logo

CWE-228 - Improper Handling of Syntactically Invalid Structure

  • Abstraction:Class
  • Structure:Simple
  • Status:Incomplete
  • Release Date:2006-07-19
  • Latest Modification Date:2024-02-29

Weakness Name

Improper Handling of Syntactically Invalid Structure

Description

The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.

Common Consequences

Scope: Integrity, Availability

Impact: Unexpected State, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU)

Notes: If an input is syntactically invalid, then processing the input could place the system in an unexpected state that could lead to a crash, consume available system resources or other unintended behaviors.

Related Weaknesses

CWE-703Improper Check or Handling of Exceptional Conditions

CWE-707Improper Neutralization