# Detection of Error Condition Without Action (CWE-390)

The product detects a specific error, but takes no actions to handle the error.

- Prevalence: 보통 1개 언어 지원
- Impact: 보통 검토 권장
- Prevention: 문서화됨 1개의 수정 예시

**OWASP:** Insecure Design (A04:2021-Insecure Design) - #4

## Description

Empty catch blocks or error handlers that don't actually handle the error can mask problems and lead to undefined behavior. The product may continue operating in an error state, leading to crashes or security vulnerabilities.

## Prevention

1개의 Shoulder 탐지 규칙을 기반으로 한 Detection of Error Condition Without Action 예방 전략.

### JavaScript

Log errors with context, respond to users, and propagate or handle appropriately

## Warning Signs

- [MEDIUM] Catch block at line ... has incomplete error handling
- [MEDIUM] empty catch blocks and incomplete error handling patterns that silently swallow errors

## Consequences

- DoS
- 승인되지 않은 코드 실행
- 애플리케이션 데이터 수정

## Mitigations

- 오류는 최소한 로그에 남기는 식으로라도 항상 적절히 처리하세요
- 적절한 오류 복구 또는 안전 종료(fail-safe) 동작을 구현하세요
- 비어 있는 예외 처리기를 탐지하기 위해 린트 도구를 사용하세요

## Detection

- Total rules: 1
- Languages: javascript, typescript

## Rules by Language

### Javascript (1 rules)

- **Incomplete Error Handling** [MEDIUM]: Detects empty catch blocks and incomplete error handling patterns that silently swallow errors.
  - Remediation: Implement proper error handling with recovery, logging, and user feedback.

### Typescript (1 rules)

- **Incomplete Error Handling** [MEDIUM]: Detects empty catch blocks and incomplete error handling patterns that silently swallow errors.
  - Remediation: Implement proper error handling with recovery, logging, and user feedback.