|
|
|
|
CWE-482: Comparing instead of Assigning | |
| | Comparing instead of Assigning |
|
| Weakness ID: 482 (Weakness Variant) | | Status: Draft |
 Description
Description Summary The code uses an operator for comparison when the intention was
to perform an assignment.
Extended Description
In many languages, the compare statement is very close in appearance to
the assignment statement; they are often confused.
Time of Introduction Modes of Introduction
|
This bug primarily originates from a typo.
|
Common Consequences | Scope | Effect |
|---|
Availability | The assignment will not take place, which should cause obvious program
execution problems. |
Likelihood of Exploit Demonstrative Examples Example 1 (Bad Code) C and C++ and Java void called(int foo) {
foo==1;
if (foo==1) printf("foo\n");
} int main() { } Potential Mitigations | Phase | Description |
|---|
| Pre-design: Through Build: Many IDEs and static analysis products will
detect this problem. |
Relationships Taxonomy Mappings | Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
|---|
| CLASP | | | Comparing instead of assigning |
| CERT C Secure Coding | MSC02-C | | Avoid errors of omission |
Content History | Submissions |
|---|
| Submission Date | Submitter | Organization | Source |
|---|
| CLASP | | Externally Mined | | | Modifications |
|---|
| Modification Date | Modifier | Organization | Source |
|---|
| 2008-07-01 | Eric Dalci | Cigital | External | | updated Time of Introduction | | 2008-09-08 | CWE Content Team | MITRE | Internal | | updated Applicable Platforms, Description, Relationships,
Other Notes, Taxonomy Mappings | | 2008-11-24 | CWE Content Team | MITRE | Internal | | updated Relationships,
Taxonomy Mappings | | 2009-07-27 | CWE Content Team | MITRE | Internal | | updated Common Consequences,
Modes of Introduction | | 2009-10-29 | CWE Content Team | MITRE | Internal | | updated Other Notes |
|
