Missing Default Case in Switch Statement
Description
The code does not have a default case in a switch statement, which can lead to unexpected behavior if an unhandled condition occurs.
Examples
Insecure Code
c
switch (x) { case 1: break; }Secure Code
c
switch (x) { case 1: break; default: break; }Remediation
Add a default case to the switch statement to handle unexpected conditions.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0512 |
| Category | Generic |
| Severity | LOW |
| CWE | CWE-478 |
| Confidence | LOW |
| Impact | LOW |
| Likelihood | MEDIUM |
| Exploitability | COMPLEX |
| Tags | |
| OWASP | N/A |
References
- https://github.com/struct/mms
- https://cwe.mitre.org/data/definitions/478
- https://github.com/returntocorp/semgrep/issues/4939
- https://g.co/kgs/PCHQjJ