CWE-464

Addition of Data Structure Sentinel

The accidental addition of a data-structure sentinel can cause serious programming logic problems.

Mitigation

Phases: Implementation, Architecture and Design

Description:

  • Encapsulate the user from interacting with data sentinels. Validate user input to verify that sentinels are not present.
Mitigation

Phase: Implementation

Description:

  • Proper error checking can reduce the risk of inadvertently introducing sentinel values into data. For example, if a parsing function fails or encounters an error, it might return a value that is the same as the sentinel.
Mitigation

Phase: Architecture and Design

Description:

  • Use an abstraction library to abstract away risky APIs. This is not a complete solution.
Mitigation

Phase: Operation

Description:

  • Use OS-level preventative functionality. This is not a complete solution.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page