# Improper Handling of Exceptional Conditions (CWE-755)

The product does not handle or incorrectly handles an exceptional condition.

**Stack:** Go

- Prevalence: Medium 3 languages covered
- Impact: High 1 high-severity rules
- Prevention: Documented 4 fix examples

**OWASP:** Insecure Design (A04:2021-Insecure Design) - #4

## Description

When exceptional conditions are not properly handled, the product may enter an undefined state, crash, or expose sensitive information. This can lead to denial of service, information disclosure, or unexpected behavior.

## Prevention

Prevention strategies for Improper Handling of Exceptional Conditions based on 1 Shoulder detection rules.

### Go

Always check error return values before using other results

## Consequences

- DoS
- Read Application Data
- Execute Unauthorized Code

## Mitigations

- Anticipate all potential exceptional conditions and handle them appropriately
- Use try-catch blocks and proper error handling mechanisms
- Fail securely when an exception occurs

## Detection

- Total rules: 4
- Languages: go, javascript, typescript, python

## Rules by Language

### Go (1 rules)

- **Incomplete Error Handling** [MEDIUM]: Function returns error but caller does not check err != nil.
  - Remediation: Check error return values before using other returned values.

```go
result, err := process()
if err != nil {
    return err
}
// Now safe to use result
```

Learn more: https://shoulder.dev/learn/go/cwe-755/incomplete-error-handling