CWE-391 未经检查的错误条件

Unchecked Error Condition

结构: Simple

Abstraction: Base

状态: Incomplete

被利用可能性: Medium

基本描述

[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.

相关缺陷

  • cwe_Nature: ChildOf cwe_CWE_ID: 703 cwe_View_ID: 1000 cwe_Ordinal: Primary

适用平台

Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}

常见的影响

范围 影响 注释
['Integrity', 'Other'] ['Varies by Context', 'Unexpected State', 'Alter Execution Logic']

可能的缓解方案

Requirements

策略:

The choice between a language which has named or unnamed exceptions needs to be done. While unnamed exceptions exacerbate the chance of not properly dealing with an exception, named exceptions suffer from the up call version of the weak base class problem.

Requirements

策略:

A language can be used which requires, at compile time, to catch all serious exceptions. However, one must make sure to use the most current version of the API as new exceptions could be added.

Implementation

策略:

Catch all relevant exceptions. This is the recommended solution. Ensure that all exceptions are handled in such a way that you can be sure of the state of your system at any given moment.

示例代码

The following code excerpt ignores a rarely-thrown exception from doExchange().

bad Java

try {
doExchange();
}
catch (RareException e) {

// this can never happen
}

If a RareException were to ever be thrown, the program would continue to execute as though nothing unusual had occurred. The program records no evidence indicating the special situation, potentially frustrating any later attempt to explain the program's behavior.

Notes

Maintenance This entry is slated for deprecation; it has multiple widespread interpretations by CWE analysts. It currently combines information from three different taxonomies, but each taxonomy is talking about a slightly different issue. CWE analysts might map to this entry based on any of these issues. 7PK has "Empty Catch Block" which has an association with empty exception block (CWE-1069); in this case, the exception has performed the check, but does not handle. In PLOVER there is "Unchecked Return Value" which is CWE-252, but unlike "Empty Catch Block" there isn't even a check of the issue - and "Unchecked Error Condition" implies lack of a check. For CLASP, "Uncaught Exception" (CWE-248) is associated with incorrect error propagation - uncovered in CWE 3.2 and earlier, at least. There are other issues related to error handling and checks. Other

分类映射

映射的分类名 ImNode ID Fit Mapped Node Name
PLOVER Unchecked Return Value
7 Pernicious Kingdoms Empty Catch Block
CLASP Uncaught exception
OWASP Top Ten 2004 A7 CWE More Specific Improper Error Handling
CERT C Secure Coding ERR00-C Adopt and implement a consistent and comprehensive error-handling policy
CERT C Secure Coding ERR33-C CWE More Abstract Detect and handle standard library errors
CERT C Secure Coding ERR34-C CWE More Abstract Detect errors when converting a string to a number
CERT C Secure Coding FLP32-C Imprecise Prevent or detect domain and range errors in math functions
CERT C Secure Coding POS54-C CWE More Abstract Detect and handle POSIX library errors
SEI CERT Perl Coding Standard EXP31-PL Imprecise Do not suppress or ignore exceptions
Software Fault Patterns SFP4 Unchecked Status Condition