{"@ID": "834", "@Name": "Excessive Iteration", "@Abstraction": "Class", "@Structure": "Simple", "@Status": "Incomplete", "Description": "The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.", "Extended_Description": "If the iteration can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory. In many cases, a loop does not need to be infinite in order to cause enough resource consumption to adversely affect the product or its host system; it depends on the amount of resources consumed per iteration.", "Related_Weaknesses": {"Related_Weakness": {"@Nature": "ChildOf", "@CWE_ID": "691", "@View_ID": "1000", "@Ordinal": "Primary"}}, "Weakness_Ordinalities": {"Weakness_Ordinality": [{"Ordinality": "Primary"}, {"Ordinality": "Resultant"}]}, "Applicable_Platforms": {"Language": {"@Class": "Not Language-Specific", "@Prevalence": "Undetermined"}, "Technology": {"@Class": "Not Technology-Specific", "@Prevalence": "Undetermined"}}, "Modes_Of_Introduction": {"Introduction": {"Phase": "Implementation"}}, "Common_Consequences": {"Consequence": {"Scope": "Availability", "Impact": ["DoS: Resource Consumption (CPU)", "DoS: Resource Consumption (Memory)", "DoS: Amplification", "DoS: Crash, Exit, or Restart"], "Note": "Excessive looping will cause unexpected consumption of resources, such as CPU cycles or memory. The product's operation may slow down, or cause a long time to respond. If limited resources such as memory are consumed for each iteration, the loop may eventually cause a crash or program exit due to exhaustion of resources, such as an out-of-memory error."}}, "Detection_Methods": {"Detection_Method": [{"Method": "Dynamic Analysis with Manual Results Interpretation", "Description": {"xhtml:p": "According to SOAR [REF-1479], the following detection techniques may be useful:", "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": "Cost effective for partial coverage:", "xhtml:ul": {"xhtml:li": ["Fuzz Tester", "Framework-based Fuzzer", "Forced Path Execution"]}}}, "Effectiveness": "SOAR Partial"}, {"Method": "Manual Static Analysis - Source Code", "Description": {"xhtml:p": "According to SOAR [REF-1479], the following detection techniques may be useful:", "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": "Cost effective for partial coverage:", "xhtml:ul": {"xhtml:li": ["Focused Manual Spotcheck - Focused manual analysis of source", "Manual Source Code Review (not inspections)"]}}}, "Effectiveness": "SOAR Partial"}, {"Method": "Automated Static Analysis - Source Code", "Description": {"xhtml:p": "According to SOAR [REF-1479], the following detection techniques may be useful:", "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": "Highly cost effective:", "xhtml:ul": {"xhtml:li": "Context-configured Source Code Weakness Analyzer"}}}, "Effectiveness": "High"}, {"Method": "Architecture or Design Review", "Description": {"xhtml:p": "According to SOAR [REF-1479], the following detection techniques may be useful:", "xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": "Highly cost effective:", "xhtml:ul": {"xhtml:li": "Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.)"}}}, "Effectiveness": "High"}]}, "Demonstrative_Examples": {"Demonstrative_Example": [{"@Demonstrative_Example_ID": "DX-204", "Intro_Text": "In this example a mistake exists in the code where the exit condition contained in flg is never called. This results in the function calling itself over and over again until the stack is exhausted.", "Example_Code": [{"@Nature": "Bad", "@Language": "C", "xhtml:br": [null, null, null, null], "xhtml:div": {"@style": "margin-left:1em;", "xhtml:br": [null, null], "#text": "... // Do some real work here, but the value of flg is unmodified\n\t\t if (flg) { do_something_recursive (flg); }    // flg is never modified so it is always TRUE - this call will continue until the stack explodes"}, "#text": "void do_something_recursive (int flg)\n\t       {\n\t       \n\t       }\n\t       int flag = 1; // Set to TRUE\n\t       do_something_recursive (flag);"}, {"@Nature": "Good", "@Language": "C", "xhtml:br": [null, null, null, null, null], "xhtml:div": {"@style": "margin-left:1em;", "xhtml:br": [null, null, null], "#text": "... // Do some real work here\n\t\t // Modify value of flg on done condition\n\t\t if (flg) { do_something_recursive (flg); }    // returns when flg changes to 0"}, "#text": "void do_something_recursive (int flg)\n\t       {\n\t       \n\t       }\n\t       int flag = 1; // Set to TRUE\n\t       do_something_recursive (flag);"}], "Body_Text": "Note that the only difference between the Good and Bad examples is that the recursion flag will change value and cause the recursive call to return."