Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

EXC00-J. Do not suppress or ignore checked exceptions

EXC01-J. Use a class dedicated to reporting exceptions

EXC02-J. Use exceptions only for exceptional conditions

EXC03-J. Use a logging API to log critical security exceptions

EXC04-J. Do not exit abruptly from a finally block

EXC05-J. Handle checked exceptions that can be thrown within a finally block

EXC06-J. Do not allow exceptions to transmit sensitive information

EXC02EXC07-J. Prevent exceptions while logging data

EXC03EXC08-J. Try to gracefully recover from system errors

EXC04EXC09-J. Prevent against inadvertent calls to System.exit() or forced shutdown

EXC05EXC10-J. Use a class dedicated to reporting exceptions EXC06-J. Do not let code throw undeclared checked exceptions

EXC07EXC11-J. Restore prior object state on method failure

EXC08-J. Use a logging API to log critical security exceptions

EXC09EXC12-J. Do not catch NullPointerException

EXC02-J. Use exceptions only for exceptional conditions

EXC30-J. Do not exit abruptly from a finally block

EXC31-J. Handle checked exceptions that can be thrown within a finally block

allow unsanitized user input to be logged

EXC13-J. Throw EXC32-J. Catch specific exceptions as opposed to the more general RuntimeException or Exception

EXC33EXC14-J. Throw Catch specific exceptions as opposed to the more general RuntimeException or Exception

EXC34EXC15-J. Do not allow unsanitized user input to be loggedcatch NullPointerException

Risk Assessment Summary

Recommendations

...