{"@ID": "835", "@Name": "Loop with Unreachable Exit Condition ('Infinite Loop')", "@Abstraction": "Base", "@Structure": "Simple", "@Status": "Incomplete", "@Diagram": "/data/images/CWE-835-Diagram.png", "Description": "The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.", "Related_Weaknesses": {"Related_Weakness": [{"@Nature": "ChildOf", "@CWE_ID": "834", "@View_ID": "1000", "@Ordinal": "Primary"}, {"@Nature": "ChildOf", "@CWE_ID": "834", "@View_ID": "1003", "@Ordinal": "Primary"}]}, "Weakness_Ordinalities": {"Weakness_Ordinality": {"Ordinality": "Primary"}}, "Applicable_Platforms": {"Language": {"@Class": "Not Language-Specific", "@Prevalence": "Undetermined"}, "Technology": {"@Class": "Not Technology-Specific", "@Prevalence": "Undetermined"}}, "Modes_Of_Introduction": {"Introduction": {"Phase": "Implementation"}}, "Common_Consequences": {"Consequence": {"Scope": "Availability", "Impact": ["DoS: Resource Consumption (CPU)", "DoS: Resource Consumption (Memory)", "DoS: Amplification"], "Note": "An infinite loop will cause unexpected consumption of resources, such as CPU cycles or memory. The software's operation may slow down, or cause a long time to respond."}}, "Detection_Methods": {"Detection_Method": {"@Detection_Method_ID": "DM-14", "Method": "Automated Static Analysis", "Description": "Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect \"sources\" (origins of input) with \"sinks\" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)", "Effectiveness": "High"}}, "Demonstrative_Examples": {"Demonstrative_Example": [{"Intro_Text": "In the following code the method processMessagesFromServer attempts to establish a connection to a server and read and process messages from the server. The method uses a do/while loop to continue trying to establish the connection to the server when an attempt fails.", "Example_Code": [{"@Nature": "Bad", "@Language": "C", "xhtml:div": {"xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null], "xhtml:i": ["// create socket to connect to server", "// keep trying to establish connection to the server", "// close socket and return success or failure"], "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null, null], "xhtml:i": ["// establish connection to server", "// if connected then read and process messages from server"], "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null], "xhtml:i": "// read and process messages", "#text": "..."}}, "#text": "connected = connect(servsock, (struct sockaddr *)&servaddr, sizeof(servaddr));\n                                 \n                                 \n                                 if (connected > -1) {}"}}, "#text": "...int servsock;int connected;struct sockaddr_in servaddr;\n                           \n                           \n                           servsock = socket( AF_INET, SOCK_STREAM, 0);memset( &servaddr, 0, sizeof(servaddr));servaddr.sin_family = AF_INET;servaddr.sin_port = htons(port);servaddr.sin_addr.s_addr = inet_addr(hostaddr);\n                           do {\n                           \n                           \n                           } while (connected < 0);\n                           \n                           \n                           ..."}}, "#text": "int processMessagesFromServer(char *hostaddr, int port) {}"}}, {"@Nature": "Good", "@Language": "C", "xhtml:div": {"xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null, null, null, null, null, null], "xhtml:i": ["// initialize number of attempts counter", "// keep trying to establish connection to the server", "// up to a maximum number of attempts", "// close socket and return success or failure"], "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null, null, null, null, null], "xhtml:i": ["// establish connection to server", "// increment counter", "// if connected then read and process messages from server"], "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null], "xhtml:i": "// read and process messages", "#text": "..."}}, "#text": "connected = connect(servsock, (struct sockaddr *)&servaddr, sizeof(servaddr));\n                                 \n                                 \n                                 count++;\n                                 \n                                 \n                                 if (connected > -1) {}"}}, "#text": "...\n                           \n                           int count = 0;do {\n                           \n                           \n                           \n                           \n                           \n                           } while (connected < 0 && count < MAX_ATTEMPTS);\n                           \n                           \n                           ..."}}, "#text": "int processMessagesFromServer(char *hostaddr, int port) {}"}}], "Body_Text": "However, this will create an infinite loop if the server does not respond. This infinite loop will consume system resources and can be used to create a denial of service attack. To resolve this a counter should be used to limit the number of attempts to establish a connection to the server, as in the following code."