Common Weakness Enumeration

CWE-464

Allowed

Addition of Data Structure Sentinel

Abstraction: Base · Status: Incomplete

The accidental addition of a data-structure sentinel can cause serious programming logic problems.

0 vulnerabilities reference this CWE, most recent first.

No vulnerabilities reference this CWE.

Mitigation
Implementation Architecture and Design

Encapsulate the user from interacting with data sentinels. Validate user input to verify that sentinels are not present.

Mitigation
Implementation

Proper error checking can reduce the risk of inadvertently introducing sentinel values into data. For example, if a parsing function fails or encounters an error, it might return a value that is the same as the sentinel.

Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. This is not a complete solution.

Mitigation
Operation

Use OS-level preventative functionality. This is not a complete solution.

No CAPEC attack patterns related to this CWE.