Hello, I am continuing to look at ShellCheck and how to map it's warnings to CWE's. I'm looking at SC2043 - This loop will only ever run once for a constant value.
https://www.shellcheck.net/wiki/SC2043 An example might be: dir=$(ls $HOME) for i in dir do echo $i done which outputs "dir" because it's missing the "$" in the for statement. One of my thoughts is this could be CWE-606: Unchecked Input for Loop Condition. It talks about unchecked inputs causing excessive looping. What about wrong input for loop conditional causing no iteration? Another thought is this could be CWE-670: Always-Incorrect Control Flow Implementation. (But looking at that, I would have expected other bad loop nodes such as CWE-835: Loop with Unreachable Exit Condition.) Is there a better fit? Shell scripting problems really are a hard to match to a CWE because it's problems are similar but very different than C. Best Regards, -Steve