Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-835 (不可达退出条件的循环(无限循环)) — Vulnerability Class 212

212 vulnerabilities classified as CWE-835 (不可达退出条件的循环(无限循环)). AI Chinese analysis included.

CWE-835 represents a logic error where a software loop lacks a reachable termination condition, resulting in an infinite execution cycle. This weakness typically manifests when developers fail to update loop variables correctly or rely on floating-point comparisons prone to precision errors. Attackers exploit this vulnerability to trigger Denial of Service (DoS) attacks by consuming excessive CPU resources, effectively freezing the application or system. To mitigate this risk, developers must ensure loop counters are properly incremented or decremented within the iteration body. Implementing strict boundary checks, avoiding direct equality comparisons with floating-point numbers, and utilizing static analysis tools can help detect unreachable exit conditions early. Additionally, incorporating timeout mechanisms or maximum iteration limits provides a safety net, ensuring that even if logic errors occur, the process terminates gracefully without exhausting system resources.

MITRE CWE Description
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Common Consequences (1)
AvailabilityDoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Amplification
An infinite loop will cause unexpected consumption of resources, such as CPU cycles or memory. The software's operation may slow down, or cause a long time to respond.
Examples (2)
In the following code the method processMessagesFromServer attempts to establish a connection to a server and read and process messages from the server. The method uses a do/while loop to continue trying to establish the connection to the server when an attempt fails.
int processMessagesFromServer(char *hostaddr, int port) { ... int servsock; int connected; struct sockaddr_in servaddr; // create socket to connect to server servsock = socket( AF_INET, SOCK_STREAM, 0); memset( &servaddr, 0, sizeof(servaddr)); servaddr.sin_family = AF_INET; servaddr.sin_port = htons(port); servaddr.sin_addr.s_addr = inet_addr(hostaddr); do { // establish connection to server connected = connect(servsock, (struct sockaddr *)&servaddr, sizeof(servaddr)); // if connected then read and process messages from server if (connected > -1) { // read and process messages ... } // keep tr
Bad · C
int processMessagesFromServer(char *hostaddr, int port) { ... // initialize number of attempts counter int count = 0; do { // establish connection to server connected = connect(servsock, (struct sockaddr *)&servaddr, sizeof(servaddr)); // increment counter count++; // if connected then read and process messages from server if (connected > -1) { // read and process messages ... } // keep trying to establish connection to the server // up to a maximum number of attempts } while (connected < 0 && count < MAX_ATTEMPTS); // close socket and return success or failure ... }
Good · C
For this example, the method isReorderNeeded is part of a bookstore application that determines if a particular book needs to be reordered based on the current inventory count and the rate at which the book is being sold.
public boolean isReorderNeeded(String bookISBN, int rateSold) { boolean isReorder = false; int minimumCount = 10; int days = 0; // get inventory count for book int inventoryCount = inventory.getIventoryCount(bookISBN); // find number of days until inventory count reaches minimum while (inventoryCount > minimumCount) { inventoryCount = inventoryCount - rateSold; days++; } // if number of days within reorder timeframe // set reorder return boolean to true if (days > 0 && days < 5) { isReorder = true; } return isReorder; }
Bad · Java
public boolean isReorderNeeded(String bookISBN, int rateSold) { ... // validate rateSold variable if (rateSold < 1) { return isReorder; } ... }
Good · Java
CVE IDTitleCVSSSeverityPublished
CVE-2022-25734 Loop with Unreachable Exit Condition in MODEM — Snapdragon 7.5 High2023-02-09
CVE-2023-24808 Denial Of Service when opening a corrupt PDF file in pdfio — pdfio 5.3 Medium2023-02-07
CVE-2022-46285 libXpm 安全漏洞 — libXpm 7.5 -2023-02-07
CVE-2023-23617 OpenMage LTS has DoS vulnerability in MaliciousCode filter — magento-lts 4.9 Medium2023-01-27
CVE-2021-33642 byacc 安全漏洞 — byacc 6.5 -2023-01-20
CVE-2023-20020 Cisco BroadWorks Application 输入验证错误漏洞 — Cisco BroadWorks 8.6 High2023-01-19
CVE-2022-39052 DoS attack using email — OTRS 7.5 High2022-10-17
CVE-2020-14394 QEMU 安全漏洞 — QEMU 6.0 -2022-08-17
CVE-2022-34661 Siemens Teamcenter 命令注入漏洞 — Teamcenter V12.4 9.1 -2022-08-10
CVE-2022-34862 TMM vulnerability CVE-2022-34862 — BIG-IP 7.5 High2022-08-04
CVE-2022-34760 多款Schneider Electric产品安全漏洞 — OPC UA Modicon Communication Module 7.5 High2022-07-13
CVE-2022-29190 Header reconstruction method can be thrown into an infinite loop in Pion DTLS — dtls 7.5 High2022-05-20
CVE-2022-29028 Siemens JT2GO和Siemens Teamcenter Visualization 安全漏洞 — JT2Go 5.5 -2022-05-10
CVE-2022-24792 Potential infinite loop when parsing WAV format file in PJSIP — pjproject 7.5 High2022-04-25
CVE-2022-24859 Manipulated inline images can cause Infinite Loop in PyPDF2 — PyPDF2 6.2 Medium2022-04-18
CVE-2022-21159 Mz Automation Libiec61850 安全漏洞 — libiec61850 7.5 -2022-04-15
CVE-2022-1222 Inf loop in gpac/gpac — gpac/gpac 5.5 -2022-04-04
CVE-2022-24763 Infinite Loop in PJSIP — pjproject 7.5 High2022-03-30
CVE-2021-20257 QEMU 安全漏洞 — QEMU 6.5 -2022-03-16
CVE-2021-3737 SUSE Linux Enterprise Server 代码问题漏洞 — python 7.5 -2022-03-04
CVE-2022-0711 Haproxy HAProxy 安全漏洞 — haproxy 7.5 -2022-03-02
CVE-2022-23641 Denial of Service in Discourse — discourse 6.5 Medium2022-02-15
CVE-2021-20041 SonicWall SMA100安全漏洞 — SonicWall SMA100 7.5 -2021-12-08
CVE-2021-41973 Apache MINA HTTP listener DOS — Apache MINA 6.5 -2021-11-01
CVE-2021-31363 Junos OS and Junos OS Evolved: Receipt of a specific LDP message will cause a Denial of Service — Junos OS 6.5 Medium2021-10-19
CVE-2021-39194 Denial of service while parsing polymorphic input with tagged polymorphism style in kaml — kaml 4.3 Medium2021-09-07
CVE-2021-37714 Crafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions — jsoup 7.5 High2021-08-18
CVE-2021-37686 Infinite loop in TensorFlow Lite — tensorflow 5.5 Medium2021-08-12
CVE-2021-34334 Denial of service due to integer overflow in loop counter — exiv2 5.5 Medium2021-08-09
CVE-2021-37621 Denial of service due to infinite loop in Image::printIFDStructure — exiv2 5.5 Medium2021-08-09

Vulnerabilities classified as CWE-835 (不可达退出条件的循环(无限循环)) represent 212 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.