How To Prevent An Infinite Loop And Denial Of Service

CWE Glossary Definition

CWE-835: Loop with Unreachable Exit Condition ('Space Loop')

Weakness ID: 835

Abstraction: Base
Structure: Simple

Clarification

The program contains an iteration or loop with an exit condition that cannot be reached, i.due east., an space loop.

Extended Description

If the loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such every bit CPU or memory.

Relationships

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are divers equally ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at college and lower levels of abstraction. In addition, relationships such equally PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.

Relevant to the view "Inquiry Concepts" (CWE-k)

Nature	Type	ID	Name
ChildOf	Form - a weakness that is described in a very abstract fashion, typically independent of any specific linguistic communication or technology. More than specific than a Pillar Weakness, but more full general than a Base Weakness. Class level weaknesses typically draw problems in terms of 1 or 2 of the following dimensions: behavior, property, and resource.	834	Excessive Iteration
CanFollow	Base - a weakness that is still more often than not independent of a resource or engineering, only with sufficient details to provide specific methods for detection and prevention. Base level weaknesses typically describe issues in terms of 2 or iii of the post-obit dimensions: behavior, property, technology, language, and resource.	1322	Employ of Blocking Lawmaking in Single-threaded, Non-blocking Context

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are divers as ChildOf, ParentOf, MemberOf and give insight to like items that may be at higher and lower levels of brainchild. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.

Relevant to the view "Software Evolution" (CWE-699)

Nature	Type	ID	Name
MemberOf	Category - a CWE entry that contains a prepare of other entries that share a mutual characteristic.	438	Behavioral Issues

This table shows the weaknesses and loftier level categories that are related to this weakness. These relationships are defined as ChildOf, ParentOf, MemberOf and requite insight to similar items that may exist at college and lower levels of abstraction. In improver, relationships such as PeerOf and CanAlsoBe are divers to show similar weaknesses that the user may want to explore.

Relevant to the view "Weaknesses for Simplified Mapping of Published Vulnerabilities" (CWE-1003)

Nature	Type	ID	Name
ChildOf	Class - a weakness that is described in a very abstract fashion, typically contained of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically draw issues in terms of 1 or 2 of the following dimensions: beliefs, property, and resources.	834	Excessive Iteration

Applicable Platforms

This listing shows possible areas for which the given weakness could appear. These may be for specific named Languages, Operating Systems, Architectures, Paradigms, Technologies, or a class of such platforms. The platform is listed along with how frequently the given weakness appears for that example.

Languages

Class: Linguistic communication-Independent (Undetermined Prevalence)

Common Consequences

This table specifies dissimilar individual consequences associated with the weakness. The Telescopic identifies the application security area that is violated, while the Affect describes the negative technical affect that arises if an adversary succeeds in exploiting this weakness. The Likelihood provides information nearly how likely the specific issue is expected to be seen relative to the other consequences in the listing. For example, at that place may exist high likelihood that a weakness will be exploited to achieve a certain impact, but a low likelihood that it will be exploited to reach a different touch on.

Scope	Impact	Likelihood
Availability	Technical Bear on: DoS: Resource Consumption (CPU); DoS: Resource Consumption (Retentivity); DoS: Distension An infinite loop volition cause unexpected consumption of resource, such as CPU cycles or memory. The software's operation may slow downwards, or cause a long time to respond.

Demonstrative Examples

Example ane

In the following code the method processMessagesFromServer attempts to establish a connection to a server and read and process messages from the server. The method uses a do/while loop to continue trying to establish the connection to the server when an effort fails.

(bad code)

Example Linguistic communication: C

int processMessagesFromServer(char *hostaddr, int port) {

...
int servsock;
int connected;
struct sockaddr_in servaddr;

// create socket to connect to server
servsock = socket( AF_INET, SOCK_STREAM, 0);
memset( &servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(port);
servaddr.sin_addr.s_addr = inet_addr(hostaddr);

do {

// establish connection to server
connected = connect(servsock, (struct sockaddr *)&servaddr, sizeof(servaddr));

// if continued then read and procedure messages from server
if (connected > -1) {

// read and process messages
...

}

// proceed trying to establish connectedness to the server
} while (connected < 0);

// close socket and return success or failure
...

