Skip to main content

Table 4 Classification for failure symptoms

From: A robustness testing approach for SOAP Web services

Tag Description
Server resource disclosure Information about the servers filesystem or a physical resource is disclosed
Conversion issues A conversion problem exists in the service
Wrong type definition The service operation expects a value whose type is not consistent with what is announced in the services WSDL file
Data access operations A problem exists related with data access operations
Specific server failure message An exception is thrown and application or development specific information is revealed. This information is, however, generally too vague or too context-specific to allow us an association with another tag
Persistence error An exception is thrown indicating a persistence-related problem. This is typically an SQL exception that is thrown as a consequence of improper parameter handling
Argument out of format The service operation requires a restriction on a parameters format. However, no restriction is specified in the WSDL file, allowing clients to invoke the operation with an out-of-format parameter
Wrapped error information An error response is wrapped in an expected object. The response indicates the occurrence of an internal error
Array out of bounds Occurrence of an array access with an index that exceeds the limits of the array (upper or lower)
Null references A null pointer or reference exception is thrown by the server application
Command or schema disclosure An internal command is totally or partially disclosed (e.g., an SQL statement is revealed), or the data schema is revealed (e.g., the table names in a relational database are revealed)
Arithmetic operations An indication of an arithmetic error is returned by the service operation
Division by zero The service operation indicates that a division by zero has been attempted
Internal function name disclosure The name of an internal or system procedure is disclosed (e.g., a database stored procedure)
System vendor disclosure System vendor information is disclosed (e.g., database or operating system vendor)
Overflow The service operation is unable to properly handle a value that is larger than the capacity of its container, indicating the occurrence of an overflow error
System instance name disclosure The name of a system instance is revealed to the client (e.g., a database instance name)
System user disclosure A system username or password is exposed to the client (e.g., the username used to connect to a database or the operating system username)
Other Any other service response that does not fit into any of the previous categories