Sttor Documentation

Appearance

C Rules

SAST rules for C that identify insecure patterns in application code.

C Rule Catalog

IDTitleSeverityCategory
CODE-0098Stack-based buffer overflowCRITICALInjection
CODE-0224Double Free VulnerabilityCRITICALGeneric
CODE-0280Insecure use of gets() functionCRITICALInjection
CODE-0286Incorrect use of free() on stack variableCRITICALGeneric
CODE-0621Buffer Overflow via Uncontrolled Format StringCRITICALInjection
CODE-0644Format String VulnerabilityCRITICALInjection
CODE-0648Insecure use of strcpy, stpcpy, strcatCRITICALInjection
CODE-0660Incorrect use of strncatCRITICALInjection
CODE-0662Return of Stack Variable AddressCRITICALGeneric
CODE-0663Insecure use of alloca()CRITICALGeneric
CODE-0672Insecure use of sprintf and vsprintfCRITICALInjection
CODE-0677Command InjectionCRITICALInjection
CODE-0680Use After FreeCRITICALGeneric
CODE-0188Integer Overflow or WraparoundHIGHInjection
CODE-0222Insecure API CallsHIGHInjection
CODE-0473Incorrect Order of setuid and setgid CallsHIGHAccessControl
CODE-0492Unchecked Return Value of setuid/seteuidHIGHAccessControl
CODE-0511Incorrect use of strncpy, stpncpy, strlcpy, or strscpyHIGHInjection
CODE-0559Unchecked Return Values for Privilege DropHIGHAccessControl
CODE-0560Ensure restrictive umask valuesHIGHInsecureConfig
CODE-0561Easily misused function may lead to buffer overflowsHIGHInjection
CODE-0562Insecure string processing functionHIGHInjection
CODE-0563Format string vulnerability in scanf functionsHIGHInjection
CODE-0564Reliance on untrusted inputs in a security decisionHIGHInjection
CODE-0565Untrusted Input in Security DecisionHIGHInjection
CODE-0566Untrusted Input from getenv or curl_getenvHIGHInjection
CODE-0567Use of deprecated function (gets)HIGHInjection
CODE-0568Insufficient protection against buffer overflow (getwd)HIGHInjection
CODE-0569Insecure use of strcat family functionsHIGHInjection
CODE-0570Insecure string concatenation functionsHIGHInjection
CODE-0571Insecure functions unable to limit / check buffer sizesHIGHInjection
CODE-0572Insecure use of lstrcpyn family functionsHIGHInjection
CODE-0573Unvalidated Buffer CopyHIGHInjection
CODE-0574Insecure use of realpath functionHIGHInjection
CODE-0575Format string vulnerability in scanf functionsHIGHInjection
CODE-0576Insecure function unable to limit / check buffer sizesHIGHInjection
CODE-0577Insecure string processing functionHIGHInjection
CODE-0578Insecure string processing functionsHIGHInjection
CODE-0579Insecure string processing function (strcpy)HIGHInjection
CODE-0580Insecure string processing functionHIGHInjection
CODE-0581Insecure string processing functionsHIGHInjection
CODE-0582Unbounded String Length CalculationHIGHInjection
CODE-0583Insecure use of strncatHIGHInjection
CODE-0584Insecure use of strncpyHIGHInjection
CODE-0585Insecure string processing functionHIGHInjection
CODE-0589Potential format string vulnerabilityHIGHInjection
CODE-0590Potential format string vulnerabilityHIGHInjection
CODE-0591Potential format string vulnerabilityHIGHInjection
CODE-0592Potential format string vulnerability in syslog callHIGHInjection
CODE-0593Use of deprecated function (memalign)HIGHInsecureConfig
CODE-0595Insecure Access Control Entry (ACE) ConfigurationHIGHAccessControl
CODE-0596Uncontrolled search path elementHIGHInsecureConfig
CODE-0597Uncontrolled search path elementHIGHInsecureConfig
CODE-0612Possible executable path hijacking (CreateProcess)HIGHInjection
CODE-0613Possible executable path hijacking (CreateProcessAsUser/CreateProcessWithLogon)HIGHInjection
CODE-0614Potential for OS command injectionHIGHInjection
