CWE entries in this view (graph) are fully or partially eliminated by following the SEI CERT C++ Coding Standard, as published in 2016.
By following the CERT C++ Secure Coding Standard, developers will be able to fully or partially prevent the weaknesses that are identified in this view. In addition, developers can use a CWE coverage graph to determine which weaknesses are not directly addressed by the standard, which will help identify and resolve remaining gaps in training, tool acquisition, or other approaches for reducing weaknesses.
If a software developer claims to be following the CERT C++ Secure Coding Standard, then customers can search for the weaknesses in this view in order to formulate independent evidence of that claim.
Educators can use this view in multiple ways. For example, if there is a focus on teaching weaknesses, the educator could link them to the relevant Secure Coding Standard.
|CWE-869||CERT C++ Secure Coding Section 01 - Preprocessor (PRE)|
|CWE-870||CERT C++ Secure Coding Section 02 - Declarations and Initialization (DCL)|
|CWE-871||CERT C++ Secure Coding Section 03 - Expressions (EXP)|
|CWE-872||CERT C++ Secure Coding Section 04 - Integers (INT)|
|CWE-873||CERT C++ Secure Coding Section 05 - Floating Point Arithmetic (FLP)|
|CWE-874||CERT C++ Secure Coding Section 06 - Arrays and the STL (ARR)|
|CWE-875||CERT C++ Secure Coding Section 07 - Characters and Strings (STR)|
|CWE-876||CERT C++ Secure Coding Section 08 - Memory Management (MEM)|
|CWE-877||CERT C++ Secure Coding Section 09 - Input Output (FIO)|
|CWE-878||CERT C++ Secure Coding Section 10 - Environment (ENV)|
|CWE-879||CERT C++ Secure Coding Section 11 - Signals (SIG)|
|CWE-880||CERT C++ Secure Coding Section 12 - Exceptions and Error Handling (ERR)|
|CWE-881||CERT C++ Secure Coding Section 13 - Object Oriented Programming (OOP)|
|CWE-882||CERT C++ Secure Coding Section 14 - Concurrency (CON)|
|CWE-883||CERT C++ Secure Coding Section 49 - Miscellaneous (MSC)|
The relationships in this view were determined based on specific statements within the rules from the standard. Not all rules have direct relationships to individual weaknesses, although they likely have chaining relationships in specific circumstances.
This view is no longer being actively maintained, since it statically represents the coding rules as they were in 2016.