}, {"@Demonstrative_Example_ID": "DX-205", "Intro_Text": "For this example, the method isReorderNeeded is part of a bookstore application that determines if a particular book needs to be reordered based on the current inventory count and the rate at which the book is being sold.", "Example_Code": [{"@Nature": "Bad", "@Language": "Java", "xhtml:div": {"xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null], "xhtml:i": ["// get inventory count for book", "// find number of days until inventory count reaches minimum", "// if number of days within reorder timeframe", "// set reorder return boolean to true"], "xhtml:div": [{"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null], "#text": "inventoryCount = inventoryCount - rateSold;days++;"}}, {"@style": "margin-left:1em;", "#text": "isReorder = true;"}], "#text": "boolean isReorder = false;\n                           int minimumCount = 10;int days = 0;\n                           \n                           \n                           int inventoryCount = inventory.getIventoryCount(bookISBN);\n                           \n                           \n                           while (inventoryCount > minimumCount) {}\n                           \n                           \n                           \n                           \n                           \n                           if (days > 0 && days < 5) {}\n                           return isReorder;"}}, "#text": "public boolean isReorderNeeded(String bookISBN, int rateSold) {}"}}, {"@Nature": "Good", "@Language": "Java", "xhtml:div": {"xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null], "xhtml:i": "// validate rateSold variable", "xhtml:div": {"@style": "margin-left:1em;", "#text": "return isReorder;"}, "#text": "...\n                           \n                           \n                           if (rateSold < 1) {}\n                           ..."}}, "#text": "public boolean isReorderNeeded(String bookISBN, int rateSold) {}"}}], "Body_Text": "However, the while loop will become an infinite loop if the rateSold input parameter has a value of zero since the inventoryCount will never fall below the minimumCount. In this case the input parameter should be validated to ensure that a value of zero does not cause an infinite loop, as in the following code."}]}, "Observed_Examples": {"Observed_Example": [{"Reference": "CVE-2025-32399", "Description": "Chain: library for implementing Profinet devices does not check an input for a loop condition (CWE-606), allowing an infinite loop (CWE-835) via a crafted RPC packet", "Link": "https://www.cve.org/CVERecord?id=CVE-2025-32399"}, {"Reference": "CVE-2022-22224", "Description": "Chain: an operating system does not properly process malformed Open Shortest Path First (OSPF) Type/Length/Value Identifiers (TLV) (CWE-703), which can cause the process to enter an infinite loop (CWE-835)", "Link": "https://www.cve.org/CVERecord?id=CVE-2022-22224"}, {"Reference": "CVE-2022-25304", "Description": "A Python machine communication platform did not account for receiving a malformed packet with a null size, causing the receiving function to never update the message buffer and be caught in an infinite loop.", "Link": "https://www.cve.org/CVERecord?id=CVE-2022-25304"}, {"Reference": "CVE-2011-1027", "Description": "Chain: off-by-one error (CWE-193) leads to infinite loop (CWE-835) using invalid hex-encoded characters.", "Link": "https://www.cve.org/CVERecord?id=CVE-2011-1027"}, {"Reference": "CVE-2011-1142", "Description": "Chain: self-referential values in recursive definitions lead to infinite loop.", "Link": "https://www.cve.org/CVERecord?id=CVE-2011-1142"}, {"Reference": "CVE-2011-1002", "Description": "NULL UDP packet is never cleared from a queue, leading to infinite loop.", "Link": "https://www.cve.org/CVERecord?id=CVE-2011-1002"}, {"Reference": "CVE-2006-6499", "Description": "Chain: web browser crashes due to infinite loop - \"bad\n\t      looping logic [that relies on] floating point math [CWE-1339] to exit\n\t      the loop [CWE-835]\"", "Link": "https://www.cve.org/CVERecord?id=CVE-2006-6499"}, {"Reference": "CVE-2010-4476", "Description": "Floating point conversion routine cycles back and forth between two different values.", "Link": "https://www.cve.org/CVERecord?id=CVE-2010-4476"}, {"Reference": "CVE-2010-4645", "Description": "Floating point conversion routine cycles back and forth between two different values.", "Link": "https://www.cve.org/CVERecord?id=CVE-2010-4645"}, {"Reference": "CVE-2010-2534", "Description": "Chain: improperly clearing a pointer in a linked list leads to infinite loop.", "Link": "https://www.cve.org/CVERecord?id=CVE-2010-2534"}, {"Reference": "CVE-2013-1591", "Description": "Chain: an integer overflow (CWE-190) in the image size calculation causes an infinite loop (CWE-835) which sequentially allocates buffers without limits (CWE-1325) until the stack is full.", "Link": "https://www.cve.org/CVERecord?id=CVE-2013-1591"}, {"Reference": "CVE-2008-3688", "Description": "Chain: A denial of service may be caused by an uninitialized variable (CWE-457) allowing an infinite loop (CWE-835) resulting from a connection to an unresponsive server.", "Link": "https://www.cve.org/CVERecord?id=CVE-2008-3688"}]}, "Taxonomy_Mappings": {"Taxonomy_Mapping": {"@Taxonomy_Name": "OMG ASCSM", "Entry_ID": "ASCSM-CWE-835"}}, "References": {"Reference": [{"@External_Reference_ID": "REF-62", "@Section": "Chapter 7, \"Looping Constructs\", Page 327"}, {"@External_Reference_ID": "REF-962", "@Section": "ASCSM-CWE-835"}]}, "Mapping_Notes": {"Usage": "Allowed", "Rationale": "This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.", "Comments": "Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.", "Reasons": {"Reason": {"@Type": "Acceptable-Use"}}}, "Content_History": {"Submission": {"Submission_Name": "CWE Content Team", "Submission_Organization": "MITRE", "Submission_Date": "2011-03-22", "Submission_Version": "1.12", "Submission_ReleaseDate": "2011-03-30"}, "Modification": [{"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2011-06-01", "Modification_Version": "1.13", "Modification_ReleaseDate": "2011-06-01", "Modification_Comment": "updated Common_Consequences, Relationships, Taxonomy_Mappings"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2012-05-11", "Modification_Version": "2.2", "Modification_ReleaseDate": "2012-05-15", "Modification_Comment": "updated Demonstrative_Examples, References, Relationships, Taxonomy_Mappings"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2017-11-08", "Modification_Version": "3.0", "Modification_ReleaseDate": "2017-11-08", "Modification_Comment": "updated Demonstrative_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2019-01-03", "Modification_Version": "3.2", "Modification_ReleaseDate": "2019-01-03", "Modification_Comment": "updated References, Relationships, Taxonomy_Mappings"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2019-06-20", "Modification_Version": "3.3", "Modification_ReleaseDate": "2019-06-20", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2020-02-24", "Modification_Version": "4.0", "Modification_ReleaseDate": "2020-02-24", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2020-08-20", "Modification_Version": "4.2", "Modification_ReleaseDate": "2020-08-20", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2020-12-10", "Modification_Version": "4.3", "Modification_ReleaseDate": "2020-12-10", "Modification_Comment": "updated Observed_Examples, Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2021-03-15", "Modification_Version": "4.4", "Modification_ReleaseDate": "2021-03-15", "Modification_Comment": "updated Observed_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2021-07-20", "Modification_Version": "4.5", "Modification_ReleaseDate": "2021-07-20", "Modification_Comment": "updated Observed_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-01-31", "Modification_Version": "4.10", "Modification_ReleaseDate": "2023-01-31", "Modification_Comment": "updated Description, Observed_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-04-27", "Modification_Version": "4.11", "Modification_ReleaseDate": "2023-04-27", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-06-29", "Modification_Version": "4.12", "Modification_ReleaseDate": "2023-06-29", "Modification_Comment": "updated Mapping_Notes"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-10-26", "Modification_Version": "4.13", "Modification_ReleaseDate": "2023-10-26", "Modification_Comment": "updated Observed_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2024-02-29", "Modification_Version": "4.14", "Modification_ReleaseDate": "2024-02-29", "Modification_Comment": "updated Demonstrative_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2024-11-19", "Modification_Version": "4.16", "Modification_ReleaseDate": "2024-11-19", "Modification_Comment": "updated Description, Diagram"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2025-12-11", "Modification_Version": "4.19", "Modification_ReleaseDate": "2025-12-11", "Modification_Comment": "updated Applicable_Platforms, Detection_Factors, Time_of_Introduction, Weakness_Ordinalities"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2026-04-30", "Modification_Version": "4.20", "Modification_ReleaseDate": "2026-04-30", "Modification_Comment": "updated Observed_Examples"}], "Contribution": {"@Type": "Content", "Contribution_Name": "Abhi Balakrishnan", "Contribution_Date": "2024-09-29", "Contribution_Version": "4.16", "Contribution_ReleaseDate": "2024-11-19", "Contribution_Comment": "Contributed usability diagram concepts used by the CWE team"}}}
