Insert CWE's for all rules

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/concurrency/con01_use_the_ravenscar_profile.rst

@@ -85,6 +85,14 @@ Applicable Vulnerability within ISO TR 24772-2
 * 6.62 Concurrency - Premature termination [CGS]
 * 6.63 Lock protocol errors [CGM]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization
+* CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
+* CWE-366 - Race Condition within a Thread
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/concurrency/con02_use_the_jorvik_profile.rst

@@ -95,6 +95,14 @@ Applicable Vulnerability within ISO TR 24772-2
 * 6.62 Concurrency - Premature termination [CGS]
 * 6.63 Lock protocol errors [CGM]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization
+* CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
+* CWE-366 - Race Condition within a Thread
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/concurrency/con03_avoid_shared_variables_for_inter-task_communication.rst

@@ -42,6 +42,13 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.56 Undefined behaviour [EWF]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-567 - Unsynchronized Access to Shared Data in a Multithreaded Context
+* CWE-667 - Improper Locking
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/dynamic_storage_management/dyn01_common_high_integrity_restrictions.rst

@@ -50,6 +50,15 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 4.10 Storage Pool
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-401 - Missing Release of Memory after Effective Lifetime
+* CWE-415 - Double Free
+* CWE-416 - Use After Free
+*  - 
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/dynamic_storage_management/dyn02_traditional_static_allocation_policy.rst

@@ -59,6 +59,15 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 4.10 Storage Pool
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-401 - Missing Release of Memory after Effective Lifetime
+* CWE-758 - Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
+* CWE-771 - Missing Reference to Active Allocated Resource
+* CWE-1325 - Improperly Controlled Sequential Memory Allocation
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/dynamic_storage_management/dyn03_access_types_without_allocators_policy.rst

@@ -68,6 +68,16 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.14 Dangling reference to heap [XYK]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-401 - Missing Release of Memory after Effective Lifetime
+* CWE-415 - Double Free
+* CWE-416 - Use After Free
+* CWE-771 - Missing Reference to Active Allocated Resource
+* CWE-1325 - Improperly Controlled Sequential Memory Allocation
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/dynamic_storage_management/dyn04_minimal_dynamic_allocation_policy.rst

@@ -56,6 +56,16 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 4.10 Storage Pool
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-401 - Missing Release of Memory after Effective Lifetime
+* CWE-415 - Double Free
+* CWE-416 - Use After Free
+* CWE-771 - Missing Reference to Active Allocated Resource
+* CWE-1325 - Improperly Controlled Sequential Memory Allocation
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/dynamic_storage_management/dyn05_user-defined_storage_pools_policy.rst

@@ -69,6 +69,15 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 4.10 Storage Pool
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-401  - Missing Release of Memory after Effective Lifetime
+* CWE-415  - Double Free
+* CWE-416 - Use After Free
+*  - 
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/dynamic_storage_management/dyn06_statically_determine_maximum_stack_requirements.rst

@@ -48,6 +48,13 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 4.10 Storage Pool
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-770 - Allocation of Resources Without Limits or Throttling
+* CWE-789 - Uncontrolled Memory Allocation
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/exception_usage/exu01_dont_raise_language-defined_exceptions.rst

@@ -50,6 +50,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 N/A
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-397 - Declaration of Throws for Generic Exception
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/exception_usage/exu02_no_unhandled_application-defined_exceptions.rst

@@ -85,6 +85,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.36 Ignored error status and unhandled exceptions [OYB]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-248 - Uncaught Exception
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/exception_usage/exu03_no_exception_propagation_beyond_name_visibility.rst

@@ -43,6 +43,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 N/A
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-248 - Uncaught Exception
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/exception_usage/exu04_prove_absence_of_run-time_exceptions.rst

@@ -56,6 +56,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 N/A
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-248 - Uncaught Exception
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/object_oriented_programming/oop01_no_class-wide_constructs_policy.rst

@@ -49,6 +49,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.43 Redispatching [PPH]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/object_oriented_programming/oop02_static_dispatching_only_policy.rst

@@ -49,6 +49,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.43 Redispatching [PPH]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/object_oriented_programming/oop03_limit_inheritance_hierarchy_depth.rst

@@ -61,6 +61,13 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.41 Inheritance [RIP]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-1074 - Class with Excessively Deep Inheritance
+* CWE-1086 - Class with Excessive Number of Child Classes
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/object_oriented_programming/oop04_limit_statically-dispatched_calls_to_primitive_operations.rst

@@ -82,6 +82,12 @@ Applicable Vulnerability within ISO TR 24772-2
 * 6.43 Redispatching [PPH]
 * 6.44 Polymorphic variables [BKK]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/object_oriented_programming/oop05_use_explicit_overriding_annotations.rst

@@ -99,6 +99,12 @@ Applicable Vulnerability within ISO TR 24772-2
 * 6.34 Subprogram signature mismatch [OTR]
 * 6.41 Inheritance [RIP]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-685 - Function Call With Incorrect Number of Arguments
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/object_oriented_programming/oop06_use_class-wide_pre-post_contracts.rst

@@ -54,6 +54,12 @@ Applicable Vulnerability within ISO TR 24772-2
 * 6.42 Violations of the Liskov substitution principle or the contract model
   [BLP]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/object_oriented_programming/oop07_ensure_local_type_consistency.rst

@@ -135,6 +135,12 @@ Applicable Vulnerability within ISO TR 24772-2
 * 6.43 Redispatching [PPH]
 * 6.44 Polymorphic variables [BKK]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp01_no_use_of_others_in_case_constructs.rst

@@ -54,6 +54,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.27 Switch statements and static analysis [CLL]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-478 - Missing Default Case in Multiple Condition Expression
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp02_no_enumeration_ranges_in_case_constructs.rst

@@ -48,6 +48,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.5 Enumerator issues [CCB]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp03_limited_use_of_others_in_aggregates.rst

@@ -50,6 +50,12 @@ Applicable Vulnerability within ISO TR 24772-2
 * 6.5 Enumerator issues [CCB]
 * 6.27 Switch statements and static analysis [CLL]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-478 - Missing Default Case in Multiple Condition Expression
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp04_no_unassigned_mode-out_procedure_parameters.rst

@@ -48,6 +48,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.32 Passing parameters and return values [CSJ]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-457 - Use of Uninitialized Variable
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp05_no_use_of_others_in_exception_handlers.rst

@@ -46,6 +46,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 N/A
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+* CWE-396 - Declaration of Catch for Generic Exception
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp06_avoid_function_side-effects.rst

@@ -54,6 +54,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.24 Side-effects and order of evaluation [SAM]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp07_functions_only_have_mode_in.rst

@@ -45,6 +45,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.24 Side-effects and order of evaluation [SAM]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++

content/courses/Guidelines_for_Safe_and_Secure_Ada_SPARK/chapters/guidelines/robust_programming_practice/rpp08_limit_parameter_aliasing.rst

@@ -85,6 +85,12 @@ Applicable Vulnerability within ISO TR 24772-2
 
 * 6.32 Passing parameters and return values [CSJ]
 
+++++++++++++++++++++++++++++++++++++++++
+Applicable Common Weakness Enumeration
+++++++++++++++++++++++++++++++++++++++++
+
+N/A
+
 +++++++++++++++++++++++++++
 Noncompliant Code Example
 +++++++++++++++++++++++++++