Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

10. Exceptional Behavior (EXC)

Created by Dhruv Mohindra, last modified by David Svoboda on Nov 25, 2008

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Recommendations

EXC00-J. Handle exceptions appropriately

EXC01-J. Do not allow exceptions to transmit sensitive information

EXC02-J. Prevent exceptions while logging data

EXC03-J. Try to recover gracefully from system errors

EXC04-J. Prevent against inadvertent calls to System.exit() or forced shutdown

Rules

EXC30-J. Do not exit abruptly from a finally block

EXC31-J. Handle checked exceptions that can be thrown within a finally block

EXC32-J. Do not catch RuntimeException

EXC33-J. Do not throw RuntimeException or Exception

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
EXC00-J	medium	probable	high	P4	L3
EXC01-J	medium	probable	high	P4	L3
EXC02-J	low	unlikely	high	P1	L3
EXC03-J	low	unlikely	medium	P2	L3
EXC04-J	low	unlikely	medium	P2	L3

Rules

Rules	Severity	Likelihood	Remediation Cost	Priority	Level
EXC30-J	low	unlikely	medium	P2	L3
EXC31-J	low	unlikely	medium	P2	L3

MET32-J. Ensure that constructors do not call overridable methods The CERT Sun Microsystems Secure Coding Standard for Java EXC00-J. Handle exceptions appropriately

No labels