Missing default case in switch statement

c.miscellaneous.missing_default_in_switch

Severity

low

Resource

Miscellaneous

Language

C / C++

Description

The code does not have a default case in an expression with multiple conditions, such as a switch statement.

Rationale

The code does not have a default case in an expression with multiple conditions, such as a switch statement.

The following code illustrates a vulnerable pattern detected by this rule:

int result = security_check(data);

// VULNERABLE: Missing default case in switch statement
switch (result)
{
case FAIL:
	printf("Security check failed!\n");
	exit(1);
	break;
case PASS:
	printf("Security check passed.\n");
	break;
}

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References

CWE-478
https://g.co/kgs/PCHQjJ
https://github.com/struct/mms
CERTC-MSC01-C