This article maps DISA Security Technical Implementation Guide version 4 IDs to Klocwork C/C++ checkers. For more information about DISA STIG, see the DISA STIG web site.

DISA STIG ID	C/C++ Checker Code and Description
APSC-DV-000160	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt
APSC-DV-000170	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt
APSC-DV-000460	`SV.BRM.HKEY_LOCAL_MACHINE` HKEY_LOCAL_MACHINE Used as 'hkey' Parameter for Registry Manipulation Function `SV.PIPE.CONST` Potential pipe hijacking `SV.PIPE.VAR` Potential pipe hijacking
APSC-DV-000510	`SV.BRM.HKEY_LOCAL_MACHINE` HKEY_LOCAL_MACHINE Used as 'hkey' Parameter for Registry Manipulation Function `SV.LPP.CONST` Use of Insecure Macro for Dangerous Functions `SV.LPP.VAR` Use of Insecure Parameter for Dangerous Functions `SV.PIPE.CONST` Potential pipe hijacking `SV.PIPE.VAR` Potential pipe hijacking `SV.SIP.CONST` Use of Insecure Macro for Dangerous Functions `SV.SIP.VAR` Use of Insecure Parameter for Dangerous Functions `SV.USAGERULES.PERMISSIONS` Use of Privilege Elevation
APSC-DV-001410	`SV.BRM.HKEY_LOCAL_MACHINE` HKEY_LOCAL_MACHINE Used as 'hkey' Parameter for Registry Manipulation Function `SV.LPP.CONST` Use of Insecure Macro for Dangerous Functions `SV.LPP.VAR` Use of Insecure Parameter for Dangerous Functions `SV.PIPE.CONST` Potential pipe hijacking `SV.PIPE.VAR` Potential pipe hijacking `SV.SIP.CONST` Use of Insecure Macro for Dangerous Functions `SV.SIP.VAR` Use of Insecure Parameter for Dangerous Functions `SV.USAGERULES.PERMISSIONS` Use of Privilege Elevation
APSC-DV-001740	`HCC` Use of hardcoded credentials `HCC.PWD` Use of a hardcoded password `HCC.USER` Use of a hardcoded user name `RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-001750	`HCC` Use of hardcoded credentials `HCC.PWD` Use of a hardcoded password `HCC.USER` Use of a hardcoded user name `RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-001860	`HCC` Use of hardcoded credentials `HCC.PWD` Use of a hardcoded password `HCC.USER` Use of a hardcoded user name `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-001980	`RH.LEAK` Resource leak
APSC-DV-001995	`SV.TOCTOU.FILE_ACCESS` Time of Creation/Time of Use Race condition in File Access
APSC-DV-002000	`RH.LEAK` Resource leak
APSC-DV-002010	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-002030	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-002040	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-002290	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-002350	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt `SV.WEAK_CRYPTO.WEAK_HASH` Weak Hash Function
APSC-DV-002380	`SV.USAGERULES.PERMISSIONS` Use of Privilege Elevation
APSC-DV-002510	`SV.CODE_INJECTION.SHELL_EXEC` Command Injection into Shell Execution `SV.DLLPRELOAD.NONABSOLUTE.DLL` Potential DLL-preload hijack vector `SV.DLLPRELOAD.NONABSOLUTE.EXE` Potential process injection vector `SV.DLLPRELOAD.SEARCHPATH` Do not use SearchPath to find DLLs
APSC-DV-002520	`SV.DLLPRELOAD.NONABSOLUTE.DLL` Potential DLL-preload hijack vector `SV.DLLPRELOAD.NONABSOLUTE.EXE` Potential process injection vector `SV.DLLPRELOAD.SEARCHPATH` Do not use SearchPath to find DLLs
