Missing Initialization of a Variable
The software does not initialize critical variables, which causes the execution environment to use unexpected values.
The following examples help to illustrate the nature of this weakness and describe methods or techniques which can be used to mitigate the risk.
Note that the examples here are by no means exhaustive and any given weakness may have many subtle varieties, each of which may require different detection methods or runtime controls.
This function attempts to extract a pair of numbers from a user-supplied string.
This code attempts to extract two integer values out of a formatted, user-supplied input. However, if an attacker were to provide an input of the form:
then only the m variable will be initialized. Subsequent use of n may result in the use of an uninitialized variable (CWE-457).
Here, an uninitialized field in a Java class is used in a seldom-called method, which would cause a NullPointerException to be thrown.
This code first authenticates a user, then allows a delete command if the user is an administrator.
The $isAdmin variable is set to true if the user is an admin, but is uninitialized otherwise. If PHP's register_globals feature is enabled, an attacker can set uninitialized variables like $isAdmin to arbitrary values, in this case gaining administrator privileges by setting $isAdmin to true.
In the following Java code the BankManager class uses the user variable of the class User to allow authorized users to perform bank manager tasks. The user variable is initialized within the method setUser that retrieves the User from the User database. The user is then authenticated as unauthorized user through the method authenticateUser.
However, if the method setUser is not called before authenticateUser then the user variable will not have been initialized and will result in a NullPointerException. The code should verify that the user variable has been initialized before it is used, as in the following code.
Weaknesses in this category are related to the rules and recommendations in the Error Handling (ERR) section of the SEI CERT C Coding Standard.
Weaknesses in this category are related to the CISQ Quality Measures for Security. Presence of these weaknesses could reduce the security of the software.
Weaknesses in this category are related to the CISQ Quality Measures for Reliability. Presence of these weaknesses could reduce the reliability of the software.
This view (slice) covers all the elements in CWE.
This view contains a selection of weaknesses that represent the variety of weaknesses that are captured in CWE, at a level of abstraction that is likely to be useful t...
This view (slice) lists weaknesses that can be introduced during implementation.