}, {"@Demonstrative_Example_ID": "DX-205", "Intro_Text": "For this example, the method isReorderNeeded is part of a bookstore application that determines if a particular book needs to be reordered based on the current inventory count and the rate at which the book is being sold.", "Example_Code": [{"@Nature": "Bad", "@Language": "Java", "xhtml:div": {"xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null], "xhtml:i": ["// get inventory count for book", "// find number of days until inventory count reaches minimum", "// if number of days within reorder timeframe", "// set reorder return boolean to true"], "xhtml:div": [{"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null], "#text": "inventoryCount = inventoryCount - rateSold;days++;"}}, {"@style": "margin-left:1em;", "#text": "isReorder = true;"}], "#text": "boolean isReorder = false;\n                 int minimumCount = 10;int days = 0;\n                 \n                 \n                 int inventoryCount = inventory.getIventoryCount(bookISBN);\n                 \n                 \n                 while (inventoryCount > minimumCount) {}\n                 \n                 \n                 \n                 \n                 \n                 if (days > 0 && days < 5) {}\n               return isReorder;"}}, "#text": "public boolean isReorderNeeded(String bookISBN, int rateSold) {}"}}, {"@Nature": "Good", "@Language": "Java", "xhtml:div": {"xhtml:div": {"@style": "margin-left:1em;", "xhtml:div": {"xhtml:br": [null, null, null, null, null], "xhtml:i": "// validate rateSold variable", "xhtml:div": {"@style": "margin-left:1em;", "#text": "return isReorder;"}, "#text": "...\n               \n               \n               if (rateSold < 1) {}\n               ..."}}, "#text": "public boolean isReorderNeeded(String bookISBN, int rateSold) {}"}}], "Body_Text": "However, the while loop will become an infinite loop if the rateSold input parameter has a value of zero since the inventoryCount will never fall below the minimumCount. In this case the input parameter should be validated to ensure that a value of zero does not cause an infinite loop, as in the following code."}]}, "Observed_Examples": {"Observed_Example": [{"Reference": "CVE-2011-1027", "Description": "Chain: off-by-one error (CWE-193) leads to infinite loop (CWE-835) using invalid hex-encoded characters.", "Link": "https://www.cve.org/CVERecord?id=CVE-2011-1027"}, {"Reference": "CVE-2006-6499", "Description": "Chain: web browser crashes due to infinite loop - \"bad\n\t      looping logic [that relies on] floating point math [CWE-1339] to exit\n\t      the loop [CWE-835]\"", "Link": "https://www.cve.org/CVERecord?id=CVE-2006-6499"}]}, "References": {"Reference": [{"@External_Reference_ID": "REF-62", "@Section": "Chapter 7, \"Looping Constructs\", Page 327"}, {"@External_Reference_ID": "REF-1479"}]}, "Mapping_Notes": {"Usage": "Discouraged", "Rationale": "This CWE entry is a level-1 Class (i.e., a child of a Pillar). It might have lower-level children that would be more appropriate", "Comments": "Examine children of this entry to see if there is a better fit", "Reasons": {"Reason": {"@Type": "Abstraction"}}}, "Content_History": {"Submission": {"Submission_Name": "CWE Content Team", "Submission_Organization": "MITRE", "Submission_Date": "2011-03-22", "Submission_Version": "1.12", "Submission_ReleaseDate": "2011-03-30"}, "Modification": [{"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2011-06-01", "Modification_Version": "1.13", "Modification_ReleaseDate": "2011-06-01", "Modification_Comment": "updated Common_Consequences, Relationships, Taxonomy_Mappings"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2012-05-11", "Modification_Version": "2.2", "Modification_ReleaseDate": "2012-05-15", "Modification_Comment": "updated References, Relationships, Taxonomy_Mappings"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2014-07-30", "Modification_Version": "2.8", "Modification_ReleaseDate": "2014-07-31", "Modification_Comment": "updated Detection_Factors"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2017-11-08", "Modification_Version": "3.0", "Modification_ReleaseDate": "2017-11-08", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2019-06-20", "Modification_Version": "3.3", "Modification_ReleaseDate": "2019-06-20", "Modification_Comment": "updated Relationships, Type"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2020-02-24", "Modification_Version": "4.0", "Modification_ReleaseDate": "2020-02-24", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2020-12-10", "Modification_Version": "4.3", "Modification_ReleaseDate": "2020-12-10", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2021-07-20", "Modification_Version": "4.5", "Modification_ReleaseDate": "2021-07-20", "Modification_Comment": "updated Observed_Examples, Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-01-31", "Modification_Version": "4.10", "Modification_ReleaseDate": "2023-01-31", "Modification_Comment": "updated Common_Consequences, Description, Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-04-27", "Modification_Version": "4.11", "Modification_ReleaseDate": "2023-04-27", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-06-29", "Modification_Version": "4.12", "Modification_ReleaseDate": "2023-06-29", "Modification_Comment": "updated Mapping_Notes"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-10-26", "Modification_Version": "4.13", "Modification_ReleaseDate": "2023-10-26", "Modification_Comment": "updated Observed_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2024-02-29", "Modification_Version": "4.14", "Modification_ReleaseDate": "2024-02-29", "Modification_Comment": "updated Demonstrative_Examples, Mapping_Notes"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2025-09-09", "Modification_Version": "4.18", "Modification_ReleaseDate": "2025-09-09", "Modification_Comment": "updated Detection_Factors, References"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2025-12-11", "Modification_Version": "4.19", "Modification_ReleaseDate": "2025-12-11", "Modification_Comment": "updated Applicable_Platforms, Time_of_Introduction, Weakness_Ordinalities"}]}}
