CWE-460: Improper Cleanup on Thrown Exception

Description

The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.

Submission Date :

July 19, 2006, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE
Extended Description

Often, when functions or loops become complicated, some level of resource cleanup is needed throughout execution. Exceptions can disturb the flow of the code and prevent the necessary cleanup from happening.

Example Vulnerable Codes

Example - 1

The following example demonstrates the weakness.


boolean returnValue;returnValue=doStuff();


// //check some condition// 

threadLock=true; //do some stuff to truthvaluethreadLock=false;while() {}

System.err.println("You did something bad");if (something) return truthvalue;
boolean threadLock;boolean truthvalue=true;try {}catch (Exception e){}return truthvalue;public static final void main( String args[] ) {}public static final boolean doStuff( ) {}public class foo {}

In this case, you may leave a thread locked accidentally.

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

Visit http://cwe.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Nov. 05, 2024 9:23