Excessive Iteration
The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
Description
If the iteration can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory. In many cases, a loop does not need to be infinite in order to cause enough resource consumption to adversely affect the product or its host system; it depends on the amount of resources consumed per iteration.
Demonstrations
The following examples help to illustrate the nature of this weakness and describe methods or techniques which can be used to mitigate the risk.
Note that the examples here are by no means exhaustive and any given weakness may have many subtle varieties, each of which may require different detection methods or runtime controls.
Example One
In this example a mistake exists in the code where the exit condition contained in flg is never called. This results in the function calling itself over and over again until the stack is exhausted.
void do_something_recursive (int flg)
{
... // Do some real work here, but the value of flg is unmodified
if (flg) { do_something_recursive (flg); } // flg is never modified so it is always TRUE - this call will continue until the stack explodes
}
int flag = 1; // Set to TRUE
do_something_recursive (flag);Note that the only difference between the Good and Bad examples is that the recursion flag will change value and cause the recursive call to return.
void do_something_recursive (int flg)
{
... // Do some real work here
// Modify value of flg on done condition
if (flg) { do_something_recursive (flg); } // returns when flg changes to 0
}
int flag = 1; // Set to TRUE
do_something_recursive (flag);Example Two
For this example, the method isReorderNeeded is part of a bookstore application that determines if a particular book needs to be reordered based on the current inventory count and the rate at which the book is being sold.
public boolean isReorderNeeded(String bookISBN, int rateSold) {
boolean isReorder = false;
int minimumCount = 10;
int days = 0;
// get inventory count for book
int inventoryCount = inventory.getIventoryCount(bookISBN);
// find number of days until inventory count reaches minimum
while (inventoryCount > minimumCount) {
inventoryCount = inventoryCount - rateSold;
days++;
}
// if number of days within reorder timeframe
// set reorder return boolean to true
if (days > 0 && days < 5) {
isReorder = true;
}
return isReorder;
}However, the while loop will become an infinite loop if the rateSold input parameter has a value of zero since the inventoryCount will never fall below the minimumCount. In this case the input parameter should be validated to ensure that a value of zero does not cause an infinite loop, as in the following code.
public boolean isReorderNeeded(String bookISBN, int rateSold) {
...
// validate rateSold variable
if (rateSold < 1) {
return isReorder;
}
...
}See Also
Weaknesses in this category are related to insufficient control flow management.
This view (slice) covers all the elements in CWE.
CWE entries in this view (graph) may be used to categorize potential weaknesses within sources that handle public, third-party vulnerability information, such as the N...
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.