Software `Software vulnerabilities can result when a programmer fails to consider all possible data states.
...
Failing to take into account all possibilities within a logic statement can lead to a corrupted running state, potentially resulting in unintentional information disclosure or abnormal termination.
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Parasoft Jtest |
| CERT.MSC57.PDCL CERT.MSC57.PDS | Place "default" as the last case of the "switch" statement Provide "default:" for each "switch" statement | ||||||
PVS-Studio |
| V6002, V6003, V6007, V6018, V6031, V6037, V6057, V6077 |
Related Guidelines
Bibliography
[Hatton 1995] | §2.7.2, "Errors of Omission and Addition" |
[Viega 2005] | §5.2.17, "Failure to Account for Default Case in Switch" |
[Zadegan 2009] | A Lesson on Infinite Loops |
...
...