CWE-478: Missing Default Case in Multiple Condition Expression
ID
CWE-478
Abstraction
Base
Structure
Simple
Status
Draft
The code does not have a default case in an expression with multiple conditions, such as a switch statement.
If a multiple-condition expression (such as a switch in C) omits the default case but does not consider or handle all possible values that could occur, then this might lead to complex logical errors and resultant weaknesses. Because of this, further decisions are made based on poor information, and cascading failure results. This cascading failure may result in any number of security issues, and constitutes a significant failure in the system.
Modes of Introduction
| Phase | Note |
|---|---|
| Implementation |
Applicable Platforms
| Type | Class | Name | Prevalence |
|---|---|---|---|
| Language | C | ||
| Language | C++ | ||
| Language | Java | ||
| Language | C# | ||
| Language | Python | ||
| Language | JavaScript |
Loading...