SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 87

changes.mady.by.user Yozo TODA

Saved on

compared with

New Version 88

changes.mady.by.user Yozo TODA

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Noncompliant Code Example (Thread.stop(Throwable))

Wiki MarkupAccording to the Java API \ [[API 2006|AA. References#API 06]\], class {{Thread}}:

Wiki Markup\[{{Thread.stop()}}\] may be used to generate exceptions that its target thread is unprepared to handle (including checked exceptions that the thread could not possibly throw, were it not for this method). For example, the following method is behaviorally identical to Java's throw operation, but circumvents the compiler's attempts to guarantee that the calling method has declared all of the checked exceptions that it may throw.

Code Block
bgColor#FFcccc
static void sneakyThrow(Throwable t) {
  Thread.currentThread().stop(t);
}

...

Noncompliant Code Example (Bytecode Manipulation)

Wiki MarkupIt is also possible to disassemble a class, remove any declared checked exceptions, and reassemble the class so that checked exceptions are thrown at runtime when the class is used \ [[Roubtsov 2003|AA. References#Roubtsov 03]\]. Compiling against a class that declares the checked exception and supplying at runtime a class that lacks the declaration can also result in undeclared checked exceptions. Undeclared checked exceptions can also be produced through crafted use of the {{sun.corba.Bridge}} class. All these practices are violations of this rule.

Risk Assessment

Failure to document undeclared checked exceptions can result in checked exceptions that the caller is unprepared to handle, consequently violating the safety property.

...

MITRE CWE

CWE-703. Improper check or handling of exceptional conditions

 

CWE-248. Uncaught exception

Bibliography

...

[[Bloch 2008AA. References#Bloch 08]]

Item 2. Consider a builder when faced with many constructor parameters

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0b34d8ae-dd40-4d04-9a23-60a3018214d7"><ac:plain-text-body><![CDATA [ [[Goetz 2004bAA. References#Goetz 04b] ]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="713abf8b-e5c3-4756-a2c0-b7014cdacaf5"><ac:plain-text-body><! [CDATA[ [[JLS 2005AA. References#JLS 05] ]

Chapter 11, Exceptions ]]></ac:plain-text-body></ac:structured-macro><ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="aa31b576-3c33-47ab-bce0-cb6875585805"><ac:plain-text-body><![CDATA

[ [[Roubtsov 2003AA. References#Roubtsov 03] ]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="21774fd2-c963-44c0-a8a1-e57f29e0d872"><ac:plain-text-body><![CDATA[

[[Schwarz 2004AA. References#Schwarz 04] ]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="facbc6f1-1554-4d27-9573-7ab91550bf2e"><ac:plain-text-body><![CDATA[

[[Venners 2003AA. References#Venners 03]]

Scalability of Checked Exceptions ]]></ac:plain-text-body></ac:structured-macro>

...

      06. Exceptional Behavior (ERR)