CWE-391 未经检查的错误条件
Unchecked Error Condition
结构: Simple
Abstraction: Base
状态: Incomplete
被利用可能性: Medium
基本描述
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
相关缺陷
- cwe_Nature: ChildOf cwe_CWE_ID: 703 cwe_View_ID: 1000 cwe_Ordinal: Primary
适用平台
Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| ['Integrity', 'Other'] | ['Varies by Context', 'Unexpected State', 'Alter Execution Logic'] |
可能的缓解方案
Requirements
策略:
The choice between a language which has named or unnamed exceptions needs to be done. While unnamed exceptions exacerbate the chance of not properly dealing with an exception, named exceptions suffer from the up call version of the weak base class problem.
Requirements
策略:
A language can be used which requires, at compile time, to catch all serious exceptions. However, one must make sure to use the most current version of the API as new exceptions could be added.
Implementation
策略:
Catch all relevant exceptions. This is the recommended solution. Ensure that all exceptions are handled in such a way that you can be sure of the state of your system at any given moment.
示例代码
例
The following code excerpt ignores a rarely-thrown exception from doExchange().
bad Java
catch (RareException e) {
// this can never happen
If a RareException were to ever be thrown, the program would continue to execute as though nothing unusual had occurred. The program records no evidence indicating the special situation, potentially frustrating any later attempt to explain the program's behavior.
Notes
Maintenance This entry is slated for deprecation; it has multiple widespread interpretations by CWE analysts. It currently combines information from three different taxonomies, but each taxonomy is talking about a slightly different issue. CWE analysts might map to this entry based on any of these issues. 7PK has "Empty Catch Block" which has an association with empty exception block (CWE-1069); in this case, the exception has performed the check, but does not handle. In PLOVER there is "Unchecked Return Value" which is CWE-252, but unlike "Empty Catch Block" there isn't even a check of the issue - and "Unchecked Error Condition" implies lack of a check. For CLASP, "Uncaught Exception" (CWE-248) is associated with incorrect error propagation - uncovered in CWE 3.2 and earlier, at least. There are other issues related to error handling and checks. Other
分类映射
| 映射的分类名 | ImNode ID | Fit | Mapped Node Name |
|---|---|---|---|
| PLOVER | Unchecked Return Value | ||
| 7 Pernicious Kingdoms | Empty Catch Block | ||
| CLASP | Uncaught exception | ||
| OWASP Top Ten 2004 | A7 | CWE More Specific | Improper Error Handling |
| CERT C Secure Coding | ERR00-C | Adopt and implement a consistent and comprehensive error-handling policy | |
| CERT C Secure Coding | ERR33-C | CWE More Abstract | Detect and handle standard library errors |
| CERT C Secure Coding | ERR34-C | CWE More Abstract | Detect errors when converting a string to a number |
| CERT C Secure Coding | FLP32-C | Imprecise | Prevent or detect domain and range errors in math functions |
| CERT C Secure Coding | POS54-C | CWE More Abstract | Detect and handle POSIX library errors |
| SEI CERT Perl Coding Standard | EXP31-PL | Imprecise | Do not suppress or ignore exceptions |
| Software Fault Patterns | SFP4 | Unchecked Status Condition |