Invokable Control Element with Excessive File or Data Access Operations
This weakness occurs when a single function or method performs an excessive number of file or database operations, such as repeated reads, writes, or queries. It over-relies on a single data manager or file resource, creating a tightly coupled and fragile code structure.
This pattern creates significant maintenance challenges, which indirectly harms security. It becomes harder to audit, test, or fix vulnerabilities because the logic is concentrated in one place, increasing the time and effort needed for secure code reviews. The complexity also raises the risk of introducing new flaws during modifications. While the exact threshold for "excessive" can vary by project, the CISQ (Consortium for IT Software Quality) standard suggests a practical limit of 7 operations on the same data manager or file within a single function. Keeping operations modular and distributed across focused functions improves both security and long-term code health.
Impact: Reduce Maintainability
- OMG ASCMM