BaseIncomplete

CWE-1116Inaccurate Source Code Comments

Category: other

Description

The source code contains comments that do not accurately describe or explain aspects of the portion of the code with which the comment is associated.

Common consequences· 2

  • Other — Reduce Maintainability
    This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
  • Other — Increase Analytical Complexity
    When a comment does not accurately reflect the associated code elements, this can introduce confusion to a reviewer (due to inconsistencies) or make it more difficult and less efficient to validate that the code is implementing the intended behavior correctly.

Potential mitigations· 1

  • [Implementation]Verify that each comment accurately reflects what is intended to happen during execution of the code.

References

  1. https://cwe.mitre.org/data/definitions/1116.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Inappropriate Comment Style
CWE
Inappropriate Source Code Style or Formatting
CWE
Inappropriate Whitespace Style
CWE
Insufficient Use of Symbolic Constants
CWE
Incorrect Provision of Specified Functionality
CWE
Insufficient Control Flow Management
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.