Improper error handling Low

Improper error handling can enable attacks and lead to unwanted behavior. Parts of the system may receive unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution.

Detector ID
python/improper-error-handling@v1.0
Category
Common Weakness Enumeration (CWE) external icon

Noncompliant example

1def error_handling_pass_noncompliant():
2    number = input("Enter number:\n")
3    try:
4        int(number)
5    except Exception:
6        # Noncompliant: has improper error handling.
7        pass

Noncompliant example

1def error_handling_continue_noncompliant():
2    number = input("Enter number:\n")
3    for i in range(10):
4        try:
5            int(number)
6        except Exception:
7            # Noncompliant: has improper error handling.
8            continue

Compliant example

1def error_handling_compliant():
2    number = input("Enter number:\n")
3    try:
4        int(number)
5    except ValueError:
6        # Compliant: has proper error handling.
7        print(number, "is not an integer.")