The assert() statement is a convenient mechanism for incorporating diagnostic tests in code. Expressions used with the standard assert statement should not contain avoid side-effects. Typically, the behavior of the assert statement depends on the status of a runtime property. If When enabled, the assert statement is designed to evaluate its expression argument and throw an AssertionError if the result of the expression is convertible to false. If When disabled, assert is defined to be a no-operation. Consequently, any side-effects resulting from evaluation of the expression in the assertion are lost in production quality codewhen assertions are disabled.
Noncompliant Code Example
This noncompliant code example demonstrates an action being carried out in an assertion. The idea is to delete all the null names from the list, however, the boolean expression is unexpectedly not evaluated when assertions are disabled.
| Code Block | ||
|---|---|---|
| ||
void process(int index) {
assert names.remove(null); // side -effect
// ...
}
|
Compliant Solution
Avoid the possibility of side-effects in assertions. This can be achieved by decoupling the boolean expression from the assertion.
| Code Block | ||
|---|---|---|
| ||
void process(int index) {
boolean nullsRemoved = names.remove(null);
assert nullsRemoved; // no side -effect
// ...
}
|
Risk Assessment
Side-effects in assertions can lead to unexpected and erroneous behaviordifferences in program behavior that depend on whether assertions are enabled.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP10-J | low | unlikely | low | P3 | L3 |
Automated Detection
Automated detection of assertion operands that contain locally-visible side-effects is straightforward. Some analyses may require programmer assistance to determine which method invocations may contain side-effects.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
...