...
Unchecked exception classes such as Error and its subclasses are not subject to compile time checking as it is tedious to account for all exceptional conditions and recovery is generally difficult. However, most often recovery is not impossible, or at least a graceful exit that logs the error is feasible.
Noncompliant Code Example
This noncompliant code example generates a StackOverflowError as a result of infinite recursion. This exhausts the available stack space and may result in a denial of service.
| Code Block | ||
|---|---|---|
| ||
public class StackOverflow {
public static void main(String[] args) {
infiniteRun();
System.out.println("Continuing...");
}
private static void infiniteRun() {
infiniteRun();
}
}
|
Compliant Solution
This compliant solution shows a try-catch block that can be used to capture java.lang.Error or java.lang.Throwable. A log entry can be made at this point followed by attempts to free key system resources in the finally block.
...
Note that this solution catches Throwable in an attempt to handle the error and is an exception to EXC32-J. Catch specific exceptions as opposed to the more general RuntimeException.
Risk Assessment
Allowing a system error to propagate out of a Java program may result in a denial-of-service attack.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXC03- J | low | unlikely | medium | P2 | L3 |
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
This rule appears in the C++ Secure Coding Standard as ERR30-CPP. Try to recover gracefully from unexpected errors.
References
| Wiki Markup |
|---|
\[[JLS 05|AA. Java References#JLS 05]\] [Section 11.2, Compile-Time Checking of Exceptions|http://java.sun.com/docs/books/jls/third_edition/html/exceptions.html#11.2] \[[Kalinovsky 04|AA. Java References#Kalinovsky 04]\] Chapter 16, Intercepting Control Flow - Intercepting System Errors |
...