CWE-666 在生命周期错误阶段对资源进行操作
Operation on Resource in Wrong Phase of Lifetime
结构: Simple
Abstraction: Class
状态: Draft
被利用可能性: unkown
基本描述
The software performs an operation on a resource at the wrong phase of the resource's lifecycle, which can lead to unexpected behaviors.
扩展描述
When a developer wants to initialize, use or release a resource, it is important to follow the specifications outlined for how to operate on that resource and to ensure that the resource is in the expected state. In this case, the software wants to perform a normally valid operation, initialization, use or release, on a resource when it is in the incorrect phase of its lifetime.
相关缺陷
- cwe_Nature: ChildOf cwe_CWE_ID: 664 cwe_View_ID: 1000 cwe_Ordinal: Primary
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| Other | Other |
可能的缓解方案
Architecture and Design
策略:
Follow the resource's lifecycle from creation to release.
分类映射
| 映射的分类名 | ImNode ID | Fit | Mapped Node Name |
|---|---|---|---|
| CERT C Secure Coding | FIO46-C | CWE More Abstract | Do not access a closed file |
| CERT C Secure Coding | MEM30-C | CWE More Abstract | Do not access freed memory |