Indicator of Poor Code Quality |
Weakness ID: 398 (Weakness Class) | Status: Draft |
Description Summary
The code has features that do not directly introduce a weakness or vulnerability, but indicate that the product has not been carefully developed or maintained.
Extended Description
Programs are more likely to be secure when good development practices are followed. If a program is complex, difficult to maintain, not portable, or shows evidence of neglect, then there is a higher likelihood that weaknesses are buried in the code.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 18 | Source Code | Development Concepts (primary)699 |
ChildOf | Weakness Class | 710 | Coding Standards Violation | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 107 | Struts: Unused Validation Form | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 110 | Struts: Validator Without Form Field | Research Concepts (primary)1000 |
ParentOf | Category | 399 | Resource Management Errors | Development Concepts (primary)699 |
ParentOf | Weakness Base | 401 | Failure to Release Memory Before Removing Last Reference ('Memory Leak') | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 404 | Improper Resource Shutdown or Release | Development Concepts699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 415 | Double Free | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 416 | Use After Free | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Variant | 457 | Use of Uninitialized Variable | Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 474 | Use of Function with Inconsistent Implementations | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 475 | Undefined Behavior for Input to API | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | Weakness Base | 476 | NULL Pointer Dereference | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 477 | Use of Obsolete Functions | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 478 | Missing Default Case in Switch Statement | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 479 | Unsafe Function Call from a Signal Handler | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 483 | Incorrect Block Delimitation | Development Concepts (primary)699 |
ParentOf | Weakness Base | 484 | Omitted Break Statement in Switch | Development Concepts (primary)699 Research Concepts1000 |
ParentOf | Weakness Variant | 546 | Suspicious Comment | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 547 | Use of Hard-coded, Security-relevant Constants | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 561 | Dead Code | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Base | 562 | Return of Stack Variable Address | Development Concepts (primary)699 Research Concepts1000 |
ParentOf | Weakness Variant | 563 | Unused Variable | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Category | 569 | Expression Issues | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 585 | Empty Synchronized Block | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 586 | Explicit Call to Finalize() | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 617 | Reachable Assertion | Development Concepts (primary)699 |
ParentOf | Weakness Base | 676 | Use of Potentially Dangerous Function | Development Concepts (primary)699 Research Concepts (primary)1000 |
MemberOf | View | 700 | Seven Pernicious Kingdoms | Seven Pernicious Kingdoms (primary)700 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
7 Pernicious Kingdoms | Code Quality |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
7 Pernicious Kingdoms | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Description, Relationships, Taxonomy Mappings | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Code Quality | |||