Has anyone created a mapping of the clang static analyzer's bug types
to CWE categories?

For example the bug type, "Undefined allocation of 0 bytes (CERT
MEM04-C; CWE-131)", contains the CWE category in the label. Just
wondering if this info was already compiled anywhere for the other bug
types.

Thanks.

Hi Zubin,

To the best of my knowledge such mapping does not exist.
Moreover, we do not even provide unique error codes for the analyzer warnings,
making the problem even more complicated — but that is something that we would
potentially address soon.

George