BF Data Verification (DVR) Bugs Class
Irena Bojanova, Inventor, Creator, PI, Bugs Framework (BF)

Definition

Data are verified (semantics check) or corrected (assign, remove) improperly.

Taxonomy

OperationsDefinition
VerifyCheck data semantics (proper value/meaning) in order to accept (and possibly correct) or reject it.
CorrectModify data (assign new value, remove) to make it accurate.
OperandsDefinition
DataThe data value of an object -- stored in object's memory.
CausesDefinition
Code Defect BugThe operation has a bug, which is the first cause for the chain of weaknesses underlying a software security vulnerability. The bug must be fixed to resolve the vulnerability.
   Missing CodeThe entire operation implementation or a part of its specification is absent.
   Erroneous CodeThe operation implementation has a bug.
Specification Defect BugA specification (algorithm, protocol) of an operation an error or a rule (policy, keying material) used by the operation has an error, which when implemented becomes the bug causing the chain of weaknesses underlying a software security vulnerability. It must be fixed to fix the bug and to resolve the vulnerability.
   Under-Restrictive PolicyAccepts bad data.
   Over-Restrictive PolicyRejects good data.
Data FaultThe object data has harmed semantics or inconsistent or wrong value
   Invalid DataData with harmed syntax due to sanitization errors.
ConsequencesDefinition
Data ErrorThe object data has harmed semantics or inconsistent or wrong value
   Wrong ValueData value is not accurate value (e.g., outside of a range).
   Inconsistent ValueData value does not correspond to the value of a related data (e.g., inconstancy between the value of a size variable and the actual buffer size).
Type ErrorThe set or range of allowed values is wrong or the operations allowed on them are wrong.
   Wrong TypeA data type range or structure is not correct.
Operations AttributesDefinition
MechanismShows how the buggy/faulty operation code is performed.
   ValueChecking data for a specific value (incl. NULL or list of values).
   QuantityChecking data for a specific measurable value (e.g., size, time, rate, frequency).
   RangeChecking data are within a (min, max) interval.
   Data TypeA set of allowed values and the operations allowed over them.
   Other RulesCheck data against other business logic.
Source CodeShows where the buggy/faulty operation code is in the program -- in what kind of software.
   CodebaseThe operation is in the programmer's code - in the application itself.
   Third-PartyThe operation is in a third-party software.
   Standard LibraryThe operation is in the standard library for a particular programming language.
   Compiler/InterpreterThe operation is in the language processor that allows execution or creates executables (compiler, assembler, interpreter).
Execution SpaceShows where the buggy/faulty operation code is running or with what privilege level).
   LocalThe bugged code runs in an environment with access control policy with limited (local user) permission.
   AdminThe bugged code runs in an environment with access control policy with unlimited (admin user) permission.
   Bare-MetalThe bugged code runs in an environment without privilege control. Usually, the program is the only software running and has total access to the hardware.
Operands AttributesDefinition
         Data StateShows where the data come from.
            EnteredThe data are from a user via a user interface (e.g., text field).
            StoredThe data are from a permanent storage (e.g., file, database on a storage device).
            In UseThe data are from a volatile storage (e.g., RAM, cache memory).
            TransferredThe data are from another device via a network (e.g., connecting analog device or another computer).