C/C++
In this article, we cover C/C++ support and vulnerability detection for Mend SAST.
Note: C/C++ support is currently in beta phase.
Mend SAST-supported C/C++ file types
File Type |
|---|
.c |
.cc |
.cpp |
.h |
Mend SAST-supported C/C++ frameworks
Framework |
|---|
IBM DB2 |
Mend SAST-supported C/C++ vulnerability types
The C/C++ vulnerability types detected by SAST are provided below and are organized by CWE ID within each of their identified severities.
C/C++ high-severity vulnerability types
CWE | Vulnerability Type |
CWE-22 | Path/Directory Traversal |
CWE-78 | Command Injection |
CWE-89 | SQL Injection |
CWE-121 | Buffer Overflow |
CWE-134 | Uncontrolled Format String |
CWE-190 | Integer Overflow |
CWE-415 | Double Free |
CWE-416 | Use After Free |
CWE-787 | Out of Buffer Bounds Write |
C/C++ medium-severity vulnerability types
CWE | Vulnerability Type |
CWE-90 | LDAP Injection |
CWE-125 | Out of Buffer Bounds Read |
CWE-191 | Integer Underflow |
CWE-244 | Heap Inspection |
CWE-367 | Time of Check Time of Use |
CWE-676 | Miscellaneous Dangerous Functions |
C/C++ low-severity vulnerability types
CWE | Vulnerability Type |
CWE-114 | Arbitrary Library Injection |
CWE-242 | Use of Inherently Dangerous Function |
CWE-369 | Divide By Zero |
CWE-789 | Uncontrolled Memory Allocation |