Description
The software does not use a standardized method for handling errors throughout the code, which might introduce inconsistent error handling and resultant weaknesses.
If the application handles error messages individually, on a one-by-one basis, this is likely to result in inconsistent error handling. The causes of errors may be lost. Also, detailed information about the causes of an error may be unintentionally returned to the user.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Integrity, Other: Quality Degradation, Unexpected State, Varies by Context
Potential Mitigations
Phase: Architecture and Design
Description:
define a strategy for handling errors of different severities, such as fatal errors versus basic log events. Use or create built-in language features, or an external package, that provides an easy-to-use API and define coding standards for the detection and handling of errors.