logo

Class with Excessively Deep Inheritance

Incomplete Base
Structure: Simple
Description

This weakness occurs when a class inherits from an excessive number of parent classes, creating a deep and complex inheritance hierarchy.

Extended Description

Excessively deep inheritance chains make code significantly harder to understand, test, and maintain. This complexity indirectly harms security by obscuring logic flow, increasing the time needed to find bugs, and raising the risk of introducing new vulnerabilities during modifications. The deeper the hierarchy, the more difficult it becomes to trace method execution and state changes. While the specific threshold for "too deep" can vary by project, the CISQ (Consortium for IT Software Quality) standard recommends a maximum inheritance depth of seven parent classes. Adhering to this guideline helps maintain code clarity, reduces tight coupling, and makes security reviews more effective by keeping the class structure manageable.
Common Consequences 1
Scope: Other

Impact: Reduce Maintainability
References 1
Automated Source Code Maintainability Measure (ASCMM)
Object Management Group (OMG)
01-2016
https://www.omg.org/spec/ASCMM/(2023-04-07)
ID: REF-960
Related Weaknesses
ChildOf: Excessively Complex Data Representation (CWE-1093)
Taxonomy Mapping
  • OMG ASCMM