Page History

...

Assertions should not be used to validate parameters of {{public}} methods. According to the Java Language Specification \[[JLS 2005|AA. Bibliography#JLS 05]\], sectionSection 14.10 "The {{assert}} Statement":

Along similar lines, assertions should not be used for argument-checking in public methods. Argument-checking is typically part of the contract of a method, and this contract must be upheld whether assertions are enabled or disabled.

Another problem with using assertions for argument checking is that erroneous arguments should result in an appropriate runtime exception (such as IllegalArgumentException, IndexOutOfBoundsException or NullPointerException). An assertion failure will not throw an appropriate exception. Again, it is not illegal to use assertions for argument checking on public methods, but it is generally inappropriate.

Also , note that any defensive copying must be performed before validating the parameters and the checks must be performed on the copies instead of the original parameters. (See SER07-J. Make defensive copies of private mutable components)

...

This compliant solution validates the input to Math.abs() to ensure it is not Integer.MIN_VALUE and checks for integer overflow. The result of the computation can also be stored in a long variable to avoid overflow, however. However, in this case, the upper bound of the addition is required to be representable as the type int.

...

Failing to validate method parameters can result in inconsistent computations, runtime exceptions, and control flow vulnerabilities.

...