I am continuing to look at ShellCheck and how to map it's warnings to CWE's. 
I'm looking at SC2043 - This loop will only ever run once for a constant 


An example might be:

dir=$(ls $HOME)
for i in dir
  echo $i

which outputs "dir" because it's missing the "$" in the for statement.

One of my thoughts is this could be CWE-606: Unchecked Input for Loop 
Condition. It talks about unchecked inputs causing excessive looping. What 
about wrong input for loop conditional causing no iteration?

Another thought is this could be CWE-670: Always-Incorrect Control Flow 
Implementation. (But looking at that, I would have expected other bad loop 
nodes such as CWE-835: Loop with Unreachable Exit Condition.)

Is there a better fit? Shell scripting problems really are a hard to match to 
a CWE because it's problems are similar but very different than C.

Best Regards,

Reply via email to