Potentially uninitialized local variable. Potentially overrunning write with float to string conversion. Potentially overflowing call to snprintf. Potential exposure of sensitive system data to an unauthorized control sphere. Possibly wrong buffer size in string copy. Overloaded assignment does not return ‘this’. Overflow in uncontrolled allocation size. Not enough memory allocated for pointer type. Not enough memory allocated for array of pointer type. NULL application name with an unquoted path in call to CreateProcess. Multiplication result converted to larger type. Missing return-value check for a ‘scanf’-like function. Local variable address stored in non-local memory. Inconsistent definition of copy constructor and assignment (’Rule of Two’). File opened with O_CREAT flag but without mode argument. File created without restricting permissions. Exposure of system data to an unauthorized control sphere. OPENSSL HEARTBLEED CODE
Dead code due to goto or break statement.Continue statement that does not continue.Comparison where assignment was intended.Comparison of narrow type with wide type in loop condition.
Cleartext transmission of sensitive information.Cleartext storage of sensitive information in file.
Cleartext storage of sensitive information in buffer. Cleartext storage of sensitive information in an SQLite database. Cast between HRESULT and a Boolean type. Call to function with fewer arguments than declared parameters. Call to function with extraneous arguments. Call to a function with one or more incompatible arguments. CGI script vulnerable to cross-site scripting. Bad check for overflow of integer addition. Assignment where comparison was intended. 
Arithmetic operation assumes 365 days per year.
0 kommentar(er)
