ID: py/empty-except Kind: problem Security severity: Severity: recommendation Precision: high Tags: - reliability - maintainability - external/cwe/cwe-390 Query suites: - python-security-and-quality.qls
Ignoring exceptions that should be dealt with in some way is almost always a bad idea. The loss of information can lead to hard to debug errors and incomplete log files. It is even possible that ignoring an exception can cause a security vulnerability. An empty
except block may be an indication that the programmer intended to handle the exception but never wrote the code to do so.
Ensure all exceptions are handled correctly.
In this example the program keeps running with the same privileges if it fails to drop to lower privileges.
# ... try: security_manager.drop_privileges() except SecurityError: pass # ...
Common Weakness Enumeration: CWE-390.