| ||
Many security risks are possible when programmers fail to handle an error condition correctly. Sometimes a program can end up in an insecure state, but more often the result is a denial of service issue as the application simply dies. This problem is significant in even modern languages, such as C# and Java, where the failure to handle an exception, rather than a return value, usually results in program termination.
The unfortunate reality is that any reliability problem in a program that leads to the program crashing, aborting, or restarting is a denial of service issue, and therefore can be a security problem, especially for server code.
A common source of errors is sample code that has been copied and pasted. Often sample code leaves out error return checking to make the code more readable.