# Improper Handling of Exceptional Conditions (CWE-755)

The product does not handle or incorrectly handles an exceptional condition.

**Stack:** Go

- Prevalence: 中 3 言語をカバー
- Impact: ハイ 1 件の重大度ハイのルール
- Prevention: 文書化済み 4 件の修正例

**OWASP:** Insecure Design (A04:2021-Insecure Design) - #4

## Description

When exceptional conditions are not properly handled, the product may enter an undefined state, crash, or expose sensitive information. This can lead to denial of service, information disclosure, or unexpected behavior.

## Prevention

1 件の Shoulder 検出ルールに基づく Improper Handling of Exceptional Conditions の予防策。

### Go

Always check error return values before using other results

## Consequences

- DoS
- アプリケーションデータの読み取り
- 未承認コードの実行

## Mitigations

- 起こり得るすべての例外的状況を想定し、適切に処理する
- try-catch ブロックと適切なエラー処理メカニズムを使用する
- 例外発生時はセキュアにフェイルする

## Detection

- Total rules: 4
- Languages: go, javascript, typescript, python

## Rules by Language

### Go (1 rules)

- **Incomplete Error Handling** [MEDIUM]: Function returns error but caller does not check err != nil.
  - Remediation: Check error return values before using other returned values.

```go
result, err := process()
if err != nil {
    return err
}
// Now safe to use result
```

Learn more: https://shoulder.dev/learn/go/cwe-755/incomplete-error-handling