BF Data Verification (DVR) Bugs Class

Definition

Data Verification (DVR) class – Data are verified (semantics check) or corrected (assign, remove) improperly.

Taxonomy

OperationsDefinition
VerifyVerify operation – Check data semantics (e.g., proper value/meaning) in order to accept (and possibly correct) or reject it.
CorrectCorrect operation – Modify data (e.g., assign new value, remove) to make it accurate.
OperandsDefinition
DataData operand – The data value of an object – stored in object's memory.
CausesDefinition
Code BugCode Bug type – Defect in the implementation of the operation – proper operands over an improper operation. A first cause for the chain of weaknesses underlying a software security vulnerability. Must be fixed to resolve the vulnerability.
   Missing CodeMissing Code bug - The operation is entirely absent.
   Erroneous CodeErroneous Code bug - There is a coding error in the implementation of the operation.
Specification BugSpecification Bug type – Defect in the design of the operation – proper operands over an improper operation. A first cause for the chain of weaknesses underlying a software security vulnerability. Must be fixed to resolve the vulnerability.
   Under-Restrictive PolicyAccepts bad data.
   Over-Restrictive PolicyRejectsgooddata.
Data FaultData Fault/Error type – The object data has harmed semantics or inconsistent or wrong value.
   Invalid DataInvalid Data fault/error – The data has harmed syntax due to sanitization errors.
ConsequencesDefinition
Data ErrorData Fault/Error type – The object data has harmed semantics or inconsistent or wrong value.
   Wrong ValueWrong Value fault/error – The data value is not accurate (e.g., outside of a range).
   Inconsistent ValueInconsistent Value fault/error – The data value does not correspond to related data value (e.g., inconstancy between the value of a size variable and the actual buffer size).
Type ErrorType Fault/Error type – The the set or range of allowed values is wrong or the operations allowed on them are wrong.
   Wrong TypeWrong Type fault/error – A data type range or structure is not correct.
Operations AttributesDefinition
MechanismMechanism operation attribute type – Shows how the operation code is performed.
   ValueValue operation attribute – The operation checks data for a specific value (incl. NULL or list of values).
   QuantityQuantity operation attribute – The operation checks data for a specific measurable value (e.g., size, time, rate, frequency).
   RangeRange operation attribute – The operation checks data are within a (min, max) interval.
   Data TypeData Type operation attribute – The operation checks data for a specific data type.
   Other RulesOther Rules operation attribute – The operation checks data against other business logic.
Source CodeSource Code operation attribute type – Shows where the operation code is in software or firmware.
   CodebaseCodebase operation attribute – The operation is in the programmer's code - in the application itself.
   Third-PartyThird-Party operation attribute – The operation code is in a third-party software.
   Standard LibraryStandard Library operation attribute – The operation code is in the standard library for a particular programming language.
   Compiler/InterpreterCompiler/Interpreter operation attribute – The operation code is in the language processor that allows execution or creates executables (interpreter, compiler, assembler).
Execution SpaceExecution Space operation attribute type – Shows where the operation code is running or with what privilege level.
   LocalLocal operation attribute – The bugged code runs in an environment with access control policy with limited (local user) permission.
   AdminAdmin operation attribute – The bugged code runs in an environment with access control policy with unlimited (admin user) permission.
   Bare-MetalBare-Metal operation attribute – The bugged code runs in an environment without privilege control. Usually, the program is the only software running and has total access to the hardware.
Operands AttributesDefinition
         Data StateData State operand attribute type operand attribute – Shows where the data come from.
            EnteredEntered operand attribute – Data are from a user via a user interface (e.g., input field of a dialog or a command prompt).
            StoredStored operand attribute – Data are from a permanent storage (e.g., file, database on a storage device); they are at rest.
            In UseIn Use operand attribute – Data are from a volatile storage (e.g., RAM, cache memory).
            TransferredTransferred operand attribute – Data are from another device via a network (e.g., connecting analog device or another computer).