SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 75

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 76

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Methods must not throw RuntimeException or Exception. Handling these exceptions requires catching RuntimeException, which is disallowed by rule ERR14-J. Do not catch NullPointerException or any of its ancestors. Moreover, throwing a RuntimeException can lead to subtle errors, ; for example, a caller cannot examine the exception to determine why it was thrown , and consequently cannot attempt recovery.

...

A calling method must also violate rule ERR14-J. Do not catch NullPointerException or any of its ancestors to determine if the https://www.securecoding.cert.org/confluence/pages/editpage.action?pageId=24608774RuntimeExceptionImage Removed RuntimeException was thrown.

Compliant Solution

...

Note that the null check is redundant; if it were removed, the next call (s.equals("")) will throw a NullPointerException when s is null. However, the explicit null check is a good form , because it explicitly indicates the programmer's intent. More complex code may require explicit testing of invariants and appropriate throw statements.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="8e0f8dd1ec7edc72-c5f869fe-4ca94ef7-b5fd9b39-c25f8df8f1cbee469c57c9e0"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID -397

http://cwe.mitre.org/data/definitions/397.html] "Declaration of Throws for Generic Exception"

]]></ac:plain-text-body></ac:structured-macro>

 

CWE ID -537 "Information Exposure Through Java Runtime Error Message"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="27f8571e846ea4d1-a31ab9a4-4de64c20-8d62ba02-b560e3f61df56853c54e9ad5"><ac:plain-text-body><![CDATA[

[[Goetz 2004b

AA. Bibliography#Goetz 04b]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="abaaeac76222fc29-d5303a6d-451f4d3a-9d099270-2ac33cbe418e5bab123a1da0"><ac:plain-text-body><![CDATA[

[[Tutorials 2008

AA. Bibliography#Tutorials 08]]

[Unchecked Exceptions — The Controversy

http://java.sun.com/docs/books/tutorial/essential/exceptions/runtime.html]

]]></ac:plain-text-body></ac:structured-macro>

...