Difference between revisions of "Assigning instead of comparing"

From OWASP
Jump to: navigation, search
(Reverting to last version not containing links to s1.shard.jp)
 
(16 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{{Template:SecureSoftware}}
 
{{Template:SecureSoftware}}
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}
[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
+
<br>
__TOC__
+
 
+
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
 
[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]
 
[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]
  
[[ASDR Table of Contents]]
 
  
 
==Description==
 
==Description==
In many languages, the '''compare''' statement is very close in appearance to the '''assignment''' statement and are often confused.
+
In many languages, the ''compare'' statement is very close in appearance to the ''assignment'' statement and are often confused.
 +
 
 +
This bug is generally a result of a typo and usually should cause obvious problems with program execution. If the comparison is in an ''if'' statement, the ''if ''statement will always return the value of the right-hand side variable.
  
 
'''Consequences'''
 
'''Consequences'''
Line 47: Line 46:
  
 
==Examples==
 
==Examples==
 +
In C/C++/Java:
  
===Short example name===
+
<pre>
: A short example description, small picture, or sample code with [http://www.site.com links]
+
void called(int foo){
 +
        if (foo=1)  printf("foo\n");
 +
}
  
===Short example name===
+
int main(){
: A short example description, small picture, or sample code with [http://www.site.com links]
+
        called(2);
 +
        return 0;
 +
}
 +
</pre>
  
  
 
==Related [[Attacks]]==
 
==Related [[Attacks]]==
 
+
TBD
 
* [[Attack 1]]
 
* [[Attack 1]]
 
* [[Attack 2]]
 
* [[Attack 2]]
 
  
 
==Related [[Vulnerabilities]]==
 
==Related [[Vulnerabilities]]==
 
* [[Comparing instead of assigning]]
 
* [[Comparing instead of assigning]]
 
 
  
 
==Related [[Controls]]==
 
==Related [[Controls]]==
 
+
TBD
 
* [[Control 1]]
 
* [[Control 1]]
 
* [[Control 2]]
 
* [[Control 2]]
 
+
* Pre-design: Through Build: Many IDEs and static analysis products will detect this problem.
Note: contents of "Avoidance and Mitigation" and "Countermeasure" related Sections should be placed here
+
* Implementation: Place constants on the left. If one attempts to assign a constant with a variable, the compiler will of course produce an error.
  
  
 
==Related [[Technical Impacts]]==
 
==Related [[Technical Impacts]]==
 
+
TBD
 
* [[Technical Impact 1]]
 
* [[Technical Impact 1]]
 
* [[Technical Impact 2]]
 
* [[Technical Impact 2]]
Line 81: Line 83:
  
 
==References==
 
==References==
Note: A reference to related [http://cwe.mitre.org/ CWE] or [http://capec.mitre.org/ CAPEC] article should be added when exists. Eg:
+
TBD
 
+
[[Category:FIXME|need links
* [http://cwe.mitre.org/data/definitions/79.html CWE 79].
+
* http://www.link1.com
+
* [http://www.link2.com Title for the link2]
+
  
  
Line 110: Line 109:
 
Logging and Auditing Vulnerability
 
Logging and Auditing Vulnerability
  
Session Management Vulnerability
+
Session Management Vulnerability]]
  
 
__NOTOC__
 
__NOTOC__
  
==Overview==
 
 
 
 
 
==Avoidance and mitigation ==
 
 
* Pre-design: Through Build: Many IDEs and static analysis products will detect this problem.
 
 
* Implementation: Place constants on the left. If one attempts to assign a constant with a variable, the compiler will of course produce an error.
 
 
==Discussion ==
 
 
This bug is generally as a result of a typo and usually should cause obvious problems with program execution. If the comparison is in an ''if'' statement, the ''if ''statement will always return the value of the right-hand side variable.
 
 
==Examples ==
 
 
In C/C++/Java:
 
 
<pre>
 
void called(int foo){
 
        if (foo=1)  printf("foo\n");
 
}
 
 
int main(){
 
        called(2);
 
        return 0;
 
}
 
</pre>
 
 
==Related problems ==
 
  
  

Latest revision as of 07:50, 3 June 2009

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.



Last revision (mm/dd/yy): 06/3/2009

Vulnerabilities Table of Contents


Description

In many languages, the compare statement is very close in appearance to the assignment statement and are often confused.

This bug is generally a result of a typo and usually should cause obvious problems with program execution. If the comparison is in an if statement, the if statement will always return the value of the right-hand side variable.

Consequences

Unspecified.

Exposure period

  • Pre-design through Build: The use of tools to detect this problem is recommended.
  • Implementation: Many logic errors can lead to this condition. It can be exacerbated by lack, or misuse, of mitigating technologies.

Platform

  • Languages: C, C++
  • Operating platforms: Any

Required resources

Any

Severity

High

Likelihood of exploit

Low


Risk Factors

TBD


Examples

In C/C++/Java:

void called(int foo){
        if (foo=1)  printf("foo\n");
}

int main(){
        called(2);
        return 0;
}


Related Attacks

TBD

Related Vulnerabilities

Related Controls

TBD

  • Control 1
  • Control 2
  • Pre-design: Through Build: Many IDEs and static analysis products will detect this problem.
  • Implementation: Place constants on the left. If one attempts to assign a constant with a variable, the compiler will of course produce an error.


Related Technical Impacts

TBD


References

TBD