The software contains a method that accesses an object but does not later invoke
the element’s associated finalize/destructor method.
Modes of Introduction:
Other: Reduce Performance
A method for a class performs an operation that directly
accesses a member element from another class.
Modes of Introduction:
Other: Reduce Maintainability
Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.
Modes of Introduction:
– Implementation
Access Control: Bypass Protection Mechanism
Phase: Implementation
Description:
Ensure that an action form mapping enables validation. Set the validate field to true.
The software uses a large data table that contains an excessively large number of
indices.
Modes of Introduction:
Other: Reduce Performance
The code has a synchronous call to a remote resource, but there is no timeout for the call, or the timeout is set to infinite.
Modes of Introduction:
Other: Reduce Reliability
A class contains a virtual method, but the method does not have an associated virtual destructor.
Modes of Introduction:
Other: Reduce Reliability
A class contains an unnecessarily large number of
children.
Modes of Introduction:
Other: Reduce Maintainability
A function, method, procedure, etc. contains an excessive amount of code that has been
commented out within its body.
Modes of Introduction:
Other: Reduce Maintainability
A function or method contains too many
operations that utilize a data manager or file resource.
Modes of Introduction:
Other: Reduce Maintainability
The software is intended to manage data access through a particular data manager component such as a relational or non-SQL database, but it contains code that performs data access operations without using that component.
Modes of Introduction:
Other: Reduce Reliability