Indicator of Poor Code Quality |
Weakness ID: 398 (Weakness Class) | Status: Draft |
Description Summary
The code has features that do not directly introduce a weakness or vulnerability, but indicate that the product has not been carefully developed or maintained.
Extended Description
Programs are more likely to be secure when good development practices are followed. If a program is complex, difficult to maintain, not portable, or shows evidence of neglect, then there is a higher likelihood that weaknesses are buried in the code.
Nature | Type | ID | Name | View(s) this relationship pertains to![]() |
---|---|---|---|---|
ChildOf | ![]() | 18 | Source Code | Development Concepts (primary)699 |
ChildOf | ![]() | 710 | Coding Standards Violation | Research Concepts (primary)1000 |
ParentOf | ![]() | 107 | Struts: Unused Validation Form | Research Concepts (primary)1000 |
ParentOf | ![]() | 110 | Struts: Validator Without Form Field | Research Concepts (primary)1000 |
ParentOf | ![]() | 399 | Resource Management Errors | Development Concepts (primary)699 |
ParentOf | ![]() | 401 | Failure to Release Memory Before Removing Last Reference ('Memory Leak') | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 404 | Improper Resource Shutdown or Release | Development Concepts699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 415 | Double Free | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 416 | Use After Free | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 457 | Use of Uninitialized Variable | Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 474 | Use of Function with Inconsistent Implementations | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | ![]() | 475 | Undefined Behavior for Input to API | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 |
ParentOf | ![]() | 476 | NULL Pointer Dereference | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | ![]() | 477 | Use of Obsolete Functions | Development Concepts (primary)699 Seven Pernicious Kingdoms (primary)700 Research Concepts (primary)1000 |
ParentOf | ![]() | 478 | Missing Default Case in Switch Statement | Development Concepts (primary)699 |
ParentOf | ![]() | 479 | Unsafe Function Call from a Signal Handler | Development Concepts (primary)699 |
ParentOf | ![]() | 483 | Incorrect Block Delimitation | Development Concepts (primary)699 |
ParentOf | ![]() | 484 | Omitted Break Statement in Switch | Development Concepts (primary)699 Research Concepts1000 |
ParentOf | ![]() | 546 | Suspicious Comment | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | ![]() | 547 | Use of Hard-coded, Security-relevant Constants | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | ![]() | 561 | Dead Code | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | ![]() | 562 | Return of Stack Variable Address | Development Concepts (primary)699 Research Concepts1000 |
ParentOf | ![]() | 563 | Unused Variable | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | ![]() | 569 | Expression Issues | Development Concepts (primary)699 |
ParentOf | ![]() | 585 | Empty Synchronized Block | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | ![]() | 586 | Explicit Call to Finalize() | Development Concepts (primary)699 |
ParentOf | ![]() | 617 | Reachable Assertion | Development Concepts (primary)699 |
ParentOf | ![]() | 676 | Use of Potentially Dangerous Function | Development Concepts (primary)699 Research Concepts (primary)1000 |
MemberOf | ![]() | 700 | Seven Pernicious Kingdoms | Seven Pernicious Kingdoms (primary)700 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
7 Pernicious Kingdoms | Code Quality |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
7 Pernicious Kingdoms | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Description, Relationships, Taxonomy Mappings | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Code Quality | |||