BF Data Verification (DVR) Bugs Class

Definition

Data Verification (DVR) class – Data are verified (i.e., semantics check) or corrected (i.e., assign or remove) improperly.

Taxonomy

OperationsDefinition
VerifyVerify operation – Check data semantics (e.g., proper value/meaning) in order to accept (and possibly correct) or reject it.
CorrectCorrect operation – Modify data (e.g., assign new value, remove) to make it accurate.
OperandsDefinition
DataData operand – The data value of an object – i.e., the actual value that is stored in memory.
CausesDefinition
Code BugCode Bug type – An error in the implementation of an operation – proper operands over an improper operation. It is the roor cause of a security vulnerability. Must be fixed to resolve the vulnerability.
   Missing CodeMissing Code bug - The operation is misplaced entirely absent.
   Erroneous CodeErroneous Code bug - There is a coding error in the implementation of the operation.
Specification BugSpecification Bug type – A defect in the metadata or algorithm of an operation – proper operands over an improper operation. It is the roor cause of a security vulnerability. It must be fixed to resolve the vulnerability.
   Under-Restrictive PolicyAccepts bad data.
   Over-Restrictive PolicyRejects good data.
Data FaultData Fault/Error type – The data of an object has harmed semantics or inconsistent or wrong value.
   Invalid DataInvalid Data fault/error – The data has harmed syntax due to validation or sanitization errors.
ConsequencesDefinition
Data ErrorData Fault/Error type – The data of an object has harmed semantics or inconsistent or wrong value.
   Wrong ValueWrong Value fault/error – The data value is not accurate (e.g., outside of a range).
   Inconsistent ValueInconsistent Value fault/error – The data value does not correspond to related data value (e.g., inconstancy between the value of a size variable and the actual buffer size).
Type ErrorType Fault/Error type – The set or range of allowed values of an entity is wrong or the operations allowed on them are wrong.
   Wrong TypeWrong Type fault/error – A data type range or structure is not correct.
Operations AttributesDefinition
MechanismMechanism operation attribute type – Shows how the operation the operation with a bug or faulty operand is performed.
   ValueValue operation attribute – The operation checks data for a specific value (incl. NULL or list of values).
   QuantityQuantity operation attribute – The operation checks data for a specific measurable value (e.g., size, time, rate, frequency).
   RangeRange operation attribute – The operation checks data are within a (min, max) interval.
   Data TypeData Type operation attribute – The operation checks data for a specific data type.
   Other RulesOther Rules operation attribute – The operation checks data against other business logic.
Source CodeSource Code operation attribute type – Shows where the code of the operation with a bug or faulty operand resides within the software, firmware, or hardware.
   CodebaseCodebase operation attribute – The operation is in the programmer's code - in the application itself.
   Third-PartyThird-Party operation attribute – The operation code is in a third-party source.
   Standard LibraryStandard Library operation attribute – The operation code is in the standard library for a particular programming language.
   Compiler/InterpreterCompiler/Interpreter operation attribute – The operation code is in the language processor that allows execution or creates executables (interpreter, compiler, assembler).
Execution SpaceExecution Space operation attribute type – Shows where the operation with a bug or faulty operand is executed and the privilege level at which it runs.
   LocalLocal operation attribute – The bugged code runs in an environment with access control policy with limited (local user) permission.
   AdminAdmin operation attribute – The bugged code runs in an environment with access control policy with unlimited (admin user) permission.
   Bare-MetalBare-Metal operation attribute – The bugged code runs in an environment without privilege control. Usually, the program is the only software running and has total access to the hardware.
Operands AttributesDefinition
         Data StateData State operand attribute type – Shows where the data comes from.
            EnteredEntered operand attribute – Data are from a user via a user interface (e.g., input field of a dialog or a command prompt).
            StoredStored operand attribute – Data are from a permanent storage (e.g., file, database on a storage device); they are at rest.
            In UseIn Use operand attribute – Data are from a volatile storage (e.g., RAM, cache memory).
            TransferredTransferred operand attribute – Data are from another device via a network (e.g., connecting analog device or another computer).