Methods return values to signify failure or success, at other times, to update the caller's objects or fields. Security risks can arise if return values are simply ignored or if suitable action is not taken on their receipt.
This noncompliant code example ignores the return value while making use of the String.replace method. As a result, the original string is not updated even though it seems otherwise.
public class Ignore {
public static void main(String[] args) {
String original = "insecure";
original.replace( 'i', '9' );
System.out.println (original);
}
}
|
The compliant solution correctly updates the original string object by assigning to it the return value.
public class DoNotIgnore {
public static void main(String[] args) {
String original = "insecure";
original = original.replace( 'i', '9' );
System.out.println (original);
}
}
|
Ignoring method return values may lead to erroneous computation which, in turn, may lead to security risks.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
EXP02-J |
medium |
probable |
medium |
P8 |
L2 |
TODO
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
This rule appears in the C Secure Coding Standard as EXP12-C. Do not ignore values returned by functions.
\[[API 06|AA. Java References#API 06]\] [method replace()|http://java.sun.com/javase/6/docs/api/java/lang/String.html#replace(char,%20char)] \[[Green 08|AA. Java References#Green 08]\] ["String.replace"|http://mindprod.com/jgloss/gotchas.html] |
EXP00-J. Use the same type for the second and third operands in conditional expressions 02. Expressions (EXP) EXP03-J. Do not compare String objects using equality or relational operators