Duplicate Operations on Resource
Weakness ID: 675 (Weakness Class)Status: Draft
+ Description

Description Summary

The product performs the same operation on a resource two or more times, when the operation should only be applied once.
+ Time of Introduction
  • Implementation
+ Applicable Platforms

Languages

All

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class573Failure to Follow Specification
Research Concepts (primary)1000
ChildOfCategoryCategory743CERT C Secure Coding Section 09 - Input Output (FIO)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
PeerOfWeakness VariantWeakness Variant102Struts: Duplicate Validation Forms
Research Concepts1000
PeerOfWeakness ClassWeakness Class227Failure to Fulfill API Contract ('API Abuse')
Research Concepts1000
PeerOfWeakness VariantWeakness Variant586Explicit Call to Finalize()
Research Concepts1000
ParentOfWeakness VariantWeakness Variant174Double Decoding of the Same Data
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant415Double Free
Research Concepts1000
ParentOfWeakness BaseWeakness Base605Multiple Binds to the Same Port
Research Concepts (primary)1000
ParentOfWeakness VariantWeakness Variant764Multiple Locks of a Critical Resource
Research Concepts1000
ParentOfWeakness VariantWeakness Variant765Multiple Unlocks of a Critical Resource
Research Concepts1000
PeerOfWeakness VariantWeakness Variant85Doubled Character XSS Manipulations
Research Concepts1000
+ Relationship Notes

This weakness is probably closely associated with other issues related to doubling, such as CWE-462 (duplicate key in alist) or CWE-102 (Struts duplicate validation forms). It's usually a case of an API contract violation (CWE-227).

+ Relevant Properties
  • Uniqueness
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CERT C Secure CodingFIO31-CDo not simultaneously open the same file multiple times
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other Notes
2008-11-24CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
2009-05-27CWE Content TeamMITREInternal
updated Relationships
2009-10-29CWE Content TeamMITREInternal
updated Other Notes, Relationship Notes