...
| Code Block | ||
|---|---|---|
| ||
public class Login {
static void checkPassword(String password_file) throws IOException {
BufferedReader reader = new BufferedReader(new FileReader(password_file));
// Compare credentials
} finally {
reader.close();
// Other clean-up code
}
}
public static void main(String[] args) throws IOException {
String path = "password""password";
checkPassword(path);
}
}
|
...
| Code Block | ||
|---|---|---|
| ||
public class Login {
static void checkPassword(String password_file) throws IOException {
BufferedReader reader = new BufferedReader(new FileReader(password_file));
try {
// Compare credentials
} finally {
try {
// Enclose in try-catch block
reader.close();
} catch (IOException ie) {
// Forward to handler
}
// Other clean-up code
}
}
public static void main(String[] args) throws IOException {
String path = "password""password";
checkPassword(path);
}
}
|
...
| Code Block | ||
|---|---|---|
| ||
public class Login {
static void checkPassword(String password_file) throws IOException {
BufferedReader reader = new BufferedReader(new FileReader(password_file));
try {
// Compare credentials
} finally {
closeIgnoringException(reader);
// Other clean-up code
}
}
private static void closeIgnoringException(BufferredReader s) {
if (s != null) {
try {
s.close();
} catch (IOException ie) {
// Ignore exception if close fails
}
}
}
public static void main(String[] args) throws IOException {
String path = "password""password";
checkPassword(path);
}
}
|
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[Bloch 05|AA. Java References#Bloch 05]\] Puzzle 41: Field and Stream \[[Harold 99|AA. Java References#Harold 99]\] \[[Chess 07|AA. Java References#Chess 07]\] 8.3 Preventing Resource Leaks (Java) |
...
EXC30-J. Do not exit abruptly from a finally block 13. Exceptional Behavior (EXC) EXC32-J. Catch specific exceptions as opposed to the more general RuntimeException