This category includes weaknesses that occur if a function does not generate the correct return/status code, or if the application does not handle all possible return/status codes that could be generated by a function. This type of problem is most often found in conditions that are rarely encountered during the normal operation of the product. Presumably, most bugs related to common conditions are found and eliminated during development and testing. In some cases, the attacker can directly control or influence the environment to trigger the rare conditions.
| Nature | Mapping | Type | ID | Name |
|---|---|---|---|---|
| MemberOf | Prohibited | V | 699 | Software Development |
| HasMember | Allowed | B | 209 | Generation of Error Message Containing Sensitive Information |
| HasMember | Allowed | B | 248 | Uncaught Exception |
| HasMember | Allowed | B | 252 | Unchecked Return Value |
| HasMember | Allowed | B | 253 | Incorrect Check of Function Return Value |
| HasMember | Allowed | B | 390 | Detection of Error Condition Without Action |
| HasMember | Prohibited | B | 391 | Unchecked Error Condition |
| HasMember | Allowed | B | 392 | Missing Report of Error Condition |
| HasMember | Allowed | B | 393 | Return of Wrong Status Code |
| HasMember | Allowed | B | 394 | Unexpected Status Code or Return Value |
| HasMember | Allowed | B | 395 | Use of NullPointerException Catch to Detect NULL Pointer Dereference |
| HasMember | Allowed | B | 396 | Declaration of Catch for Generic Exception |
| HasMember | Allowed | B | 397 | Declaration of Throws for Generic Exception |
| HasMember | Allowed | B | 544 | Missing Standardized Error Handling Mechanism |
| HasMember | Allowed | B | 584 | Return Inside Finally Block |
| HasMember | Allowed | B | 617 | Reachable Assertion |
| HasMember | Allowed | B | 756 | Missing Custom Error Page |
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
See member weaknesses of this category.
Many researchers focus on the resultant weaknesses and do not necessarily diagnose whether a rare condition is the primary factor. However, since 2005 it seems to be reported more frequently than in the past. This subject needs more study.
N/A
| Taxonomy Name | Entry ID | Fit | Entry Name |
|---|