# Detection of Error Condition Without Action (CWE-390)

The product detects a specific error, but takes no actions to handle the error.

- Prevalence: Média 1 linguagens cobertas
- Impact: Médio Revisão recomendada
- Prevention: Documentada 1 exemplos de correção

**OWASP:** Insecure Design (A04:2021-Insecure Design) - #4

## Description

Empty catch blocks or error handlers that don't actually handle the error can mask problems and lead to undefined behavior. The product may continue operating in an error state, leading to crashes or security vulnerabilities.

## Prevention

Estratégias de prevenção para Detection of Error Condition Without Action baseadas em 1 regras de detecção do Shoulder.

### JavaScript

Log errors with context, respond to users, and propagate or handle appropriately

## Warning Signs

- [MEDIUM] Catch block at line ... has incomplete error handling
- [MEDIUM] empty catch blocks and incomplete error handling patterns that silently swallow errors

## Consequences

- DoS
- Executar código não autorizado
- Modificar dados da aplicação

## Mitigations

- Sempre trate erros adequadamente, mesmo que seja apenas registrando-os
- Implemente recuperação de erros adequada ou comportamento fail-safe
- Use ferramentas de linting para detectar manipuladores de exceção vazios

## Detection

- Total rules: 1
- Languages: javascript, typescript

## Rules by Language

### Javascript (1 rules)

- **Incomplete Error Handling** [MEDIUM]: Detects empty catch blocks and incomplete error handling patterns that silently swallow errors.
  - Remediation: Implement proper error handling with recovery, logging, and user feedback.

### Typescript (1 rules)

- **Incomplete Error Handling** [MEDIUM]: Detects empty catch blocks and incomplete error handling patterns that silently swallow errors.
  - Remediation: Implement proper error handling with recovery, logging, and user feedback.