malloc\'d data is freed only once.

malloc\'d data is freed before being returned to the caller and freed again.

malloc\'d data is freed in the caller.

malloc\'d data is returned to the caller but never freed.

malloc\'d data is freed.

malloc\'d data is never freed and all pointers to the data are lost.

integer overflow results in a short malloc and an overflow. A guard is put in place to protect against the overflow.

integer overflow results in a short malloc and an overflow. A guard was put in place to protect the overflow but the guard is incorrect.

fgets is called with a correct bound.

fgets is called with an incorrect bound allowing a stack buffer to be overrun.

fgets is used in place of gets with a proper bounds check.

gets is never safe for untrusted input due to lack of buffer length checks.

Printf is called with a static format string. This is not a defect.

Syslog is called with a programmer supplied format string.

Syslog is called with a user supplied format string. An attempt was made to preformat the buffer but the vulnerability remains.

An ad-hoc string copy with bounds check does not overflows a stack buffer.

An ad-hoc string copy without bounds check overflows a stack buffer.

An ad hoc gets with bounds check does not allow a stack buffer to be overrun.

An ad hoc gets without bounds checkes allows a stack buffer to be overrun.

A string decode function properly checks for termination and no buffer overflow occurs.

A string decode function misses a termination check which allows the decode to proceed past the end of the buffer.

Syslog is called with a programmer supplied format string.

Printf is called with a programmer supplied format string.

Printf is called with a user supplied format string.

Attempt to call function of deleted object.