APSC-DV-002530	`ABV.TAINTED` Buffer Overflow from Unvalidated Input `NNTS.TAINTED` Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String `SV.TAINTED.ALLOC_SIZE` Use of Unvalidated Integer in Memory Allocation `SV.TAINTED.BINOP` Use of Unvalidated Integer in Binary Operation `SV.TAINTED.CALL.BINOP` Use of Unvalidated Integer in Binary Operation `SV.TAINTED.CALL.DEREF` Dereference Of An Unvalidated Pointer `SV.TAINTED.CALL.INDEX_ACCESS` Use of Unvalidated Integer as Array Index by Function Call `SV.TAINTED.CALL.LOOP_BOUND` Use of Unvalidated Integer in Loop Condition through a Function Call `SV.TAINTED.FMTSTR` Use of Unvalidated Data in a Format String `SV.TAINTED.INDEX_ACCESS` Use of Unvalidated Integer as Array Index `SV.TAINTED.INJECTION` Command Injection `SV.TAINTED.PATH_TRAVERSAL` Use of Unvalidated Data in a Path Traversal `SV.TAINTED.SECURITY_DECISION` Security Decision
APSC-DV-002540	`ABV.TAINTED` Buffer Overflow from Unvalidated Input `SV.TAINTED.INJECTION` Command Injection `SV.USAGERULES.PERMISSIONS` Use of Privilege Elevation
APSC-DV-002560	`SV.TAINTED.ALLOC_SIZE` Use of Unvalidated Integer in Memory Allocation `SV.TAINTED.BINOP` Use of Unvalidated Integer in Binary Operation `SV.TAINTED.CALL.BINOP` Use of Unvalidated Integer in Binary Operation `SV.TAINTED.CALL.INDEX_ACCESS` Use of Unvalidated Integer as Array Index by Function Call `SV.TAINTED.CALL.LOOP_BOUND` Use of Unvalidated Integer in Loop Condition through a Function Call `SV.TAINTED.FMTSTR` Use of Unvalidated Data in a Format String `SV.TAINTED.INDEX_ACCESS` Use of Unvalidated Integer as Array Index `SV.TAINTED.INJECTION` Command Injection `SV.TAINTED.PATH_TRAVERSAL` Use of Unvalidated Data in a Path Traversal `SV.TAINTED.SECURITY_DECISION` Security Decision
APSC-DV-002590	`ABV.ANY_SIZE_ARRAY` Buffer Overflow - Array Index Out of Bounds `ABV.GENERAL` Buffer Overflow - Array Index Out of Bounds `ABV.STACK` Buffer Overflow - Local Array Index Out of Bounds `ABV.TAINTED` Buffer Overflow from Unvalidated Input `ABV.UNICODE.BOUND_MAP` Buffer overflow in mapping character function `ABV.UNICODE.FAILED_MAP` Mapping function failed `ABV.UNICODE.NNTS_MAP` Buffer overflow in mapping character function `MISRA.CAST.FLOAT` Non-trivial float expression is cast to a wider type `MISRA.CAST.FLOAT.WIDER` Cast of floating point expression to a wider floating point type `MISRA.CAST.FLOAT_INT` Cast of floating point expression to integral type `MISRA.CAST.FUNC_PTR` Cast between a function pointer and a non-integral type `MISRA.CAST.FUNC_PTR.2012` Conversion performed between a pointer to a function and another incompatible type `MISRA.CAST.FUNC_PTR.CPP` Cast converts function pointer to other pointer type `MISRA.CAST.INCOMPLETE_PTR_TO_ANY.2012` Conversion performed between a pointer to an incomplete type and a different type `MISRA.CAST.INT` Non-trivial integer expression is cast to a wider type, or type with a different signedness `MISRA.CAST.INT.SIGN` Non-trivial integral expression is cast to type with different signedness `MISRA.CAST.INT.WIDER` Cast of integral expression to a wider integral type `MISRA.CAST.INT_FLOAT` Cast of integral expression to floating point type `MISRA.CAST.INT_TO_PTR` Object with integer type or pointer to void cast to pointer type `MISRA.CAST.OBJ_PTR_TO_INT.2012` Conversion performed between a pointer to an object and an integer type `MISRA.CAST.OBJ_PTR_TO_NON_INT.2012` A cast between a pointer to object and a non-integer arithmetic type `MISRA.CAST.OBJ_PTR_TO_OBJ_PTR.2012` Cast between a pointer to object type and a pointer to a different object type `MISRA.CAST.POLY.TYPE` Cast from a polymorphic base class to a derived class `MISRA.CAST.PTR` Cast between a pointer to object type and a different pointer to object type `MISRA.CAST.PTR.UNRELATED` Object of pointer type cast to unrelated type `MISRA.CAST.PTR.VRCLASS` A cast form pointer to a virtual base