...
Failure to adopt and implement a consistent and comprehensive error-handling policy is detrimental to system survivability and can result in a broad range of vulnerabilities depending on the operational characteristics of the system.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
ERR00-C | Medium | Probable | High | P4 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
| Checks for situations where error information is not checked (rec. partially covered) |
Related Guidelines
...
ISO/IEC TR 24772:2013 | Termination Strategy [REU] |
MISRA C:2012 | Rule 17.1 (required) |
MITRE CWE | CWE-391, Unchecked error condition CWE-544, Missing standardized error handling mechanism |
Bibliography
[Fisher 1999] |
[Horton 1990] | Section 11, p. 168 Section 14, p. 254 |
[Koenig 1989] | Section 5.4, p. 73 |
[Lipson 2000] |
[Lipson 2006] |
[Summit 2005] | C-FAQ Question 20.4 |
...
...