Incorrect Semantic Object Comparison| ID: 596 | Date: (C)2012-05-14 (M)2022-10-10 |
| Type: weakness | Status: INCOMPLETE |
| Abstraction Type: Base |
Description
The software does not correctly compare two objects based on
their conceptual content.
Applicable PlatformsNone
Time Of Introduction
Common Consequences
| Scope | Technical Impact | Notes |
|---|
| Other | Other | |
Detection Methods
| Name | Description | Effectiveness | Notes |
|---|
| Manual Static Analysis | Requires domain-specific knowledge to determine if the comparison is
incorrect. | | |
Potential MitigationsNone
Relationships
| Related CWE | Type | View | Chain |
|---|
| CWE-596 ChildOf CWE-907 | Category | CWE-888 | |
Demonstrative Examples (Details)
- For example, let's say you have two truck objects that you want to
compare for equality. Truck objects are defined to be the same if they have
the same make, the same model, and were manufactured in the same year. A
Semantic Incorrect Object Comparison would occur if only two of the three
factors were checked for equality. So if only make and model are compared
and the year is ignored, then you have an incorrect object
comparison.
White Box Definitions None
Black Box Definitions None
Taxynomy MappingsNone
References:None
