# Unchecked Return Value (CWE-252)

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

- Prevalence: 보통 2개 언어 지원
- Impact: 높음 1개의 높은 심각도 규칙
- Prevention: 문서화됨 2개의 수정 예시

**OWASP:** Insecure Design (A04:2021-Insecure Design) - #4

## Description

When return values are not checked, the program may continue execution in an error state or with incorrect data, potentially leading to security vulnerabilities.

## Prevention

2개의 Shoulder 탐지 규칙을 기반으로 한 Unchecked Return Value 예방 전략.

### Go

Replace blank identifier _ with err and check error return values

### JavaScript

Always check return values from critical operations like password comparison and database writes

## Warning Signs

- [HIGH] Return value from ... at ... is not checked
- [HIGH] critical operations (file system, database, authentication) whose
return values are not checked

## Consequences

- DoS
- 승인되지 않은 코드 실행
- 애플리케이션 데이터 수정

## Mitigations

- 함수의 반환값은 항상 확인하세요
- 확인되지 않은 반환값을 찾아내기 위해 컴파일러 경고를 활용하세요
- 오류 상황을 적절히 처리하세요

## Detection

- Total rules: 2
- Languages: go, javascript, typescript

## Rules by Language

### Go (1 rules)

- **Unchecked Error Return Values** [MEDIUM]: Error return value ignored using blank identifier (_).
  - Remediation: Check all error return values and handle appropriately.

```go
data, err := ioutil.ReadFile(path)
if err != nil {
    return fmt.Errorf("failed to read file: %w", err)
}
```

Learn more: https://shoulder.dev/learn/go/cwe-252/unchecked-errors

### Javascript (1 rules)

- **Unchecked Return Value from Critical Operations** [HIGH]: Detects critical operations (file system, database, authentication) whose
return values are not checked. Ignoring return values can lead to silent
failures, data corruption, and security vulnerabilities.

Critical operations that must have their return values checked include:
- File system operations (write, delete, chmod)
- Database operations (insert, update, delete)
- Authentication/authorization checks
- Cryptographic operations
  - Remediation: Always check return values from critical operations:

```javascript
// ✅ SAFE - Check return value
const result = await fs.writeFile(path, data);
if (!result.success) {
  logger.error('Write failed');
  throw new Error('Failed to write file');
}
```

### Typescript (1 rules)

- **Unchecked Return Value from Critical Operations** [HIGH]: Detects critical operations (file system, database, authentication) whose
return values are not checked. Ignoring return values can lead to silent
failures, data corruption, and security vulnerabilities.

Critical operations that must have their return values checked include:
- File system operations (write, delete, chmod)
- Database operations (insert, update, delete)
- Authentication/authorization checks
- Cryptographic operations
  - Remediation: Always check return values from critical operations:

```javascript
// ✅ SAFE - Check return value
const result = await fs.writeFile(path, data);
if (!result.success) {
  logger.error('Write failed');
  throw new Error('Failed to write file');
}
```