Version: commit 07c066f
Environment : static analysis tools
Location of vulnerability : REGO_reg_minotor.py:47, 61, 78, 96
Types of vulnerability : try_except_continue
Explanation of vulnerability :
This pattern is considered bad practice in general, but also represents a potential security issue. A larger than normal volume of errors from a service can indicate an attempt is being made to disrupt or interfere with it. Thus errors should, at the very least, be logged.
if we were to catch everything, then—in addition to those exceptions we are prepared to recover from—there is also a chance that we get exceptions that we didn’t expect, and which we indeed cannot recover from; or shouldn’t recover from.
Version: commit 07c066f
Environment : static analysis tools
Location of vulnerability : REGO_reg_minotor.py:47, 61, 78, 96
Types of vulnerability : try_except_continue
Explanation of vulnerability :
This pattern is considered bad practice in general, but also represents a potential security issue. A larger than normal volume of errors from a service can indicate an attempt is being made to disrupt or interfere with it. Thus errors should, at the very least, be logged.
if we were to catch everything, then—in addition to those exceptions we are prepared to recover from—there is also a chance that we get exceptions that we didn’t expect, and which we indeed cannot recover from; or shouldn’t recover from.