class to pointer to a derived class does not use 'dynamic_cast' `MISRA.CAST.PTR_TO_INT` Cast between a pointer and an integral type `MISRA.CAST.UNSIGNED_BITS` The result of bitwise operation on unsigned char or short is not cast back to original type `MISRA.CAST.VOID_PTR_TO_INT.2012` Cast between a pointer to void and an arithmetic type `MISRA.CAST.VOID_PTR_TO_OBJ_PTR.2012` Conversion performed from a pointer to void to a pointer to an object `MISRA.SIGNED_CHAR.NOT_NUMERIC` 'signed char' or 'unsigned char' is used for non-numeric value `MISRA.UMINUS.UNSIGNED` Operand of unary minus is unsigned `NNTS.MIGHT` Buffer Overflow - Non-null Terminated String `NNTS.MUST` Buffer Overflow - Non-null Terminated String `NNTS.TAINTED` Unvalidated User Input Causing Buffer Overflow - Non-Null Terminated String `PRECISION.LOSS` Loss of Precision `PRECISION.LOSS.CALL` Loss of Precision during function call `RABV.CHECK` Suspicious use of index before boundary check `SV.FMTSTR.GENERIC` Format String Vulnerability `SV.FMT_STR.BAD_SCAN_FORMAT` Input format specifier error `SV.FMT_STR.PRINT_FORMAT_MISMATCH.BAD` Incompatible type of a print function parameter `SV.FMT_STR.PRINT_FORMAT_MISMATCH.UNDESIRED` Unexpected type of a print function parameter `SV.FMT_STR.PRINT_IMPROP_LENGTH` Improper use of length modifier in a print function call `SV.FMT_STR.PRINT_PARAMS_WRONGNUM.FEW` Too few arguments in a print function call `SV.FMT_STR.PRINT_PARAMS_WRONGNUM.MANY` Too many arguments in a print function call `SV.FMT_STR.UNKWN_FORMAT` Unknown format specifier in a print function call `SV.STRBO.BOUND_COPY.OVERFLOW` Buffer Overflow in Bound String Copy `SV.STRBO.BOUND_COPY.UNTERM` Possible Buffer Overflow in Following String Operations `SV.STRBO.BOUND_SPRINTF` Buffer Overflow in Bound sprintf `SV.STRBO.UNBOUND_COPY` Buffer Overflow in Unbound String Copy `SV.STRBO.UNBOUND_SPRINTF` Buffer Overflow in Unbound sprintf `SV.TAINTED.BINOP` Use of Unvalidated Integer in Binary Operation `SV.TAINTED.CALL.BINOP` Use of Unvalidated Integer in Binary Operation `SV.TAINTED.CALL.INDEX_ACCESS` Use of Unvalidated Integer as Array Index by Function Call `SV.TAINTED.CALL.LOOP_BOUND` Use of Unvalidated Integer in Loop Condition through a Function Call `SV.TAINTED.INDEX_ACCESS` Use of Unvalidated Integer as Array Index
APSC-DV-002950	`CONC.DL` Deadlock
APSC-DV-003100	`RCA` Risky cryptographic algorithm used `RCA.HASH.SALT.EMPTY` Use of a one-way hash with an empty salt
APSC-DV-003110	`HCC` Use of hardcoded credentials `HCC.PWD` Use of a hardcoded password `HCC.USER` Use of a hardcoded user name
APSC-DV-003235	`CWARN.PASSBYVALUE.EXC` Exception object passed by value is too large `MISRA.CATCH.ALL` No ellipsis exception handler in a try-catch block `MISRA.CATCH.BY_VALUE` Exception object of class type is caught by value `MISRA.CATCH.NOALL` Ellipsis exception handler is not the last one in a try-catch block `MISRA.CATCH.WRONGORD` Handler for a base exception class precedes to a handler for a derived exception class in a try-catch block `MISRA.DECL.EXCPT.SPEC` Function is declared with different exception specifications `MISRA.THROW.EMPTY` Empty throw expression does not belong to a catch block `MISRA.THROW.NULL` NULL is thrown explicitly `MISRA.THROW.PTR` Exception object is a pointer `SV.INCORRECT_RESOURCE_HANDLING.URH` Insecure Resource Handling `SV.INCORRECT_RESOURCE_HANDLING.WRONG_STATUS` Insecure Resource Handling `SV.RVT.RETVAL_NOTTESTED` Ignored Return Value
APSC-DV-003280	`HCC.PWD` Use of a hardcoded password

Support Summary:

28 rules