SEI CERT C Coding Standard - Guidelines 12. Error Handling (ERR)
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Summary
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to the rules and recommendations in the Error Handling (ERR) section of the SEI CERT C Coding Standard.
Weaknesses
The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions.
The product does not initialize critical variables, which causes the execution environment to use unexpected values.
The product uses an API function, data structure, or other entity in a way that relies on properties that are not always guaranteed to hold for that entity.
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to in...
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
The product invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.
Concepts
CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommen...
See Also
- SEI CERT C Coding Standard : Rule 12. Error Handling (ERR)
The Software Engineering Institute
- SEI CERT C Coding Standard : Rec 12. Error Handling (ERR)
The Software Engineering Institute
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.