An unexpected return value could place the system in a state that
could lead to a crash or other unintended behaviors.
Likelihood of Exploit
Low
Demonstrative Examples
Example 1
This code attempts to allocate memory for 4 integers and checks if
the allocation succeeds.
(Bad Code)
Example Languages: C and C++
tmp = malloc(sizeof(int) * 4);
if (tmp < 0 ) {
perror("Failure");
//should have checked if the call returned 0
}
The code assumes that only a negative return value would indicate an
error, but malloc() may return a null pointer when there is an error.
The value of tmp could then be equal to 0, and the error would be
missed.
Potential Mitigations
Phase: Architecture and Design
Strategy: Language Selection
Use a language or compiler that uses exceptions and requires the
catching of those exceptions.
Phase: Implementation
Properly check all functions which return a value.
Phase: Implementation
When designing any function make sure you return a value or throw an
exception in case of an error.
Other Notes
Important and common functions will return some value about the success of
its actions. This will alert the program whether or not to handle any errors
caused by that function.
[REF-7] Mark Dowd, John McDonald
and Justin Schuh. "The Art of Software Security Assessment". Chapter 7, "Return Value Testing and Interpretation", Page
340.. 1st Edition. Addison Wesley. 2006.
Description
