...
Failure to adopt and implement a consistent and comprehensive error-handling policy is detrimental to system survivability and can result in a broad range of vulnerabilities depending on the operational characteristics of the system.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ERR00-C | Medium | Probable | High | P4 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Checks for situations where error information is not checked (rec. partially covered) |
Related Guidelines
...
| ISO/IEC TR 24772:2013 | Termination Strategy [REU] |
| MISRA C:2012 | Rule 17.1 (required) |
| MITRE CWE | CWE-391, Unchecked error condition CWE-544, Missing standardized error handling mechanism |
Bibliography
| [Fisher 1999] |
| [Horton 1990] | Section 11, p. 168 Section 14, p. 254 |
| [Koenig 1989] | Section 5.4, p. 73 |
| [Lipson 2000] |
| [Lipson 2006] |
| [Summit 2005] | C-FAQ Question 20.4 |
...
...