Improper Handling of Exceptional Conditions
The product does not handle or incorrectly handles an exceptional condition.
When exceptional conditions are not properly handled, the product may enter an undefined state, crash, or expose sensitive information. This can lead to denial of service, information disclosure, or unexpected behavior.
Comment corriger cette vulnérabilité
Stratégies de prévention pour Improper Handling of Exceptional Conditions basées sur 4 règles de détection Shoulder.
Always check error return values before using other results
result, err := process() - if result == nil { - return + if err != nil { + return fmt.Errorf("process failed: %w", err) } useResult(result)
Use finally blocks to release resources (connections, file handles) on all code paths
- const connection = await pool.getConnection(); - const result = await connection.query(sql); - connection.release(); - return result; + let connection; + try { + connection = await pool.getConnection(); + const result = await connection.query(sql); + return result; + } finally { + if (connection) await connection.release(); + }
Return error responses when security checks fail instead of continuing execution
- from flask import request - - @app.route('/api/admin') - def admin_data(): - try: - user = authenticate(request.headers.get('Authorization')) - except Exception: - pass # Auth failed but continues + from flask import request, abort + + @app.route('/api/admin') + def admin_data(): + try: + user = authenticate(request.headers.get('Authorization')) + except Exception: + abort(403) return {'admin_data': get_sensitive_data()}
Wrap database, file, network, and API operations in try/except with proper logging
- import requests - - def fetch_data(url): - response = requests.get(url) - return response.json() + import logging + import requests + + logger = logging.getLogger(__name__) + + def fetch_data(url): + try: + response = requests.get(url, timeout=5) + response.raise_for_status() + return response.json() + except requests.RequestException as e: + logger.error(f"Request failed: {e}") + return None
Trouvez les vulnérabilités dans votre code
Utilisez Shoulder pour scanner votre code à la recherche de patterns Improper Handling of Exceptional Conditions. 4 règles.
# Scan with Shoulder CLI npx @shoulderdev/cli trust --cwe=755 # Or scan entire project npx @shoulderdev/cli trust .
Règles de Détection (4)
Ce qu'il faut surveiller lors des revues de code
Ces patterns indiquent des vulnérabilités potentielles Improper Handling of Exceptional Conditions. Recherchez-les lors des revues de code et des audits de sécurité.
Scannez votre base de code pour Improper Handling of Exceptional Conditions
Shoulder CLI trouve les motifs vulnérables dans toute votre base de code.