CODE-0615Potential for OS command injectionHIGHInjection
CODE-0647Incorrect use of memsetHIGHGeneric
CODE-0673Unterminated String in strncpy or stpncpyHIGHInjection
CODE-0738Off-by-one errorHIGHInjection
CODE-0185Command-Line Argument or Environment Variable AccessMEDIUMInjection
CODE-0186Incorrect use of sizeof() on malloced pointer typeMEDIUMGeneric
CODE-0215Incorrect use of sprintf and snprintfMEDIUMGeneric
CODE-0227Missing break statement in switch constructMEDIUMGeneric
CODE-0230Mismatched Memory ManagementMEDIUMGeneric
CODE-0242Error Message Exposure of Memory AddressesMEDIUMErrorHandling
CODE-0246Insecure Temporary File CreationMEDIUMInsecureConfig
CODE-0264Pointer SubtractionMEDIUMGeneric
CODE-0269Use of stack variable with putenvMEDIUMInsecureConfig
CODE-0287Mismatched Memory ManagementMEDIUMGeneric
CODE-0289Signed/Unsigned ConversionMEDIUMGeneric
CODE-0476Unsafe use of strlcpy and strlcat return valuesMEDIUMInjection
CODE-0487Missing Return Statement in Non-Void FunctionMEDIUMGeneric
CODE-0488Unchecked Return Value of Scanf FunctionsMEDIUMInjection
CODE-0494Insecure Random Number GenerationMEDIUMCrypto
CODE-0586Insecure encryption algorithm (DES)MEDIUMCrypto
CODE-0587Insecure stream cipher (RC4)MEDIUMCrypto
CODE-0588Insecure hashing algorithmMEDIUMCrypto
CODE-0594Possible integer overflow or underflowMEDIUMInjection
CODE-0598Null ACL when calling SetSecurityDescriptorDacl may allow all access to objectsMEDIUMAccessControl
CODE-0600Potential Time Of Check Time Of Use VulnerabilityMEDIUMInjection
CODE-0606Potential Time Of Check Time Of Use (TOCTOU) vulnerabilityMEDIUMAccessControl
CODE-0607Potential time of check time of use vulnerability (chmod)MEDIUMInsecureConfig
CODE-0608Potential time of check time of use vulnerability (chown)MEDIUMAccessControl
CODE-0609Time-of-check time-of-use (TOCTOU) race conditionMEDIUMGeneric
CODE-0610Potential time of check time of use vulnerability (vfork)MEDIUMConcurrency
CODE-0611Usage of insufficient random number generatorsMEDIUMCrypto
CODE-0616Potential time of check time of use vulnerability (GetTempFileName)MEDIUMGeneric
CODE-0617Potential file permissions issue (mkstemp)MEDIUMAccessControl
CODE-0618Use of deprecated function (mktemp)MEDIUMInsecureConfig
CODE-0619Potential time of check time of use vulnerability (tmpfile)MEDIUMInsecureConfig
CODE-0620Potential time of check time of use vulnerability (tmpnam/tempnam)MEDIUMInsecureConfig
CODE-0636Assertion Used for Input ValidationMEDIUMGeneric
CODE-0642Insecure signal() API usageMEDIUMGeneric
CODE-0653Typo in OperatorMEDIUMGeneric
CODE-0669Integer Truncation ErrorMEDIUMGeneric
CODE-0743Integer Overflow from strlen or wcslenMEDIUMInjection
CODE-0744Unsafe use of snprintf and vsnprintf return valuesMEDIUMInjection
CODE-0764Incorrect Unsigned ComparisonMEDIUMGeneric
CODE-0765Insecure API Access: Time-of-Check to Time-of-Use VulnerabilityMEDIUMInsecureConfig
CODE-0767Unchecked Return Value of Memory Allocation FunctionMEDIUMGeneric
CODE-0806Insecure API: atoi, atol, atofMEDIUMGeneric
CODE-0512Missing Default Case in Switch StatementLOWGeneric
CODE-0599Usage of deprecated function (cuserid)LOWInsecureConfig
CODE-0601Usage of deprecated function (getlogin)LOWGeneric
CODE-0602Use of obsolete function getpassLOWInsecureConfig
CODE-0603Deprecated function calls (ssignal/gsignal)LOWGeneric
CODE-0604Usage of deprecated function (ulimit)LOWInsecureConfig
CODE-0605Usage of deprecated function (usleep)LOWInsecureConfig

Total Rules: 109

Click on any rule ID to view detailed information, examples, and remediation guidance.

Copyright © 2026 Sttor