CWE-758 依赖未定义、未指明或实现定义的行为

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

结构: Simple

Abstraction: Class

状态: Incomplete

被利用可能性: unkown


The software uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to hold for that entity.


This can lead to resultant weaknesses when the required properties change, such as when the software is ported to a different platform or if an interaction error (CWE-435) occurs.


  • cwe_Nature: ChildOf cwe_CWE_ID: 710 cwe_View_ID: 1000 cwe_Ordinal: Primary


范围 影响 注释
Other Other


标识 说明 链接


映射的分类名 ImNode ID Fit Mapped Node Name
CERT C Secure Coding ARR32-C CWE More Abstract Ensure size arguments for variable length arrays are in a valid range
CERT C Secure Coding ERR34-C Imprecise Detect errors when converting a string to a number
CERT C Secure Coding EXP30-C CWE More Abstract Do not depend on the order of evaluation for side effects
CERT C Secure Coding EXP33-C CWE More Abstract Do not read uninitialized memory
CERT C Secure Coding FIO46-C CWE More Abstract Do not access a closed file
CERT C Secure Coding INT34-C CWE More Abstract Do not shift an expression by a negative number of bits or by greater than or equal to the number of bits that exist in the operand
CERT C Secure Coding INT36-C CWE More Abstract Converting a pointer to integer or integer to pointer
CERT C Secure Coding MEM30-C CWE More Abstract Do not access freed memory
CERT C Secure Coding MSC14-C Do not introduce unnecessary platform dependencies
CERT C Secure Coding MSC15-C Do not depend on undefined behavior
CERT C Secure Coding MSC37-C CWE More Abstract Ensure that control never reaches the end of a non-void function