Category: SFP Secondary Cluster: Glitch in Computation
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Glitch in Computation cluster (SFP1).
Membership
| ID | Name | Description |
|---|---|---|
| CWE-128 | Wrap-around Error | Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value. |
| CWE-190 | Integer Overflow or Wraparound | The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number. |
| CWE-191 | Integer Underflow (Wrap or Wraparound) | The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result. |
| CWE-194 | Unexpected Sign Extension | The product performs an operation on a number that causes it to be sign extended when it is transformed into a larger data type. When the original number is negative, this can produce unexpected values that lead to resultant weaknesses. |
| CWE-195 | Signed to Unsigned Conversion Error | The product uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if the value of the signed primitive can not be represented using an unsigned primitive. |
| CWE-196 | Unsigned to Signed Conversion Error | The product uses an unsigned primitive and performs a cast to a signed primitive, which can produce an unexpected value if the value of the unsigned primitive can not be represented using a signed primitive. |
| CWE-197 | Numeric Truncation Error | Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion. |
| CWE-369 | Divide By Zero | The product divides a value by zero. |
| CWE-456 | Missing Initialization of a Variable | The product does not initialize critical variables, which causes the execution environment to use unexpected values. |
| CWE-457 | Use of Uninitialized Variable | The code uses a variable that has not been initialized, leading to unpredictable or unintended results. |
| CWE-466 | Return of Pointer Value Outside of Expected Range | A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference. |
| CWE-468 | Incorrect Pointer Scaling | In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled. |
| CWE-475 | Undefined Behavior for Input to API | The behavior of this function is undefined unless its control parameter is set to a specific value. |
| CWE-480 | Use of Incorrect Operator | The product accidentally uses the wrong operator, which changes the logic in security-relevant ways. |
| CWE-481 | Assigning instead of Comparing | The code uses an operator for assignment when the intention was to perform a comparison. |
| CWE-486 | Comparison of Classes by Name | The product compares classes by name, which can cause it to use the wrong class when multiple classes can have the same name. |
| CWE-562 | Return of Stack Variable Address | A function returns the address of a stack variable, which will cause unintended program behavior, typically in the form of a crash. |
| CWE-570 | Expression is Always False | The product contains an expression that will always evaluate to false. |
| CWE-571 | Expression is Always True | The product contains an expression that will always evaluate to true. |
| CWE-579 | J2EE Bad Practices: Non-serializable Object Stored in Session | The product stores a non-serializable object as an HttpSession attribute, which can hurt reliability. |
| CWE-587 | Assignment of a Fixed Address to a Pointer | The product sets a pointer to a specific address other than NULL or 0. |
| CWE-594 | J2EE Framework: Saving Unserializable Objects to Disk | When the J2EE container attempts to write unserializable objects to disk there is no guarantee that the process will complete successfully. |
| CWE-597 | Use of Wrong Operator in String Comparison | The product uses the wrong operator when comparing a string, such as using "==" when the .equals() method should be used instead. |
| CWE-628 | Function Call with Incorrectly Specified Arguments | The product calls a function, procedure, or routine with arguments that are not correctly specified, leading to always-incorrect behavior and resultant weaknesses. |
| CWE-681 | Incorrect Conversion between Numeric Types | When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur. |
| CWE-683 | Function Call With Incorrect Order of Arguments | The product calls a function, procedure, or routine, but the caller specifies the arguments in an incorrect order, leading to resultant weaknesses. |
| CWE-685 | Function Call With Incorrect Number of Arguments | The product calls a function, procedure, or routine, but the caller specifies too many arguments, or too few arguments, which may lead to undefined behavior and resultant weaknesses. |
| CWE-686 | Function Call With Incorrect Argument Type | The product calls a function, procedure, or routine, but the caller specifies an argument that is the wrong data type, which may lead to resultant weaknesses. |
| CWE-688 | Function Call With Incorrect Variable or Reference as Argument | The product calls a function, procedure, or routine, but the caller specifies the wrong variable or reference as one of the arguments, which may lead to undefined behavior and resultant weaknesses. |
| CWE-704 | Incorrect Type Conversion or Cast | The product does not correctly convert an object, resource, or structure from one type to a different type. |
| CWE-768 | Incorrect Short Circuit Evaluation | The product contains a conditional statement with multiple logical expressions in which one of the non-leading expressions may produce side effects. This may lead to an unexpected state in the program after the execution of the conditional, because short-circuiting logic may prevent the side effects from occurring. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.