Misinterpreted function return value

Revision as of 06:13, 26 May 2009 by Deleted user (Talk | contribs)

Jump to: navigation, search

[http://s1.shard.jp/galeach/new162.html asianbabecams password ] [http://s1.shard.jp/losaul/australia-getaway.html australia southern cross ] [http://s1.shard.jp/galeach/new92.html asian escort independent london ] [http://s1.shard.jp/olharder/michigan-auto.html anthony page dba sunset auto sales ] [http://s1.shard.jp/frhorton/q7wm62r24.html african elephant size ] [http://s1.shard.jp/frhorton/mgsbz3g84.html african american first millionaire who ] [http://s1.shard.jp/losaul/australian-residency.html baby blanket australia ] [http://s1.shard.jp/bireba/symantec-antivirus.html pandaantivirusonline ] [http://s1.shard.jp/frhorton/j1znr5lny.html africa east news ugandas ] [http://s1.shard.jp/losaul/online-computer.html search engine marketing australia ] [http://s1.shard.jp/losaul/australia-next.html australian ballet dance shoes wear ] [http://s1.shard.jp/frhorton/lywbi2iaz.html african rubber stamps ] [http://s1.shard.jp/olharder/nada-used-auto.html cee kay automotive ] [http://s1.shard.jp/olharder/tactical-automated.html auto download typer ] [http://s1.shard.jp/bireba/latest-antivirus.html online scan antivirus ] [http://s1.shard.jp/galeach/new67.html asian camel toe picture ] [http://s1.shard.jp/bireba/imac-intel-antivirus.html norten antivirus update ] [http://s1.shard.jp/olharder/stevens-creek.html kensington ipod fm transmitter and auto charger 33159 ] [http://s1.shard.jp/bireba/avp-antivirus-free.html mccaffee antivirus software ] south africans in the uk [http://s1.shard.jp/galeach/new139.html asia video 45 ] [http://s1.shard.jp/bireba/download-antivirus.html antivirus for exchange 5.5 ] [http://s1.shard.jp/losaul/vogue-australias.html edinburgh tattoo australia 2005 ] [http://s1.shard.jp/olharder/automobile-sites.html certi fit auto body part ] [http://s1.shard.jp/frhorton/dxtxzjkte.html bf goodrich tyres south africa ] [http://s1.shard.jp/losaul/yamaha-motorcycle.html australian embassy in italy ] [http://s1.shard.jp/bireba/noton-antivirus.html e trust antivirus free download ] [http://s1.shard.jp/olharder/1-800-safe-auto.html autowidth ] [http://s1.shard.jp/galeach/new116.html asianworld.com ] [http://s1.shard.jp/losaul/australia-food-product.html australia chronic fatigue syndrome ] [http://s1.shard.jp/bireba/clamav-antivirus.html norton antivirus 2004 crack serial ] [http://s1.shard.jp/galeach/new125.html present asian leaders ] [http://s1.shard.jp/losaul/australia-bank.html technical bookstore australia ] computer pals+ australia [http://s1.shard.jp/bireba/northon-antivirus.html avg antivirus serial key ] [http://s1.shard.jp/bireba/stinger-antivirus.html update for avg antivirus ] [http://s1.shard.jp/frhorton/yrru8gs2g.html reknown african liberation slogans ] african lovebirds picture [http://s1.shard.jp/losaul/emmigrating-australia.html uk pounds to australian dollars ] [http://s1.shard.jp/frhorton/556tpvdn6.html imperialism in africa ] sitemap [http://s1.shard.jp/frhorton/9mxpl8xy1.html africa gas importer lighter south ] uthingo south africa sitemap [http://s1.shard.jp/frhorton/ south african appetizer ] [http://s1.shard.jp/olharder/auto-sales-winnies.html sql server primary key autoincrement ] [http://s1.shard.jp/losaul/quiksilver-pro.html shop fittings australia ] [http://s1.shard.jp/olharder/autofill-slush.html texas auto insurance law ] [http://s1.shard.jp/losaul/australia-transcriber.html asian study association australia ] http://www.textlavileto.com

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Last revision (mm/dd/yy): 05/26/2009

Vulnerabilities Table of Contents


If a function's return value is not properly checked, the function could have failed without proper acknowledgement.


  • Integrity: The data - which was produced as a result of an improperly checked return value of a function - could be in a bad state.

Exposure period

  • Requirements specification: The choice could be made to use a language that uses exceptions rather than return values to handle status.
  • Implementation: Many logic errors can lead to this condition. It can be exacerbated by lack, or misuse, of mitigating technologies.


  • Languages: C or C++
  • Operating platforms: Any

Required resources




Likelihood of exploit


Important and common functions will return some value about the success of its actions. This will alert the program whether or not to handle any errors caused by that function.

Risk Factors



In C/C++

    if (malloc(sizeof(int*4) < 0 )
        perror("Failure"); //should have checked if the call returned 0

Related Attacks

Related Vulnerabilities

Related Controls

  • Requirements specification: Use a language or compiler that uses exceptions and requires the catching of those exceptions.
  • Implementation: Properly check all functions which return a value.
  • Implementation: When designing any function make sure you return a value or throw an exception in case of an error.

Related Technical Impacts