Using the value of an unitialized variable is not safe. (from TCCLASP-5_6_4_10)

The use of a hard-coded password increases the possibility of password guessing tremendously. (from TCCLASP-5_5_9_10-C)

In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled. (from TCCLASP-5_6_9_10)

System() is called with user-provided data. PLOVER: CODE.EVAL

A file is accessed multiple times by name in a publically accessible directory. A race condition exists between the accesses where an attacker can replace the file referenced by the name. PLOVER: RACE.TOCTOU

malloc"d data is freed more than once. PLOVER: MISC.DFREE

Syslog is called with a user supplied format string. An attempt was made to preformat the buffer but the vulnerability remains. PLOVER: BUFF.OVER, BUFF.FORMAT

Printf is called with a user supplied format string. PLOVER: BUFF.OVER, BUFF.FORMAT

No bounds checking on buffer. PLOVER: BUFF.OVER

The accidental addition of a data-structure sentinel can cause serious programing . The accidental addition of a data-structure sentinel can cause serious programing logic problems. (from TCCLASP-5_6_7_10)

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = function return value, Address com...

If a functions return value is not checked, it could have failed without any warning. (from TCCLASP-5_6_1_9)

If too few arguments are sent to a function, the function will still pop the expected number of arguments from the stack. Potentially, a variable number of arguments could be exhausted in a function as well. (from TCCLASP-5_6_2_10)

Tempfile creation should be done in a safe way. To be safe, the temp file function should open up the temp file with appropriate access control. The temp file function should also retain this quality, while being resistant to race conditions. (from TCCLASP-5_6_20_10)

Not using a a random initialization vector with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dictionary attacks. (from TCCLASP-5_5_22_10-C)

State synchronization refers to a set of flaws involving contradictory states of execution in a process which result in undefined behavior. (from TCCLASP-5_4_1_10-C)

The accidental deletion of a can cause serious programing logic problems. (from TCCLASP-5_6_6_10)

If a function"s return value is not properly checked, the function could have failed without proper acknowledgement. (from TCCLASP-5_6_3_10)

Syslog is called with a user supplied format string. PLOVER: BUFF.OVER, BUFF.FORMAT

An ad hoc gets without bounds checkes allows a stack buffer to be overrun. PLOVER CLASS: BUFF.OVER

Running sizeof() on a malloced pointer type will always return the wordsize/8. (from TCCLASP-5_6_8_10)

Sometimes an error is detected, and bad or no action is taken. (from TCCLASP-5_6_19_10)

Nonces should be used for the present occasion and only once. (from TCCLASP-5_5_20_10-C)

The use of a hard-coded cryptographic key tremendously increases the possibility that encrypted data may be recovered (from TCCLASP-5_5_10_10-C)

Assumptions about protocol data or data stored in memory can be invalid, resulting in using data in ways that were unintended. (from TCCLASP-5_3_1_10)