CWE-253

Incorrect Check of Function Return Value

Base

Incomplete

Description

The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions.

Important and common functions will return some value about the success of its actions. This will alert the program whether or not to handle any errors caused by that function.

Parent Weaknesses (ChildOf)

CWE-573: Improper Following of Specific...

CWE-754: Improper Check for Unusual or ...

Common Consequences

Scope

Availability

Integrity

Impact

Unexpected State, DoS: Crash, Exit, or Restart

Potential Mitigations

Architecture and Design

Use a language or compiler that uses exceptions and requires the catching of those exceptions.

Implementation

Properly check all functions which return a value.

Implementation

When designing any function make sure you return a value or throw an exception in case of an error.

CVE-2023-49286

Chain: function in web caching proxy does not correctly check a return value (CWE-253) leading to a reachable assertion (CWE-617)

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now