The C Language facilities setjmp() and longjmp() can be used as a poor attempt to simulate the throwing and catching of exceptions, but they are very low-level facilities, and using them can bypass proper resource management and the proper calling of destructors.
Using setjmp() and longjmp() could lead to a denial-of-service attack.
Component |
Value |
|---|---|
Severity |
1 (low) |
Likelihood |
2 (probable) |
Remediation cost |
2 (medium) |
setjmp() and longjmp().