Improper Check or Handling of Exceptional Conditions

Incomplete Pillar

Structure: Simple

Description

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

Common Consequences 1

Scope: ConfidentialityAvailabilityIntegrity

Impact: Read Application DataDoS: Crash, Exit, or RestartUnexpected State

Detection Methods 4

Dynamic Analysis with Manual Results InterpretationHigh

According to SOAR [REF-1479], the following detection techniques may be useful: ``` Highly cost effective: ``` Fault Injection - source code Fault Injection - binary ``` Cost effective for partial coverage: ``` Forced Path Execution

Manual Static Analysis - Source CodeHigh

According to SOAR [REF-1479], the following detection techniques may be useful: ``` Highly cost effective: ``` Manual Source Code Review (not inspections) ``` Cost effective for partial coverage: ``` Focused Manual Spotcheck - Focused manual analysis of source

Automated Static Analysis - Source CodeSOAR Partial

According to SOAR [REF-1479], the following detection techniques may be useful: ``` Cost effective for partial coverage: ``` Source code Weakness Analyzer Context-configured Source Code Weakness Analyzer

Architecture or Design ReviewHigh

According to SOAR [REF-1479], the following detection techniques may be useful: ``` Highly cost effective: ``` Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.) Formal Methods / Correct-By-Construction

Demonstrative Examples 2

ID : DX-7

Consider the following code segment:

Code Example:Bad
C
c

The programmer expects that when fgets() returns, buf will contain a null-terminated string of length 9 or less. But if an I/O error occurs, fgets() will not null-terminate buf. Furthermore, if the end of the file is reached before any characters are read, fgets() returns without writing anything to buf. In both of these situations, fgets() signals that something unusual has happened by returning NULL, but in this code, the warning will not be noticed. The lack of a null terminator in buf can result in a buffer overflow in the subsequent call to strcpy().

ID : DX-198

The following method throws three types of exceptions.

Code Example:Good
Java
java

While it might seem tidier to write

Code Example:Bad
Java
java

doing so hampers the caller's ability to understand and handle the exceptions that occur. Further, if a later revision of doExchange() introduces a new type of exception that should be treated differently than previous exceptions, there is no easy way to enforce this requirement.

Observed Examples 2

[REF-1374]Chain: JavaScript-based cryptocurrency library can fall back to the insecure Math.random() function instead of reporting a failure (Missing Report of Error Condition), thus reducing the entropy (Insufficient Entropy in PRNG) and leading to generation of non-unique cryptographic keys for Bitcoin wallets (Use of Weak Credentials)

CVE-2022-22224Chain: an operating system does not properly process malformed Open Shortest Path First (OSPF) Type/Length/Value Identifiers (TLV) (Improper Check or Handling of Exceptional Conditions), which can cause the process to enter an infinite loop (Loop with Unreachable Exit Condition ('Infinite Loop'))

References 5

A Taxonomy of Security Faults in the UNIX Operating System

Taimur Aslam

01-08-1995

http://ftp.cerias.purdue.edu/pub/papers/taimur-aslam/aslam-taxonomy-msthesis.pdf

ID: REF-567

Use of A Taxonomy of Security Faults

Taimur Aslam, Ivan Krsul, and Eugene H. Spafford

01-08-1995

https://csrc.nist.gov/csrc/media/publications/conference-paper/1996/10/22/proceedings-of-the-19th-nissc-1996/documents/paper057/paper.pdf(2023-04-07)

ID: REF-568

24 Deadly Sins of Software Security

Michael Howard, David LeBlanc, and John Viega

McGraw-Hill

2010

ID: REF-44

Randstorm: You Can't Patch a House of Cards

Unciphered

14-11-2023

https://www.unciphered.com/disclosure-of-vulnerable-bitcoin-wallet-library-2/(2025-07-29)

ID: REF-1374

State-of-the-Art Resources (SOAR) for Software Vulnerability Detection, Test, and Evaluation

Gregory Larsen, E. Kenneth Hong Fong, David A. Wheeler, and Rama S. Moorthy

07-2014

https://www.ida.org/-/media/feature/publications/s/st/stateoftheart-resources-soar-for-software-vulnerability-detection-test-and-evaluation/p-5061.ashx(2025-09-05)

ID: REF-1479

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Technologies:

Not Technology-Specific : Undetermined

Modes of Introduction

Architecture and Design

Implementation

Operation

Taxonomy Mapping

The CERT Oracle Secure Coding Standard for Java (2011)

Notes

RelationshipThis is a high-level class that might have some overlap with other classes. It could be argued that even "normal" weaknesses such as buffer overflows involve unusual or exceptional conditions. In that sense, this might be an inherent aspect of most other weaknesses within CWE, similar to API Abuse (7PK - API Abuse) and Indicator of Poor Code Quality (7PK - Code Quality). However, this entry is currently intended to unify disparate concepts that do not have other places within the Research Concepts view (Research Concepts).