CWE Glossary
- CWE-22: Path Traversal
- CWE-78: OS Command Injection
- CWE-79: Cross-Site Scripting
- CWE-89: SQL Injection
- CWE-90: LDAP Injection
- CWE-91: XML Injection
- CWE-94: Code Injection
- CWE-98: PHP File Inclusion
- CWE-113: HTTP Response Splitting
- CWE-119: Buffer Errors
- CWE-130: Improper Handling of Length Parameter Inconsistency
- CWE-193: Off-by-one Error
- CWE-200: Information Exposure
- CWE-211: Information Exposure Through Externally-Generated Error Message
- CWE-236: Improper Handling of Undefined Parameters
- CWE-276: Incorrect Default Permissions
- CWE-284: Improper Access Control
- CWE-285: Improper Authorization
- CWE-287: Improper Authentication
- CWE-297: Improper Validation of Certificate with Host Mismatch
- CWE-306: Missing Authentication for Critical Function
- CWE-312: Cleartext Storage of Sensitive Information
- CWE-345: Insufficient Verification of Data Authenticity
- CWE-352: Cross-Site Request Forgery
- CWE-384: Session Fixation
- CWE-427: Uncontrolled Search Path Element
- CWE-434: Unrestricted Upload of File with Dangerous Type
- CWE-476: NULL Pointer Dereference
- CWE-521: Weak Password Requirements
- CWE-601: Open Redirect
- CWE-611: Improper Restriction of XML External Entity Reference ('XXE')
- CWE-613: Insufficient Session Expiration
- CWE-618: Exposed Unsafe ActiveX Method
- CWE-671: Lack of Administrator Control over Security
- CWE-798: Use of Hard-coded Credentials
- CWE-799: Improper Control of Interaction Frequency
- CWE-822: Untrusted Pointer Dereference
- CWE-835: Infinite Loop
- CWE-918: Server-Side Request Forgery (SSRF)
- CWE-942: Overly Permissive Cross-domain Whitelist
CWE is a trademark of the MITRE Corporation.
Join our subscribers
Infinite loop [CWE-835]
Infinite loop weakness describes a case when a loop cannot reach an exit condition.
![Infinite Loop [CWE-835]](/images/vulnerability/previews/infinite-loop-cwe-835.jpg "Infinite Loop [CWE-835]")
Created: September 11, 2012
Latest Update: December 15, 2020
Table of Content
- Description
- Potential impact
- Attack patterns
- Affected software
- Mitigations
- References
- Infinite Loop Vulnerabilities, Exploits and Examples
Want to have an in-depth understanding of all modern aspects of Infinite loop [CWE-835]? Read carefully this article and bookmark it to get back later, we regularly update this page.
1. Description
This weakness describes a logic error within the application, which results in an endless loop. The weakness occurs where an application contains iteration or loop with exit conditions that cannot be reached.
The following example in C++ demonstrates the endless loop:
- // Infinite loop [CWE-835] vulnerable code example
- // (c) HTB Research
- #include "StdAfx.h"
- #include <stdio.h>
- int main(int argc, char **argv[]) {
- int i = 0;
- while (i < 10){
- if(i == 5){
- printf("i equals 5\n");
- }
- else {
- i++;
- }
- }
- return 0;
- }
The above example contains a logic error. If the condition "i==5" is true then the program outputs a string "i equals 5", otherwise it will increment "i" by 1. However, when "i" equals 5 it is true for any future iterations and this is where the infinite loop occurs.
2. Potential impact
An attacker can make the application consume all available CPU, memory resources or disk space, cause application hang or system crash.
3. Attack patterns
There are no attack patterns for this specific type of weakness.
4. Affected software
Any software that uses loops or iterations can contain logic errors that are subject to this weakness. There are no limitations based on programming language or platform.
5. Mitigations
There are no particular mitigations for the weakness. To reduce the possible impact, application should run with limited system resources, if possible. Avoid creating loops where number of iterations is based on user input, or introduce additional counters to exit such loops.
6. References
- CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') [cwe.mitre.org]
- Infinite loop [wikipedia.org]
7. Latest HTB Security Advisories with CWE-835
Copyright Disclaimer: Any above-mentioned content can be copied and used for non-commercial purposes only if proper credit to ImmuniWeb is given.
↑ Back to Top
