Loop with Unreachable Exit Condition ('Infinite Loop')ID: 835 | Date: (C)2012-05-14 (M)2022-10-10 |
Type: weakness | Status: INCOMPLETE |
Abstraction Type: Base |
Description
The program contains an iteration or loop with an exit
condition that cannot be reached, i.e., an infinite loop.
Extended DescriptionIf the loop can be influenced by an attacker, this weakness could allow
attackers to consume excessive resources such as CPU or memory.
Applicable PlatformsLanguage Class: Language-independent
Common Consequences
Scope | Technical Impact | Notes |
---|
Availability | DoS: resource consumption
(CPU)DoS: resource consumption
(memory)DoS: amplification | An infinite loop will cause unexpected consumption of resources, such
as CPU cycles or memory. The software's operation may slow down, or
cause a long time to respond. |
Detection MethodsNone
Potential MitigationsNone
Relationships
Related CWE | Type | View | Chain |
---|
CWE-835 ChildOf CWE-834 | Weakness | CWE-1000CWE-699 | |
Demonstrative Examples (Details)
- For this example the method isReorderNeeded as part of a bookstore
application that determines if a particular book needs to be reordered based
on the current inventory count and the rate at which the book is being
sold.
- In the following code the method processMessagesFromServer attempts
to establish a connection to a server and read and process messages from the
server. The method uses a do/while loop to continue trying to establish the
connection to the server when an attempt fails.
Observed Examples
- CVE-2011-1027 : Chain: off-by-one error leads to infinite loop using invalid hex-encoded characters.
- CVE-2011-1142 : Chain: self-referential values in recursive definitions lead to infinite loop.
- CVE-2011-1002 : NULL UDP packet is never cleared from a queue, leading to infinite loop.
- CVE-2010-4476 : Floating point conversion routine cycles back and forth between two different values.
- CVE-2010-4645 : Floating point conversion routine cycles back and forth between two different values.
- CVE-2010-2534 : Chain: improperly clearing a pointer in a linked list leads to infinite loop.
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
Taxynomy MappingsNone
References:
- Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 7, "Looping Constructs", Page
327.'. Published on 2006.