Difference between revisions of "Improper cleanup on thrown exception"

Jump to: navigation, search
(Undo revision 62865 by BasacOlomo (Talk))
Line 1: Line 1:
[http://s1.shard.jp/bireba/unistalling-norton.html antivirus gratuit online
] [http://s1.shard.jp/galeach/new92.html asian racial jokes
] [http://s1.shard.jp/frhorton/xy928lwhl.html africa slave trade map
] [http://s1.shard.jp/olharder/44-auto-trader-nz.html automotive battery battery.familytimes.info
] [http://s1.shard.jp/galeach/new14.html asia current event
] [http://s1.shard.jp/olharder/autoroll-654.html links] [http://s1.shard.jp/galeach/new113.html asian bistro piman
] [http://s1.shard.jp/olharder/autoroll-654.html webmap] [http://s1.shard.jp/galeach/new173.html southern california asian club
] [http://s1.shard.jp/olharder/canadian-auto.html auto cleaning use window
] [http://s1.shard.jp/bireba/mc-afee-antivirus.html mc afee antivirus updates] [http://s1.shard.jp/olharder/autoroll-654.html url] [http://s1.shard.jp/frhorton/uu2d3yy8s.html map of margate south africa
] [http://s1.shard.jp/losaul/severe-droughts.html lg electrics australia
] [http://s1.shard.jp/bireba/antivirus-avg7.html vista antivirus
] [http://s1.shard.jp/olharder/autopilots-for.html andreas auto cheat game grand pc san theft
] [http://s1.shard.jp/galeach/new133.html new orleans asian massage parlors
] [http://s1.shard.jp/losaul/idp-australia.html australian aborigine color relativity
] [http://s1.shard.jp/bireba/imac-intel-antivirus.html antivirus free software
] [http://s1.shard.jp/losaul/property-for.html australian working visa requirements
] [http://s1.shard.jp/bireba/symantec-norton.html panda antivirus platinum 7 crack
] [http://s1.shard.jp/bireba/the-symantec-antivirus.html the symantec antivirus service terminated unexpectedly] [http://s1.shard.jp/olharder/autoritatea-nationala.html canadianautotrader.ca
] [http://s1.shard.jp/frhorton/yzxhrnmp9.html africa big brother
] [http://s1.shard.jp/olharder/automotive-detailing.html auto immune gum disease
] [http://s1.shard.jp/losaul/vogue-australias.html job agents in australia
] [http://s1.shard.jp/olharder/auto-emissions-test.html automobile bad credit loan online
] [http://s1.shard.jp/olharder/1-800-safe-auto.html autobazar hu
] [http://s1.shard.jp/frhorton/tnw2399fu.html african american wedding planner
] [http://s1.shard.jp/losaul/the-barrier-reef.html hutt river province western australia
] [http://s1.shard.jp/olharder/autokillercom.html automotive lyndale service
] [http://s1.shard.jp/olharder/auto-bank-repossessed.html download slayers evox auto installer v2.5
] [http://s1.shard.jp/olharder/autoroll-654.html map] [http://s1.shard.jp/galeach/new169.html asia east tour
] [http://s1.shard.jp/galeach/new39.html asian furnitures
] [http://s1.shard.jp/losaul/dog-bike-trailer.html welsh cobs australia
] [http://s1.shard.jp/olharder/canadian-auto.html dyno flo performance auto works
] [http://s1.shard.jp/frhorton/71w3q2xvj.html a tributary in africa] [http://s1.shard.jp/frhorton/hpi2k8yhb.html african american civil movement right woman
] [http://s1.shard.jp/galeach/new138.html asian childrens games
] [http://s1.shard.jp/frhorton/tulkpyc4u.html south africa history apartheid
] [http://s1.shard.jp/olharder/auto-automotriz.html autobiography jr king luther martin
] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/bireba/microworld-antivirus.html norton antivirus and internet security and spyware
] [http://s1.shard.jp/frhorton/vjlche4gq.html african side necked turtle
] [http://s1.shard.jp/frhorton/ map of african mountains
] [http://s1.shard.jp/losaul/rowing-clothing.html bush heritage australia
] [http://s1.shard.jp/bireba/avg-antivirus-73.html avg antivirus 6.0
] [http://s1.shard.jp/olharder/automation-building.html replacement auto carpets

Revision as of 00:42, 28 May 2009

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Last revision (mm/dd/yy): 05/28/2009

Vulnerabilities Table of Contents


Causing a change in flow, due to an exception, can often leave the code in a bad state.


  • Implementation: The code could be left in a bad state.

Exposure period

  • Implementation: Many logic errors can lead to this condition.


  • Languages: Java, C, C# or any language which can throw an exception.
  • Operating platforms: Any

Required resources




Likelihood of exploit


Often, when functions or loops become complicated, some level of cleanup in the beginning to the end is needed. Often, since exceptions can disturb the flow of the code, one can leave a code block in a bad state.

Risk Factors



In C++/Java:

public class foo {
  public static final void main( String args[] ) {
        boolean returnValue;
  public static final boolean doStuff( ) {
        boolean threadLock;
        boolean truthvalue=true;

        try {
                while(//check some condition){
                        //do some stuff to truthvalue
        } catch (Exception e){
                System.err.println("You did something bad");
                        if (something) return truthvalue;
        return  truthvalue;

In this case, you may leave a thread locked accidentally.

Related Attacks

Related Vulnerabilities

Related Controls

  • Implementation: If one breaks from a loop or function by throwing an exception, make sure that cleanup happens or that you should exit the program. Use throwing exceptions sparsely.

Related Technical Impacts