CWE-1023 缺失要素致使对比不完全
Incomplete Comparison with Missing Factors
结构: Simple
Abstraction: Base
状态: Incomplete
被利用可能性: unkown
基本描述
The software performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors. This can lead to resultant weaknesses, e.g. by operating on the wrong object.
相关缺陷
-
cwe_Nature: ChildOf cwe_CWE_ID: 697 cwe_View_ID: 1000 cwe_Ordinal: Primary
-
cwe_Nature: ChildOf cwe_CWE_ID: 697 cwe_View_ID: 699 cwe_Ordinal: Primary
适用平台
Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| ['Integrity', 'Access Control'] | ['Alter Execution Logic', 'Bypass Protection Mechanism'] |
可能的缓解方案
Testing
策略:
Thoroughly test the comparison scheme before deploying code into production. Perform positive testing as well as negative testing.
示例代码
例
This example defines a fixed username and password. The AuthenticateUser() function is intended to accept a username and a password from an untrusted user, and check to ensure that it matches the username and password. If the username and password match, AuthenticateUser() is intended to indicate that authentication succeeded.
bad C
char username = "admin";
char pass = "password";
int AuthenticateUser(char inUser, char inPass) {
return(AUTH_FAIL);
}
if (! strncmp(pass, inPass, strlen(inPass))) {
return(AUTH_SUCCESS);
}
else {
return(AUTH_FAIL);
}
}
int main (int argc, char **argv) {
if (argc ExitError("Usage: Provide a username and password");
}
authResult = AuthenticateUser(argv[1], argv[2]);
if (authResult == AUTH_SUCCESS) {
}
else {
}
}文章来源于互联网:scap中文网
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论