logo

Loop with Unreachable Exit Condition ('Infinite Loop')

Incomplete Base
Structure: Simple
Description

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Common Consequences 1
Scope: Availability

Impact: DoS: Resource Consumption (CPU)DoS: Resource Consumption (Memory)DoS: Amplification

An infinite loop will cause unexpected consumption of resources, such as CPU cycles or memory. The software's operation may slow down, or cause a long time to respond.
Demonstrative Examples 2
In the following code the method processMessagesFromServer attempts to establish a connection to a server and read and process messages from the server. The method uses a do/while loop to continue trying to establish the connection to the server when an attempt fails.

Code Example:

Bad
C
c

// create socket to connect to server* servsock = socket( AF_INET, SOCK_STREAM, 0); memset( &servaddr, 0, sizeof(servaddr)); servaddr.sin_family = AF_INET; servaddr.sin_port = htons(port); servaddr.sin_addr.s_addr = inet_addr(hostaddr);

c
c

// read and process messages* ...}

c
However, this will create an infinite loop if the server does not respond. This infinite loop will consume system resources and can be used to create a denial of service attack. To resolve this a counter should be used to limit the number of attempts to establish a connection to the server, as in the following code.

Code Example:

Good
C
c

// initialize number of attempts counter* int count = 0; do { ```

c

// read and process messages* ...}

c

ID : DX-205

For this example, the method isReorderNeeded is part of a bookstore application that determines if a particular book needs to be reordered based on the current inventory count and the rate at which the book is being sold.

Code Example:

Bad
Java
java

// get inventory count for book* int inventoryCount = inventory.getIventoryCount(bookISBN);

java
java
However, the while loop will become an infinite loop if the rateSold input parameter has a value of zero since the inventoryCount will never fall below the minimumCount. In this case the input parameter should be validated to ensure that a value of zero does not cause an infinite loop, as in the following code.

Code Example:

Good
Java
java

// validate rateSold variable* if (rateSold < 1) { ``` return isReorder; } ... }

  
Observed Examples 11
CVE-2022-22224Chain: an operating system does not properly process malformed Open Shortest Path First (OSPF) Type/Length/Value Identifiers (TLV) (Improper Check or Handling of Exceptional Conditions), which can cause the process to enter an infinite loop (Loop with Unreachable Exit Condition ('Infinite Loop'))
CVE-2022-25304A Python machine communication platform did not account for receiving a malformed packet with a null size, causing the receiving function to never update the message buffer and be caught in an infinite loop.
CVE-2011-1027Chain: off-by-one error (Off-by-one Error) leads to infinite loop (Loop with Unreachable Exit Condition ('Infinite Loop')) using invalid hex-encoded characters.
CVE-2011-1142Chain: self-referential values in recursive definitions lead to infinite loop.
CVE-2011-1002NULL UDP packet is never cleared from a queue, leading to infinite loop.
CVE-2006-6499Chain: web browser crashes due to infinite loop - "bad looping logic [that relies on] floating point math [Insufficient Precision or Accuracy of a Real Number] to exit the loop [Loop with Unreachable Exit Condition ('Infinite Loop')]"
CVE-2010-4476Floating point conversion routine cycles back and forth between two different values.
CVE-2010-4645Floating point conversion routine cycles back and forth between two different values.
CVE-2010-2534Chain: improperly clearing a pointer in a linked list leads to infinite loop.
CVE-2013-1591Chain: an integer overflow (Integer Overflow or Wraparound) in the image size calculation causes an infinite loop (Loop with Unreachable Exit Condition ('Infinite Loop')) which sequentially allocates buffers without limits (Improperly Controlled Sequential Memory Allocation) until the stack is full.
CVE-2008-3688Chain: A denial of service may be caused by an uninitialized variable (Use of Uninitialized Variable) allowing an infinite loop (Loop with Unreachable Exit Condition ('Infinite Loop')) resulting from a connection to an unresponsive server.
  
References 2
The Art of Software Security Assessment
Mark Dowd, John McDonald, and Justin Schuh
Addison Wesley
2006
ID: REF-62
Automated Source Code Security Measure (ASCSM)
Object Management Group (OMG)
01-2016
http://www.omg.org/spec/ASCSM/1.0/
ID: REF-962
 
  
    
 
 
Applicable Platforms 
 
 
 
 
 
Languages:
 
 
 Not Language-Specific : Undetermined 
  
  
 
 
 
            
 
 
Related Weaknesses 
 
 
 
 
  ChildOf:
 Excessive Iteration (CWE-834) 
  ChildOf:
 Excessive Iteration (CWE-834) 
 
 
 
 
Taxonomy Mapping 
  • OMG ASCSM