
...
Code Block | ||
---|---|---|
| ||
try { FileInputStream fis = new FileInputStream(System.getenv("APPDATA") + args[0]); } catch (FileNotFoundException e) { // Log the exception throw new RuntimeException("Unable to retrieve file", e); } |
Compliant Solution (forward to dedicated handler or reporter)
The exception must be caught while taking special care to sanitize the message before propagating it to the caller. In cases where the exception type itself can reveal too much information, consider throwing a different exception altogether (with a different message, or possibly a higher level exception, referred to as exception translation). The MyExceptionReporter
class described in EXC01-J. Use a class dedicated to reporting exceptions is a good choice, as this compliant solution exemplifies.
...