CWE-252
Overview
- CWE ID
- 252
- CWE Name
- Unchecked Return Value
- CWE Abstraction
- Base
- CWE structure
- Simple
- CWE Status
- Draft
Description
The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
Extended Description
Two common programmer assumptions are "this function call can never fail" and "it doesn't matter if this function call fails". If an attacker can force the function to fail or otherwise return a value that is not expected, then the subsequent program logi