# Unchecked Error Condition (CWE-391)

The product does not properly check when a function or operation returns a value that is associated with an error condition.

**Stack:** Python

- Prevalence: मध्यम 3 भाषाएँ कवर की गईं
- Impact: उच्च 1 उच्च गंभीरता वाले नियम
- Prevention: प्रलेखित 3 फिक्स उदाहरण

**OWASP:** Insecure Design (A04:2021-Insecure Design) - #4

## Description

When error conditions are not checked, the application may continue with invalid or unexpected state, potentially leading to crashes, data corruption, or security vulnerabilities.

## Prevention

1 Shoulder डिटेक्शन नियमों पर आधारित Unchecked Error Condition के लिए रोकथाम रणनीतियाँ।

### Python

Log exceptions or handle them explicitly instead of silently swallowing with pass

## Warning Signs

- [MEDIUM] empty except blocks that silently swallow exceptions

## Consequences

- DoS
- अनधिकृत कोड निष्पादित करना
- एप्लिकेशन डेटा संशोधित करना

## Mitigations

- सभी रिटर्न मानों और त्रुटि स्थितियों की जाँच करें
- जहाँ उपयुक्त हो, अपवाद हैंडलिंग का उपयोग करें
- उचित त्रुटि पुनर्प्राप्ति तंत्र लागू करें

## Detection

- Total rules: 3
- Languages: go, javascript, typescript, python

## Rules by Language

### Python (1 rules)

- **Empty Exception Handler** [MEDIUM]: Detects empty except blocks that silently swallow exceptions. This can hide
security-critical errors, authentication failures, or data validation issues.
  - Remediation: Log exceptions or handle them explicitly instead of using empty except blocks.

```python
import logging

logger = logging.getLogger(__name__)

try:
    risky_operation()
except Exception as e:
    logger.error(f"Operation failed: {e}", exc_info=True)
    return {'error': 'Operation failed'}, 500
```

Learn more: https://shoulder.dev/learn/python/cwe-391/empty-except