Failure to Use a Standardized Error Handling Mechanism |
Weakness ID: 544 (Weakness Base) | Status: Draft |
Description Summary
The software does not use a standardized method for handling errors throughout the code, which might introduce inconsistent error handling and resultant weaknesses.
Extended Description
If the application handles error messages individually, on a one-by-one basis, this is likely to result in inconsistent error handling. The causes of errors may be lost. Also, detailed information about the causes of an error may be unintentionally returned to the user.
Phase: Architecture and Design define a strategy for handling errors of different severities, such as fatal errors versus basic log events. Use or create built-in language features, or an external package, that provides an easy-to-use API and define coding standards for the detection and handling of errors. |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 388 | Error Handling | Development Concepts (primary)699 |
ChildOf | Category | 746 | CERT C Secure Coding Section 12 - Error Handling (ERR) | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ChildOf | Weakness Class | 755 | Improper Handling of Exceptional Conditions | Research Concepts (primary)1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
Anonymous Tool Vendor (under NDA) | |||
CERT C Secure Coding | ERR00-C | Adopt and implement a consistent and comprehensive error-handling policy |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
Anonymous Tool Vendor (under NDA) | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Potential Mitigations, Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Description, Relationships, Taxonomy Mappings | ||||
2008-10-14 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
2008-11-24 | CWE Content Team | MITRE | Internal | |
updated Relationships, Taxonomy Mappings | ||||
2009-03-10 | CWE Content Team | MITRE | Internal | |
updated Description, Name, Relationships | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Potential Mitigations, Time of Introduction | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2009-03-10 | Missing Error Handling Mechanism | |||