CWE-464
AllowedAddition of Data Structure Sentinel
Abstraction: Base · Status: Incomplete
The accidental addition of a data-structure sentinel can cause serious programming logic problems.
0 vulnerabilities reference this CWE, most recent first.
No vulnerabilities reference this CWE.
Mitigation
Encapsulate the user from interacting with data sentinels. Validate user input to verify that sentinels are not present.
Mitigation
Proper error checking can reduce the risk of inadvertently introducing sentinel values into data. For example, if a parsing function fails or encounters an error, it might return a value that is the same as the sentinel.
Mitigation
Use an abstraction library to abstract away risky APIs. This is not a complete solution.
Mitigation
Use OS-level preventative functionality. This is not a complete solution.
No CAPEC attack patterns related to this CWE.