SFP Secondary Cluster: Incorrect Exception Behavior

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

This category identifies Software Fault Patterns (SFPs) within the Incorrect Exception Behavior cluster (SFP6).

Weaknesses

Improper Check or Handling of Exceptional Conditions

The software does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the software.

Improper Cleanup on Thrown Exception

The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.

Missing Report of Error Condition

The software encounters an error but does not provide a status code or return value to indicate that an error has occurred.

Missing Standardized Error Handling Mechanism

The software does not use a standardized method for handling errors throughout the code, which might introduce inconsistent error handling and resultant weaknesses.

Non-exit on Failed Initialization

The software does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format ...

Not Failing Securely ('Failing Open')

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, su...

Return Inside Finally Block

The code has a return statement inside a finally block, which will cause any thrown exception in the try block to be discarded.

Return of Wrong Status Code

A function or operation returns an incorrect return value or status code that does not indicate an error, but causes the product to modify its behavior based on the in...

Concepts

Software Fault Pattern (SFP) Clusters

CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.