Difference between bug, defect and flaw
- by Hossein
I was reading "Software Security: Building Security In" and in the first chapter I faced with 3 terms: bug, defect and flaw. The author gave a definition for each of them but I couldn't completely understand these.
Can someone give me some examples for each term?
What is a defect and what is a flaw? I think I know what bug is, a bug is a malfunction of a part of system which produces undesirable result, be it crashing on a wrong input or miscalculating a series of computations.
Can someone elaborate more and correct me if I am wrong in this?
UPDATE
To be more precise in the book I mentioned above, they (the words) are presented in a way to make a distinction, that's why I am asking to know more.
In that book there are some examples denoting which sample belongs to what and which category.
For example:
Buffer overflow is said to be a bug and issues in method overriding (subclassing issues) is being related to flaw category.
Again race condition handling issues are considered bugs and Error-handling problems (fails open) are told to be flaws!
I want more elaboration on these regards.