}

All the same, this will create an infinite loop if the server does not respond. This infinite loop will consume organization resource and tin be used to create a deprival of service attack. To resolve this a counter should be used to limit the number of attempts to establish a connection to the server, as in the following code.

(good lawmaking)

Example Linguistic communication: C

int processMessagesFromServer(char *hostaddr, int port) {

...
// initialize number of attempts counter
int count = 0;
do {

// found connectedness to server
connected = connect(servsock, (struct sockaddr *)&servaddr, sizeof(servaddr));

// increment counter
count++;

// if continued and then read and process messages from server
if (connected > -1) {

// read and process messages
...

}

// proceed trying to establish connection to the server

// up to a maximum number of attempts
} while (connected < 0 && count < MAX_ATTEMPTS);

// close socket and return success or failure
...

}

Instance 2

For this example the method isReorderNeeded every bit part of a bookstore application that determines if a particular book needs to be reordered based on the current inventory count and the rate at which the volume is being sold.

(bad code)

Example Language: Coffee

public boolean isReorderNeeded(Cord bookISBN, int rateSold) {

boolean isReorder = false;

int minimumCount = 10;
int days = 0;

// get inventory count for book
int inventoryCount = inventory.getIventoryCount(bookISBN);

// find number of days until inventory count reaches minimum
while (inventoryCount > minimumCount) {

inventoryCount = inventoryCount - rateSold;
days++;

}

// if number of days inside reorder timeframe

// set up reorder render boolean to true
if (days > 0 && days < 5) {

isReorder = truthful;

}

return isReorder;

}

Yet, the while loop will become an space loop if the rateSold input parameter has a value of zero since the inventoryCount volition never fall beneath the minimumCount. In this case the input parameter should exist validated to ensure that a value of zero does not crusade an infinite loop,as in the post-obit code.

(proficient code)

Case Language: Java

public boolean isReorderNeeded(String bookISBN, int rateSold) {

...

// validate rateSold variable
if (rateSold < 1) {

return isReorder;

}

...

}

Observed Examples

Reference	Clarification
CVE-2011-1027	Chain: off-by-ane fault leads to infinite loop using invalid hex-encoded characters.
CVE-2011-1142	Concatenation: cocky-referential values in recursive definitions lead to infinite loop.
CVE-2011-1002	Nothing UDP packet is never cleared from a queue, leading to infinite loop.
CVE-2006-6499	Chain: web browser crashes due to infinite loop - "bad looping logic [that relies on] floating point math [CWE-1339] to exit the loop [CWE-835]"
CVE-2010-4476	Floating point conversion routine cycles back and forth between two different values.
CVE-2010-4645	Floating point conversion routine cycles dorsum and forth between two different values.
CVE-2010-2534	Chain: improperly immigration a arrow in a linked listing leads to infinite loop.
CVE-2013-1591	Chain: an integer overflow (CWE-190) in the prototype size calculation causes an space loop (CWE-835) which sequentially allocates buffers without limits (CWE-1325) until the stack is full.
CVE-2008-3688	Concatenation: A denial of service may be caused by an uninitialized variable (CWE-457) allowing an infinite loop (CWE-835) resulting from a connection to an unresponsive server.

Memberships

This MemberOf Relationships tabular array shows additional CWE Categories and Views that reference this weakness as a member. This data is ofttimes useful in understanding where a weakness fits within the context of external information sources.

Taxonomy Mappings

Mapped Taxonomy Name	Node ID	Fit	Mapped Node Proper noun
OMG ASCSM	ASCSM-CWE-835

References

[REF-62] Mark Dowd, John McDonald and Justin Schuh. "The Fine art of Software Security Assessment". Chapter 7, "Looping Constructs", Page 327. 1st Edition. Addison Wesley. 2006.

[REF-962] Object Management Group (OMG). "Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-835. 2016-01. <http://www.omg.org/spec/ASCSM/1.0/>.

Content History

More information is available — Please select a dissimilar filter.

How To Prevent An Infinite Loop And Denial Of Service,

Source: https://cwe.mitre.org/data/definitions/835.html

Posted by: hillmands1954.blogspot.com

Share this post