Unexpected Status Code or Return Value |
Weakness ID: 394 (Weakness Base) | Status: Draft |
Description Summary
The software does not properly check when a function or operation returns a value that is legitimate for the function, but is not expected by the software.
Reference | Description |
---|---|
CVE-2004-1395 | Certain packets (zero byte and other lengths) cause a recvfrom call to produce an unexpected return code that causes a server's listening loop to exit. |
CVE-2002-2124 | Unchecked return code from recv() leads to infinite loop. |
CVE-2005-2553 | Kernel function does not properly handle when a null is returned by a function call, causing it to call another function that it shouldn't. |
CVE-2005-1858 | Memory not properly cleared when read() function call returns fewer bytes than expected. |
CVE-2000-0536 | Bypass access restrictions when connecting from IP whose DNS reverse lookup does not return a hostname. |
CVE-2001-0910 | Bypass access restrictions when connecting from IP whose DNS reverse lookup does not return a hostname. |
CVE-2004-2371 | Game server doesn't check return values for functions that handle text strings and associated size values. |
CVE-2005-1267 | Resultant infinite loop when function call returns -1 value. |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 389 | Error Conditions, Return Values, Status Codes | Development Concepts (primary)699 |
ChildOf | Category | 728 | OWASP Top Ten 2004 Category A7 - Improper Error Handling | Weaknesses in OWASP Top Ten (2004) (primary)711 |
ChildOf | Weakness Class | 754 | Improper Check for Unusual or Exceptional Conditions | Research Concepts (primary)1000 |
Usually primary, but can be resultant from issues such as behavioral change or API abuse. This can produce resultant vulnerabilities. |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | Unexpected Status Code or Return Value |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Relationships, Other Notes, Taxonomy Mappings | ||||
2009-03-10 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
2009-12-28 | CWE Content Team | MITRE | Internal | |
updated Other Notes, Relationship Notes |