Failure to account for default case in switch

Revision as of 18:53, 23 September 2008 by KirstenS (Talk | contribs)

Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Last revision (mm/dd/yy): 09/23/2008

Vulnerabilities Table of Contents

ASDR Table of Contents


The failure to account for the default case in switch statements may lead to complex logical errors and may aid in other, unexpected security-related conditions.


Undefined: Depending on the logical circumstances involved, any consequences may result: e.g., issues of confidentiality, authentication, authorization, availability, integrity, accountability, or non-repudiation.

Exposure period

Implementation: This flaw is a simple logic issue, introduced entirely at implementation time.


  • Language: Any
  • Platform: Any

Required resources




Likelihood of exploit


This flaw represents a common problem in software development, in which not all possible values for a variable are considered or handled by a given process. Because of this, further decisions are made based on poor information, and cascading failure results.

This cascading failure may result in any number of security issues, and constitutes a significant failure in the system. In the case of switch style statements, the very simple act of creating a default case can mitigate this situation, if done correctly.

Often however, the default cause is used simply to represent an assumed option, as opposed to working as a sanity check. This is poor practice and in some cases is as bad as omitting a default case entirely.

Risk Factors



In general, a safe switch statement has this form:

switch (value) {       
  case 'A':            
  case 'B':            
    printf("Neither A nor B\n");    

This is because the assumption cannot be made that all possible cases are accounted for. A good practice is to reserve the default case for error handling.

Related Attacks

Related Vulnerabilities

  • Undefined: A logical flaw of this kind might lead to any number of other flaws.

Related Controls

  • Implementation: Ensure that there are no unaccounted for cases, when adjusting flow or values based on the value of a given variable. In switch statements, this can be accomplished through the use of the default label.

Related Technical Impacts