VariantIncomplete

CWE-462Duplicate Key in Associative List (Alist)

Category: other

Description

Duplicate keys in associative lists can lead to non-unique keys being mistaken for an error. A duplicate key entry -- if the alist is designed properly -- could be used as a constant time replace function. However, duplicate key entries could be inserted by mistake. Because of this ambiguity, duplicate key entries in an association list are not recommended and should not be allowed.

Common consequences· 1

  • Other — Quality Degradation, Varies by Context

Potential mitigations· 2

  • [Architecture and Design]Use a hash table instead of an alist.
  • [Architecture and Design]Use an alist which checks the uniqueness of hash keys with each entry before inserting the entry.

References

  1. https://cwe.mitre.org/data/definitions/462.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Use of Same Variable for Multiple Purposes
CWE
Use of Multiple Resources with Duplicate Identifier
CWE
Symbolic Name not Mapping to Correct Object
CWE
Addition of Data Structure Sentinel
CWE
Comparing instead of Assigning
CWE
Authorization Bypass Through User-Controlled Key
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.