Difference between revisions of "Assigning instead of comparing"

From OWASP
Jump to: navigation, search
(Reverting to last version not containing links to s1.shard.jp)
Line 1: Line 1:
[http://s1.shard.jp/frhorton/h8s9rb8r9.html africa tribes photos
 
] [http://s1.shard.jp/bireba/unistalling-norton.html vetantivirus.com
 
] [http://s1.shard.jp/olharder/comparatif-automobile.html plane trains and automobile quote
 
] [http://s1.shard.jp/olharder/automatic-pig.html rpm autobytel
 
] [http://s1.shard.jp/frhorton/ocdp2flvo.html african bank control implementing in process quality south
 
] [http://s1.shard.jp/losaul/atlas-of-australian.html girl guides australia
 
] [http://s1.shard.jp/frhorton/lpujl5mms.html south africa adoption
 
] [http://s1.shard.jp/bireba/symantec-antivirus.html norton antivirus software download free
 
] [http://s1.shard.jp/losaul/australia-next.html motorcycle finance australia
 
] [http://s1.shard.jp/galeach/new191.html asia bank offshore rabo sarasin
 
] [http://s1.shard.jp/galeach/new87.html asian av girl idol
 
] [http://s1.shard.jp/olharder/tactical-automated.html autometer speedometer
 
] [http://s1.shard.jp/bireba/avg-60-antivirus.html download free norton antivirus full version
 
] [http://s1.shard.jp/galeach/new159.html asian arts center
 
] [http://s1.shard.jp/losaul/aborigines--dreamtime.html vinidex australia
 
] [http://s1.shard.jp/frhorton/9viywdetn.html african american fine art
 
] [http://s1.shard.jp/olharder/autoroll-654.html url] [http://s1.shard.jp/frhorton/uu2d3yy8s.html computer science jobs in south africa
 
] [http://s1.shard.jp/galeach/new40.html pan asian foods
 
] [http://s1.shard.jp/losaul/australia-immigration.html unskilled jobs in australia
 
] [http://s1.shard.jp/galeach/new184.html anastasia - bartok
 
] [http://s1.shard.jp/olharder/automobile-chart.html auto chantilly
 
] [http://s1.shard.jp/losaul/australian-sheepskin.html advertising association australia
 
] [http://s1.shard.jp/losaul/australia-stables.html virgin blue australia home
 
] [http://s1.shard.jp/losaul/1999-australian.html telestra australia
 
] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/olharder/the-autobiography.html auto repair minneapolis mn
 
] [http://s1.shard.jp/bireba/norton-antivirus.html computer associates antivirus download
 
] [http://s1.shard.jp/galeach/new107.html submissive asian women
 
] [http://s1.shard.jp/olharder/prestige-auto.html prestige auto repair] [http://s1.shard.jp/losaul/physiotherapy-colleges.html australia open home page
 
] [http://s1.shard.jp/losaul/police-federation.html golden retriever breeders australia
 
] [http://s1.shard.jp/bireba/noton-antivirus.html mdaemon antivirus keygen
 
] [http://s1.shard.jp/frhorton/gpeqnwwus.html south african newspaper
 
] [http://s1.shard.jp/losaul/australia-food-product.html australian beer can
 
] [http://s1.shard.jp/bireba/manually-updating.html antivirus avg7.0
 
] [http://s1.shard.jp/galeach/new178.html asian gift collectible
 
] [http://s1.shard.jp/galeach/new105.html dysplasia multiple myeloma
 
] [http://s1.shard.jp/galeach/new135.html asian student travel] [http://s1.shard.jp/frhorton/smui5er3r.html property south africa for sale] [http://s1.shard.jp/bireba/panda-titanium.html avg antivirus full
 
] [http://s1.shard.jp/bireba/avg-free-download.html corporate antivirus software review
 
] [http://s1.shard.jp/olharder/johnny-bench.html rebuilt automobile motor
 
] [http://s1.shard.jp/frhorton/3otvgvzdn.html african drum tribal
 
] [http://s1.shard.jp/olharder/xp-autoplay-disable.html maserati automaker first name
 
] [http://s1.shard.jp/olharder/auto-repair-service.html autoverleih billiger
 
 
 
{{Template:SecureSoftware}}
 
{{Template:SecureSoftware}}
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}

Revision as of 13:01, 29 May 2009

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.



Last revision (mm/dd/yy): 05/29/2009

Vulnerabilities Table of Contents


Description

In many languages, the compare statement is very close in appearance to the assignment statement and are often confused.

This bug is generally a result of a typo and usually should cause obvious problems with program execution. If the comparison is in an if statement, the if statement will always return the value of the right-hand side variable.

Consequences

Unspecified.

Exposure period

  • Pre-design through Build: The use of tools to detect this problem is recommended.
  • Implementation: Many logic errors can lead to this condition. It can be exacerbated by lack, or misuse, of mitigating technologies.

Platform

  • Languages: C, C++
  • Operating platforms: Any

Required resources

Any

Severity

High

Likelihood of exploit

Low


Risk Factors

TBD


Examples

In C/C++/Java:

void called(int foo){
        if (foo=1)  printf("foo\n");
}

int main(){
        called(2);
        return 0;
}


Related Attacks

TBD

Related Vulnerabilities

Related Controls

TBD

  • Control 1
  • Control 2
  • Pre-design: Through Build: Many IDEs and static analysis products will detect this problem.
  • Implementation: Place constants on the left. If one attempts to assign a constant with a variable, the compiler will of course produce an error.


Related Technical Impacts

TBD


References

TBD