Insufficient Isolation of Symbolic Constant Definitions

Incomplete Base

Structure: Simple

Description

The source code uses symbolic constants, but it does not sufficiently place the definitions of these constants into a more centralized or isolated location.

Extended Description

This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.

Common Consequences 1

Scope: Other

Impact: Reduce Maintainability

References 1

Providing a Framework for Effective Software Quality Assessment

Robert A. Martin and Lawrence H. Shafer

07-1996

https://www.researchgate.net/publication/285403022_PROVIDING_A_FRAMEWORK_FOR_EFFECTIVE_SOFTWARE_QUALITY_MEASUREMENT_MAKING_A_SCIENCE_OF_RISK_ASSESSMENT(2023-04-07)

ID: REF-963

Related Weaknesses

ChildOf:

Inappropriate Source Code Style or Formatting (CWE-1078)