Reliance on Machine-Dependent Data Representation
This weakness occurs when software directly depends on how a specific machine, processor, or operating system represents data in memory. Code that makes assumptions about byte order, data type sizes, or memory alignment becomes fragile and non-portable.
Writing code that relies on machine-specific details like byte order (endianness), integer sizes, or structure padding creates a significant maintenance burden. When you need to port the software to a different architecture, these hidden dependencies cause crashes, data corruption, and subtle bugs that are difficult to trace. This fragility indirectly harms security because developers spend excessive time fixing portability issues instead of focusing on security flaws. Furthermore, this practice makes the codebase more error-prone and complex, increasing the chance of introducing actual vulnerabilities during fixes or adaptations. Security reviews become harder as the logic is obscured by low-level platform quirks. To build secure and robust software, always use platform-independent data formats and language-provided type definitions for serialization and data exchange.
Impact: Reduce Maintainability