Difference between revisions of "Assigning instead of comparing"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
{{Template:SecureSoftware}}
 
{{Template:SecureSoftware}}
<br>
+
{{Template:Vulnerability}}
[[Category:OWASP ASDR Project]]
+
[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
[[ASDR Table of Contents]]__TOC__
+
__TOC__
  
 +
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
==Overview==
+
[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]
 +
 
 +
[[ASDR Table of Contents]]
  
 +
==Description==
 
In many languages, the '''compare''' statement is very close in appearance to the '''assignment''' statement and are often confused.
 
In many languages, the '''compare''' statement is very close in appearance to the '''assignment''' statement and are often confused.
  
==Consequences ==
+
'''Consequences'''
  
 
Unspecified.
 
Unspecified.
  
==Exposure period ==
+
'''Exposure period'''
  
 
* Pre-design through Build: The use of tools to detect this problem is recommended.
 
* Pre-design through Build: The use of tools to detect this problem is recommended.
Line 19: Line 23:
 
* Implementation: Many logic errors can lead to this condition. It can be exacerbated by lack, or misuse, of mitigating technologies.  
 
* Implementation: Many logic errors can lead to this condition. It can be exacerbated by lack, or misuse, of mitigating technologies.  
  
==Platform ==
+
'''Platform'''
  
 
* Languages: C, C++
 
* Languages: C, C++
Line 25: Line 29:
 
* Operating platforms: Any
 
* Operating platforms: Any
  
==Required resources ==
+
'''Required resources'''
  
 
Any
 
Any
  
==Severity ==
+
'''Severity'''
  
 
High
 
High
  
==Likelihood  of exploit ==
+
'''Likelihood  of exploit'''
  
 
Low
 
Low
 +
 +
 +
==Risk Factors==
 +
TBD
 +
 +
 +
==Examples==
 +
 +
===Short example name===
 +
: A short example description, small picture, or sample code with [http://www.site.com links]
 +
 +
===Short example name===
 +
: A short example description, small picture, or sample code with [http://www.site.com links]
 +
 +
 +
==Related [[Attacks]]==
 +
 +
* [[Attack 1]]
 +
* [[Attack 2]]
 +
 +
 +
==Related [[Vulnerabilities]]==
 +
* [[Comparing instead of assigning]]
 +
 +
 +
 +
==Related [[Controls]]==
 +
 +
* [[Control 1]]
 +
* [[Control 2]]
 +
 +
Note: contents of "Avoidance and Mitigation" and "Countermeasure" related Sections should be placed here
 +
 +
 +
==Related [[Technical Impacts]]==
 +
 +
* [[Technical Impact 1]]
 +
* [[Technical Impact 2]]
 +
 +
 +
==References==
 +
Note: A reference to related [http://cwe.mitre.org/ CWE] or [http://capec.mitre.org/ CAPEC] article should be added when exists. Eg:
 +
 +
* [http://cwe.mitre.org/data/definitions/79.html CWE 79].
 +
* http://www.link1.com
 +
* [http://www.link2.com Title for the link2]
 +
 +
 +
In addition, one should classify vulnerability based on the following subcategories: Ex:<nowiki>[[Category:Error Handling Vulnerability]]</nowiki>
 +
 +
Availability Vulnerability
 +
 +
Authorization Vulnerability
 +
 +
Authentication Vulnerability
 +
 +
Concurrency Vulnerability
 +
 +
Configuration Vulnerability
 +
 +
Cryptographic Vulnerability
 +
 +
Encoding Vulnerability
 +
 +
Error Handling Vulnerability
 +
 +
Input Validation Vulnerability
 +
 +
Logging and Auditing Vulnerability
 +
 +
Session Management Vulnerability
 +
 +
__NOTOC__
 +
 +
==Overview==
 +
 +
 +
  
 
==Avoidance and mitigation ==
 
==Avoidance and mitigation ==
Line 63: Line 145:
  
 
==Related problems ==
 
==Related problems ==
 
[[Comparing instead of assigning]]
 
  
  
 
[[Category:Vulnerability]]
 
[[Category:Vulnerability]]
 
 
[[Category:General Logic Error Vulnerability]]
 
[[Category:General Logic Error Vulnerability]]
 
 
[[Category:OWASP_CLASP_Project]]
 
[[Category:OWASP_CLASP_Project]]
 
 
[[Category:Implementation]]
 
[[Category:Implementation]]
 +
[[Category:OWASP ASDR Project]]

Revision as of 07:53, 22 September 2008

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Contents


Last revision (mm/dd/yy): 09/22/2008

Vulnerabilities Table of Contents

ASDR Table of Contents

Description

In many languages, the compare statement is very close in appearance to the assignment statement and are often confused.

Consequences

Unspecified.

Exposure period

  • Pre-design through Build: The use of tools to detect this problem is recommended.
  • Implementation: Many logic errors can lead to this condition. It can be exacerbated by lack, or misuse, of mitigating technologies.

Platform

  • Languages: C, C++
  • Operating platforms: Any

Required resources

Any

Severity

High

Likelihood of exploit

Low


Risk Factors

TBD


Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links


Related Attacks


Related Vulnerabilities


Related Controls

Note: contents of "Avoidance and Mitigation" and "Countermeasure" related Sections should be placed here


Related Technical Impacts


References

Note: A reference to related CWE or CAPEC article should be added when exists. Eg:


In addition, one should classify vulnerability based on the following subcategories: Ex:[[Category:Error Handling Vulnerability]]

Availability Vulnerability

Authorization Vulnerability

Authentication Vulnerability

Concurrency Vulnerability

Configuration Vulnerability

Cryptographic Vulnerability

Encoding Vulnerability

Error Handling Vulnerability

Input Validation Vulnerability

Logging and Auditing Vulnerability

Session Management Vulnerability


Overview

Avoidance and mitigation

  • Pre-design: Through Build: Many IDEs and static analysis products will detect this problem.
  • Implementation: Place constants on the left. If one attempts to assign a constant with a variable, the compiler will of course produce an error.

Discussion

This bug is generally as a result of a typo and usually should cause obvious problems with program execution. If the comparison is in an if statement, the if statement will always return the value of the right-hand side variable.

Examples

In C/C++/Java:

void called(int foo){
        if (foo=1)  printf("foo\n");
}

int main(){
        called(2);
        return 0;
}

Related problems