Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Methods return values to signify failure or success or, at other times, to update the caller's objects or fields. Security risks can arise if return values are simply ignored or if suitable action is not taken on their receipt. Return values may be ignored intentionally or even unintentionally. For example, when getter methods that return a value are named after an action (, such as ProcessBuilder.redirectErrorStream()), a programmer may not realize that a return value is expected. Incidentally, the only purpose of the redirectErrorStream() method is to tell whether the process builder merges standard error and standard output. The action of actually redirecting the error stream is performed by its overloaded single argument version. It is important to check read the API documentation so that return values are not ignored.

...