DTR 24772 Editor's report
Changes to the base document, all changes are
marked with change bars.
- Changed some US only spellings to World spellings.
- Fixed some heading numbers
- Miscellaneous small editor edits
- Added some cross references
- Added vulnerability TRJ – Use of Libraries
- Added vulnerability AMV – Overlapping memory
- Added vulnerability HFC – Pointer casting and pointer
- Added vulnerability EOJ – Demarcation of control
- Added vulnerability NYY – Dynamically linked code and
self modifying code
- Added vulnerability BRS – Leveraging human
- Added vulnerability CLL – Switch statements and
- Added vulnerability NMP – Pre-processor
- Added vulnerability RVG – Pointer arithmetic
- Added vulnerability JCW – Operator precedence
- Added vulnerability KOA – Likely incorrect
- Added vulnerability MEM – Deprecated features
- Added vulnerability PLF – Floating point
- Added vulnerability STR – Bit representations
Decisions reached in Kona not in this
- Changes to the vulnerabilities:
- XYQ, XYE, XYF, EWF, XYY, FAB, YOW, XYK, BQF, and
- New vulnerabilities
- REU, NAI, SYM, LAV, CCB, TEX, MTW, SAM, GDL, NZN, CSJ,
- New Vulnerability DCM has been moved to a modification to
Comments not applied to base document
- The programming language that is used as an example should
- The OS or System that is used as an example should be
- Make 1.1 a grammatical paragraph, not a list.
- 6.x.5 change to "Applicable language characteristics"
- Readers who are expert in only one language, e.g. "C", may
not understand the special terminology of another, e.g. Ada. It
is therefore highly desirable that the distinctive terminology
of each language is covered in Section 3.
- An example would be helpful in 5.2.
- In 6.3.4, last sentence is ambiguous, does it mean
- value of parameter field or argument name
- parameter, field, or argument name
- In 6.5.4, last paragraph. Perhaps move or copy as a
definition of lifetime of an object.
- 6.6 XYL. How does one detect that a memory leak is
occurring? If you lose one byte per millisecond a gigabyte of
memory will not be lost until the application has run for 11
days. Might need to add a simple program and system testing may
not detect memory leak that is occurring.
- 6.6.6 first bullet item. Need reference to Garbage
collector referenced and Valgrind
- 6.7.6 second bullet item. Need reference to StackGuard,
ProPolice and Microsoft Visual Studio /GS flag
- 6.9.5, last bullet item. Languages may require it but leave
the effect of not doing so as undefined
- 6.9.6, last bullet item. "assist" is insufficient, it is
necessary to detect violations
- 6.12.5, also closely related is reassigning a value to a
variable without evaluating it
- 6.13.1, there is an implicit assumption that a buffer
starts with an index of zero — is this always the case or
only in language X, Y and Z.
- 6.13.6, last bullet. Many programmers say it is to
inefficient to check array subscript bounds
- 6.14.6, second bullet. Doesn't this advice assume a
particular hardware representation.
- 6.15.1, isn't this a system development/programming error
rather than a language vulnerability
- 7.2.4, last paragraph. Prefer "he" to the clumsy
- 7.3, is this the same vulnerability as when a system stores
"characters of password" rather than
rf('characters of a
password') = x where there is no simple inverse function
rf-1(x) that gives "characters of