CWE-697 不充分的比较
Incorrect Comparison
结构: Simple
Abstraction: Class
状态: Incomplete
被利用可能性: unkown
基本描述
The software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
扩展描述
This weakness class covers several possibilities:
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| Other | Varies by Context |
示例代码
例
Consider an application in which Truck objects are defined to be the same if they have the same make, the same model, and were manufactured in the same year.
bad Java
private String model;
private int year;
public boolean equals(Object o) {
if (o == this) return true;
if (!(o instanceof Truck)) return false;
Truck t = (Truck) o;
return (this.make.equals(t.getMake()) && this.model.equals(t.getModel()));
}
}
Here, the equals() method only checks the make and model of the Truck objects, but the year of manufacture is not included.
例
This example defines a fixed username and password. The AuthenticateUser() function is intended to accept a username and a password from an untrusted user, and check to ensure that it matches the username and password. If the username and password match, AuthenticateUser() is intended to indicate that authentication succeeded.
bad C
/ Ignore CWE-259 (hard-coded password) and CWE-309 (use of password system for authentication) for this example. /
char username = "admin";
char pass = "password";
int AuthenticateUser(char inUser, char inPass) {
return(AUTH_FAIL);
}
if (! strncmp(pass, inPass, strlen(inPass))) {
return(AUTH_SUCCESS);
}
else {
return(AUTH_FAIL);
}
}
int main (int argc, char **argv) {
if (argc ExitError("Usage: Provide a username and password");
}
authResult = AuthenticateUser(argv[1], argv[2]);
if (authResult == AUTH_SUCCESS) {
}
else {
}
}文章来源于互联网:scap中文网
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论