CWE-460: Improper Cleanup on Thrown Exception

Description

The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.

Often, when functions or loops become complicated, some level of resource cleanup is needed throughout execution. Exceptions can disturb the flow of the code and prevent the necessary cleanup from happening.

Potential Impact

Other

Varies by Context

Demonstrative Examples

The following example demonstrates the weakness.

Bad

public class foo {
                        public static final void main( String args[] ) {
                              
                                 boolean returnValue;returnValue=doStuff();
                           }public static final boolean doStuff( ) {
                              
                                 boolean threadLock;boolean truthvalue=true;try {
                                    
                                       while(
                                       //check some condition
                                       ) {
                                          
                                             threadLock=true; //do some stuff to truthvaluethreadLock=false;
                                       }
                                 }catch (Exception e){
                                    
                                       System.err.println("You did something bad");if (something) return truthvalue;
                                 }return truthvalue;
                           }
                     }

In this case, a thread might be left locked accidentally.

Mitigations & Prevention

Implementation

If one breaks from a loop or function by throwing an exception, make sure that cleanup happens or that you should exit the program. Use throwing exceptions sparsely.

Detection Methods

Automated Static Analysis High — Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then sea

Taxonomy Mappings

CLASP: — Improper cleanup on thrown exception
The CERT Oracle Secure Coding Standard for Java (2011): ERR03-J — Restore prior object state on method failure
The CERT Oracle Secure Coding Standard for Java (2011): ERR05-J — Do not let checked exceptions escape from a finally block
SEI CERT Perl Coding Standard: EXP31-PL — Do not suppress or ignore exceptions

Frequently Asked Questions

What is CWE-460?

CWE-460 (Improper Cleanup on Thrown Exception) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.

How can CWE-460 be exploited?

Attackers can exploit CWE-460 (Improper Cleanup on Thrown Exception) to varies by context. This weakness is typically introduced during the Implementation phase of software development.

How do I prevent CWE-460?

Key mitigations include: If one breaks from a loop or function by throwing an exception, make sure that cleanup happens or that you should exit the program. Use throwing exceptions sparsely.

What is the severity of CWE-460?

CWE-460 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.