J2EE Bad Practices: Use of System.exit()
Weakness ID: 382 (Weakness Variant)Status: Draft
+ Description

Description Summary

A J2EE application uses System.exit(), which also shuts down its container.
+ Time of Introduction
  • Implementation
+ Applicable Platforms

Languages

Java

+ Demonstrative Examples

Example 1

Included in the doPost() method defined below is a call to System.exit() in the event of a specific exception.

(Bad Code)
Example Language: Java 
Public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try {
...
} catch (ApplicationSpecificException ase) {
logger.error("Caught: " + ase.toString());
System.exit(1);
}
}
+ Other Notes

Access to a function that can shut down the application is an avenue for Denial of Service (DoS) attacks. The shutdown function should be a privileged function available only to a properly authorized administrative user. Any other possible cause of a shutdown is generally a security vulnerability. (In rare cases, the intended security policy calls for the application to halt as a damage control measure when it determines that an attack is in progress.) Web applications should not call methods that cause the virtual machine to exit, such as System.exit(). Web applications should also not throw any Throwables to the application server as this may adversely affect the container. Non-web applications may have a main() method that contains a System.exit(), but generally should not call System.exit() from other locations in the code. It is never a good idea for a web application to attempt to shut down the application container. A call to System.exit() is probably part of leftover debug code or code imported from a non-J2EE application.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class227Failure to Fulfill API Contract ('API Abuse')
Development Concepts699
ChildOfCategoryCategory361Time and State
Seven Pernicious Kingdoms (primary)700
ChildOfCategoryCategory381J2EE Time and State Issues
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class705Incorrect Control Flow Scoping
Research Concepts (primary)1000
ChildOfCategoryCategory730OWASP Top Ten 2004 Category A9 - Denial of Service
Weaknesses in OWASP Top Ten (2004) (primary)711
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
7 Pernicious KingdomsJ2EE Bad Practices: System.exit()
OWASP Top Ten 2004A9CWE More SpecificDenial of Service
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
7 Pernicious KingdomsExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Sean EidemillerCigitalExternal
added/updated demonstrative examples
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other Notes, Taxonomy Mappings
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11J2EE Bad Practices: System.exit()
Back to top