Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-478 (在Switch语句中缺失缺省条件) — Vulnerability Class 1

1 vulnerabilities classified as CWE-478 (在Switch语句中缺失缺省条件). AI Chinese analysis included.

CWE-478 represents a logic error weakness occurring when a multiple-condition expression, such as a switch statement, lacks a default case to handle unanticipated input values. This omission typically leads to undefined behavior or silent failures, as the program proceeds with uninitialized or incorrect state data rather than explicitly managing unexpected scenarios. Attackers rarely exploit this directly as a vulnerability but may trigger it to cause denial of service or induce logical errors that facilitate further attacks, such as privilege escalation or data corruption. Developers prevent this weakness by ensuring comprehensive input validation and always including a default case in conditional structures. This practice guarantees that all possible execution paths are accounted for, forcing the application to handle unexpected inputs gracefully and maintain system integrity under unforeseen conditions.

MITRE CWE Description
The code does not have a default case in an expression with multiple conditions, such as a switch statement. If a multiple-condition expression (such as a switch in C) omits the default case but does not consider or handle all possible values that could occur, then this might lead to complex logical errors and resultant weaknesses. Because of this, further decisions are made based on poor information, and cascading failure results. This cascading failure may result in any number of security issues, and constitutes a significant failure in the system.
Common Consequences (1)
IntegrityVaries by Context, Alter Execution Logic
Depending on the logical circumstances involved, any consequences may result: e.g., issues of confidentiality, authentication, authorization, availability, integrity, accountability, or non-repudiation.
Mitigations (1)
ImplementationEnsure that there are no cases unaccounted for when adjusting program flow or values based on the value of a given variable. In the case of switch style statements, the very simple act of creating a default case can, if done correctly, mitigate this situation. Often however, the default case is used simply to represent an assumed option, as opposed to working as a check for invalid input. This is …
Examples (2)
The following does not properly check the return code in the case where the security_check function returns a -1 value when an error occurs. If an attacker can supply data that will invoke an error, the attacker can bypass the security check:
#define FAILED 0 #define PASSED 1 int result; ... result = security_check(data); switch (result) { case FAILED: printf("Security check failed!\n"); exit(-1); //Break never reached because of exit() break; case PASSED: printf("Security check passed.\n"); break; } // program execution continues... ...
Bad · C
#define FAILED 0 #define PASSED 1 int result; ... result = security_check(data); switch (result) { case FAILED: printf("Security check failed!\n"); exit(-1); //Break never reached because of exit() break; case PASSED: printf("Security check passed.\n"); break; default: printf("Unknown error (%d), exiting...\n",result); exit(-1); }
Good · C
In the following Java example the method getInterestRate retrieves the interest rate for the number of points for a mortgage. The number of points is provided within the input parameter and a switch statement will set the interest rate value to be returned based on the number of points.
public static final String INTEREST_RATE_AT_ZERO_POINTS = "5.00"; public static final String INTEREST_RATE_AT_ONE_POINTS = "4.75"; public static final String INTEREST_RATE_AT_TWO_POINTS = "4.50"; ... public BigDecimal getInterestRate(int points) { BigDecimal result = new BigDecimal(INTEREST_RATE_AT_ZERO_POINTS); switch (points) { case 0: result = new BigDecimal(INTEREST_RATE_AT_ZERO_POINTS); break; case 1: result = new BigDecimal(INTEREST_RATE_AT_ONE_POINTS); break; case 2: result = new BigDecimal(INTEREST_RATE_AT_TWO_POINTS); break; } return result; }
Bad · Java
public static final String INTEREST_RATE_AT_ZERO_POINTS = "5.00"; public static final String INTEREST_RATE_AT_ONE_POINTS = "4.75"; public static final String INTEREST_RATE_AT_TWO_POINTS = "4.50"; ... public BigDecimal getInterestRate(int points) { BigDecimal result = new BigDecimal(INTEREST_RATE_AT_ZERO_POINTS); switch (points) { case 0: result = new BigDecimal(INTEREST_RATE_AT_ZERO_POINTS); break; case 1: result = new BigDecimal(INTEREST_RATE_AT_ONE_POINTS); break; case 2: result = new BigDecimal(INTEREST_RATE_AT_TWO_POINTS); break; default: System.err.println("Invalid value for points, must
Good · Java
CVE IDTitleCVSSSeverityPublished
CVE-2026-33064 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference — free5gc 7.5 -2026-03-20

Vulnerabilities classified as CWE-478 (在Switch语句中缺失缺省条件) represent 1 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.