The documentation does not sufficiently describe the techniques
that are used for error handling, exception processing, or similar
mechanisms.
Modes of Introduction:
The code uses too many unconditional branches (such as
“goto”).
Modes of Introduction:
Other: Reduce Maintainability
The software accepts XML from an untrusted source but does not validate the XML against the proper schema.
Most successful attacks begin with a violation of the programmer’s assumptions. By accepting an XML document without validating it against a DTD or XML schema, the programmer leaves a door open for attackers to provide unexpected, unreasonable, or malicious input.
Modes of Introduction:
– Implementation
Integrity: Unexpected State
Phase: Architecture and Design
Description:
A function, method, procedure, etc. contains an excessive amount of code that has been
commented out within its body.
Modes of Introduction:
Other: Reduce Maintainability
A class contains an unnecessarily large number of
children.
Modes of Introduction:
Other: Reduce Maintainability
A class contains a virtual method, but the method does not have an associated virtual destructor.
Modes of Introduction:
Other: Reduce Reliability
The code has a synchronous call to a remote resource, but there is no timeout for the call, or the timeout is set to infinite.
Modes of Introduction:
Other: Reduce Reliability
The software uses a large data table that contains an excessively large number of
indices.
Modes of Introduction:
Other: Reduce Performance
Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.
Modes of Introduction:
– Implementation
Access Control: Bypass Protection Mechanism
Phase: Implementation
Description:
Ensure that an action form mapping enables validation. Set the validate field to true.
A method for a class performs an operation that directly
accesses a member element from another class.
Modes of Introduction:
Other: Reduce Maintainability