Null-termination defect. There is no place allocated for the null terminating character. Thereby, the strcpy() writes beyond the character array. From "Secure Coding in C and C++" by Robert C. Seacord. Page 31, Figure 2-7

Common off-by-one defect. The strcpy() copies 11 characters in the source buffer including the terminating null character. Due to the index value, the assignment on line 31 cause an out-of-bound. From "Secure Coding in C and C++" by Robert C. Seacord. Page 30, Figure 2-6

Extracting characters using the field width member. Ensure that the operator>> will not extract more thant 12 characters. From "Secure Coding in C and C++" by Robert C. Seacord. Page 29, Figure 2-5

Extracting characters from cin into character array. The operator>> will copy outside the bound of the statically allocated array if the length of the input is more than 11 characters. From "Secure Coding in C and C++" by Robert C. Seacord. Page 29, Figure 2-4

Dynamic allocation of the character array ensure that sufficient space is allocated to copy the input and the null character. From "Secure Coding in C and C++" by Robert C. Seacord. Page 28, Figure 2-3

Buffer overflow if the input is not validated. Every operation may write outside the bound of the statically allocated character array. From "Secure Coding in C and C++" by Robert C. Seacord. Page 28, Figure 2-2

Buffer overflow by gets() if input is more than 80 characters. From "Secure Coding in C and C++" by Robert C. Seacord. Page 27, Figure 2-1

The order of evaluation is unspecified in C for the

Memory for a Struct object is freed and not referenced further.

Return of an uninitialized pointer from a function.

Attempt to assign a pointer address without allocating memory.

Attempted double free with primary control flow influencing whether the second free takes place.

Attempt to pass a pointer to freed memory to function.

Attempt to assign memory content that has already been freed.

Attempt to return a pointer to memory that has been freed.

Attempt to double free memory.

Pointer reference to freed memory is returned in function.

Memory is freed, then the pointer variable (not the memory location) is assigned a value.

Variable used as index of array is correctly initialized before use.

Variable used in boolean expression is correctly initialized before use.

Integer is not initialized prior to being used as an array index.

Pointer is not initialized prior to being used to assign a value to an array element

Integer is not initialized prior to being incremented in an expression.

Integer is not assigned a value prior to use in a boolean expression.

Integer is not initialized prior to being used in boolean expression.