379 – Keep low McCabe cyclomatic complexity

Summary

The source code must contain functions, methods or fragments of code with a cyclomatic complexity (McCabe) lower than 20.

Description

The use of McCabe cyclomatic complexity helps to measure how complex a source code is regardless of the programming language. This software metric is based on graph theory. When the code has a high level of complexity, it will be harder to analyze, understand and maintain, therefore, the time and effort needed to find and fix vulnerabilities will increase substantially.

Supported In

Advanced: True

References

• CWE-1120. Excessive code complexity
• CWE-1121. Excessive McCabe cyclomatic complexity
• MITRE-M1013. Application developer guidance
• NISTSSDF-PW_5_1. Archive and protect each software release

Weaknesses

• 145 – Inappropriate coding practices - Cyclomatic complexity

Last updated

2023/09/18