant Constants |
CWE Rule 558 | Use of getlogin() in Multithreaded Application |
CWE Rule 560 | Use of umask() with chmod-style Argument |
CWE Rule 561 | デッド コード |
CWE Rule 562 | Return of Stack Variable Address |
CWE Rule 563 | Assignment to Variable without Use |
CWE Rule 570 | Expression is Always False |
CWE Rule 571 | Expression is Always True |
CWE Rule 587 | Assignment of a Fixed Address to a Pointer |
CWE Rule 606 | Unchecked Input for Loop Condition |
CWE Rule 617 | Reachable Assertion |
CWE Rule 674 | Uncontrolled Recursion |
CWE Rule 676 | Use of Potentially Dangerous Function |
CWE Rule 683 | Function Call With Incorrect Order of Arguments |
CWE Rule 685 | Function Call With Incorrect Number of Arguments |
CWE Rule 686 | Function Call With Incorrect Argument Type |
CWE Rule 687 | Function Call With Incorrectly Specified Argument Value |
CWE Rule 688 | Function Call With Incorrect Variable or Reference as Argument |
CWE Rule 690 | Unchecked Return Value to NULL Pointer Dereference |
CWE Rule 704 | Incorrect Type Conversion or Cast |
CWE Rule 733 | Compiler Optimization Removal or Modification of Security-critical Code |
CWE Rule 762 | Mismatched Memory Management Routines |
CWE Rule 763 | Release of Invalid Pointer or Reference |
CWE Rule 766 | Critical Data Element Declared Public |
CWE Rule 767 | Access to Critical Private Variable via Public Method |
CWE Rule 783 | Operator Precedence Logic Error |
CWE Rule 785 | Use of Path Manipulation Function without Maximum-sized Buffer |
CWE Rule 787 | Out-of-bounds Write |
CWE Rule 789 | Memory Allocation with Excessive Size Value |
CWE Rule 798 | Use of Hard-coded Credentials |
CWE Rule 805 | Buffer Access with Incorrect Length Value |
CWE Rule 806 | Buffer Access Using Size of Source Buffer |
CWE Rule 822 | Untrusted Pointer Dereference |
CWE Rule 824 | Access of Uninitialized Pointer |
CWE Rule 825 | Expired Pointer Dereference |
CWE Rule 839 | Numeric Range Comparison Without Minimum Check |
CWE Rule 843 | Access of Resource Using Incompatible Type ('Type Confusion') |
CWE Rule 910 | Use of Expired File Descriptor |
CWE Rule 922 | Insecure Storage of Sensitive Information |
CWE Rule 1071 | Empty code block |
CWE Rule 1335 | Incorrect Bitwise Shift of Integer |
CWE Rule 1341 | Multiple Releases of Same Resource or Handle |
