logo

CWE-595 - Comparison of Object References Instead of Object Contents

CWE-595

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Comparison of Object References Instead of Object Contents

Description

The product compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.

For example, in Java, comparing objects using == usually produces deceptive results, since the == operator compares object references rather than values; often, this means that using == for strings is actually comparing the strings' references, not their values.

Common Consequences

Scope: Other

Impact: Varies by Context

Notes: This weakness can lead to erroneous results that can cause unexpected application behaviors.

Related Weaknesses
  • Release Date:
  • 2006-12-15
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website