Skip to content

Fault Classification

Jump to bottom
Lena Gregor edited this page Mar 14, 2025 · 4 revisions

Zhou et al.

Waseem et al.

Table 1: Waseem et al. Classification

Fault ID Fault Description Category Sub-Category Type of Issue
F1 Wrong status codes in HTTP responses Technical Debt Code Debt Inconsistent Code
F2 Incorrect password-length validation Technical Debt Code Debt Logic Sequence Error
F3 Overwriting instead of combining results Technical Debt Code Debt Data Overwrite Error
F4 Incorrect null-checks on collections Technical Debt Code Debt Condition Logic Error
F5 Incorrect null-checks on Optional objects Technical Debt Code Debt Condition Logic Error
F6 Incorrect handling of non-existent routes Technical Debt Code Debt Condition Logic Error
F7 Index conflict with ConsignPrice objects in database Technical Debt Code Debt Insufficient Value Validation
F8 Missing null-checks leading to an unhandled NullPointerException Technical Debt Code Debt Insufficient Value Validation
F9 Improper date handling in URL path variables Technical Debt Code Debt Insufficient Value Validation
F10 Misuse of java.util.Date constructor Technical Debt Code Debt Initialization Error
F11 Inconsistent return types in fallback methods Compilation Issue Syntax Error -
F12 Publicly accessible admin paths due to improper security configuration Security Issue Authorization Handling Authorization Header
F13 Invalid endpoint call for empty path variables Technical Debt Code Debt Insufficient Value Validation
F14 Incorrect usage of BigDecimal.add Technical Debt Code Debt Ignored Return Value
F15 Improper ordering of security matchers Security Issue Authorization Handling Authorization Header
F16 Insufficient timeout settings Exception Handling Communication Exception Timeout Error
F17 Misconfigured initialization data Technical Debt Code Debt Insufficient Value Validation
F18 Comparing travelDate to the wrong field Technical Debt Code Debt Condition Logic Error
F19 Reversed logic for cookie validation Technical Debt Code Debt Condition Logic Error
F20 Missing isEmpty-check on response data Technical Debt Code Debt Insufficient Value Validation
F21 Potentially infinite loop in seat assignment Technical Debt Code Debt Infinite Loop
F22 Incorrect status code for missing authorization Technical Debt Code Debt Inconsistent Code
F23 Wrong order of if-conditions Technical Debt Code Debt Logic Sequence Error
F24 Incorrect HTTP method in HTTP request Service Execution Service Communication HTTP Connection
F25 Comparing enumeration constant to the wrong field Technical Debt Code Debt Condition Logic Error
F26 Security configuration mismatch Security Issue Authorization Handling Authorization Header
F27 Missing check for UUID in path variable Technical Debt Code Debt Insufficient Value Validation

Siva et al.

Table 2: Silva et al. Classification

Fault ID Fault Description Silva et al. Sub-Category Fault Characteristic
F1 Wrong status codes in HTTP responses Analysability Invalid Response Data Fault Maintainability
F2 Incorrect password-length validation Confidentiality Insufficient Credentials Accepted Security
F3 Overwriting instead of combining results Functional Completeness Internal Fault Implementation
F4 Incorrect null-checks on collections Functional Completeness Internal Fault Implementation
F5 Incorrect null-checks on Optional objects Functional Completeness Internal Fault Implementation
F6 Incorrect handling of non-existent routes Functional Completeness Internal Fault Implementation
F7 Index conflict with ConsignPrice objects in database Integrity Not Validating Input/Data Security
F8 Missing null-checks leading to an unhandled NullPointerException Functional Completeness Internal Fault Implementation
F9 Improper date handling in URL path variables Functional Completeness Internal Fault Implementation
F10 Misuse of java.util.Date constructor Functional Completeness Internal Fault Implementation
F11 Inconsistent return types in fallback methods Analysability Invalid Response Data Fault Maintainability
F12 Publicly accessible admin paths due to improper security configuration Authenticity Faulty Authorization Security
F13 Invalid endpoint call for empty path variables Analysability Invalid Request Data Fault Maintainability
F14 Incorrect usage of BigDecimal.add Functional Completeness Internal Fault Implementation
F15 Improper ordering of security matchers Authenticity Faulty Authorization Security
F16 Insufficient timeout settings Temporal Behavior Long Response Time Service Discovery
F17 Misconfigured initialization data Integrity Not Validating Input/Data Security
F18 Comparing travelDate to the wrong field Functional Completeness Internal Fault Implementation
F19 Reversed logic for cookie validation Functional Completeness Internal Fault Implementation
F20 Missing isEmpty-check on response data Integrity Not Validating Input/Data Security
F21 Potentially infinite loop in seat assignment Functional Completeness Internal Fault Implementation
F22 Incorrect status code for missing authorization Analysability Invalid Response Data Fault Maintainability
F23 Wrong order of if-conditions Functional Completeness Internal Fault Implementation
F24 Incorrect HTTP method in HTTP request Analysability Invalid Request Data Fault Maintainability
F25 Comparing enumeration constant to the wrong field Functional Completeness Internal Fault Implementation
F26 Security configuration mismatch Authenticity Faulty Authorization Security
F27 Missing check for UUID in path variable Integrity Not Validating Input/Data Security

Gregor et al.

Fault ID Category Sub-Category Sub-Sub-Category
F12 Connection Fault Unauthorized Access Granted
F13 Execution Fault Incorrect Result Incorrect Input
F15 Connection Fault Unauthorized Access Granted
F16 Execution Fault Timed Out Service Too Slow
F24 Connection Fault Connection Denied Wrong Configuration
F26 Connection Fault Unauthorized Access Granted

Wiki Structure

Clone this wiki locally