BF Name Resolution (NRS) Bugs Class
Irena Bojanova, Inventor, Creator, PI, Bugs Framework (BF)

Definition

The name of an object, a function, or a type is resolved improperly or bound to an improper type or implementation.

Taxonomy

OperationsDefinition
ReferUse a name in local or remote scopes of source code. The Type System resolves the name and binds a data type to it.
CallInvoke a function implementation. The Type System binds a function implementation to the resolved function name. A polymorphic function implementation is first resolved and then bound.
OperandsDefinition
NameThe declared identifier for an entity.
TypeThe data type of an object -- the set of allowed values (e.g., char is within [-128, 127]) and the operations allowed over them (e.g., +, *, mod).
CausesDefinition
Code Defect BugThe operation has a bug, which is the first cause for the chain of weaknesses underlying a software security vulnerability. The bug must be fixed to resolve the vulnerability.
   Erroneous CodeThe operation implementation has a bug.
Specification Defect BugA specification (algorithm, protocol) of an operation an error or a rule (policy, keying material) used by the operation has an error, which when implemented becomes the bug causing the chain of weaknesses underlying a software security vulnerability. It must be fixed to fix the bug and to resolve the vulnerability.
   Missing QualifierA namespace include is absent; or a scope is not specified in a fully qualified name.
   Wrong QualifierA wrong namespace is included, or a wrong scope is specified in a fully qualified name.
Name FaultThe resolved name is wrong.
   Missing Overridden FunctionFunction implementation in a particular subclass is absent.
   Missing Overloaded FunctionCode for particular function parameters' data types is absent.
Type FaultThe set or range of allowed values is wrong or the operations allowed on them are wrong.
   Incomplete TypeA specific constructor, method, or overloaded function is missing.
   Wrong Generic TypeA generic object is instantiated via wrong type argument.
   Confused SubtypeThe object invoking an overridden function is of wrong subtype data type.
   Wrong Argument TypeAn argument to an overloaded function is of incorrect data type.
ConsequencesDefinition
Name ErrorThe resolved name is wrong.
   Wrong Object Resolvedzzzxxx Object is resolved from wrong scope.
   Wrong Function ResolvedFunction is resolved from wrong scope.
   Wrong Generic Function BoundCode for a wrong data type is bound due to wrong generic type arguments.
   Wrong Overridden Function BoundCode from wrong subtype is bound due to a wrong invoking subtype object.
   Wrong Overloaded Function BoundWrong overloaded implementation is bound due to wrong function arguments.
Type ErrorThe set or range of allowed values is wrong or the operations allowed on them are wrong.
   Wrong Type ResolvedA data type is resolved from a wrong scope.
Operations AttributesDefinition
MechanismShows how the buggy/faulty operation code is performed.
   ResolveLooking up a name and if needed determining its data type (infer from value, through hierarchy, via generic type attribute).
   BindConnect object data type, function return type, parameter data type, or simple function implementation.
   Early BindResolving subtype and set generic function implementation.
   Late BindResolving overridden function via subtype object and set implementation.
   Ad-hoc BindResolve overloaded function via signature and set implementation.
Source CodeShows where the buggy/faulty operation code is in the program -- in what kind of software.
   CodebaseThe operation is in the programmer's code - in the application itself.
   Third-PartyThe operation is in a third-party software.
   Standard LibraryThe operation is in the standard library for a particular programming language.
   Compiler/InterpreterThe operation is in the language processor that allows execution or creates executables (compiler, assembler, interpreter).
Execution SpaceShows where the buggy/faulty operation code is running or with what privilege level).
   LocalThe bugged code runs in an environment with access control policy with limited (local user) permission.
   AdminThe bugged code runs in an environment with access control policy with unlimited (admin user) permission.
   Bare-MetalThe bugged code runs in an environment without privilege control. Usually, the program is the only software running and has total access to the hardware.
Operands AttributesDefinition
         Name KindShows what the entity with this name is.
            ObjectA memory region used to store data.
            FunctionAn organized block of code that when called takes in data, processes it, and produces a result(s).
            Data TypeA set of allowed values and the operations allowed over them.
            NamespaceAn organization of entities' names, utilized to avoid names collision.
         Type KindShows what the data type composition is.
            PrimitiveA scalar data type that mimics the hardware units - e.g., int (long, short, signed), float, double, string, Boolean. A primitive data type is only language defined and is not built from other data types.
            StructureA composite data type - e.g., array, list, map, class. A structured data type is built from other data types and has primitive or structured members.