SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 1

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 2

changes.mady.by.user Fred Long

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Do not supress/ignore exceptions: This happens when an empty catch block is defined. The program catches the exception but does not perform any recovery or notification
  • Masking of original exception by a new one: A new exception within a block may in certain cases mask the original exception
  • Logging the same exception more than once: This creates ambiguity while tracing
  • Throwing Exception and Throwable
  • Encapsulating the original exception and throwing a completely new exception from the block

References

Risk Assessment

Not handling exceptions properly may result in information being lost, problems being overlooked, or too much information being passed to the user.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SEC06-J

medium

probable

high

P??

L??

Automated Detection

TODO

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Doshi 03|AA. Java References#Doshi 03]\]
\[[JLS 05|AA. Java References#JLS 05]\] CHAPTER 11, Exceptions
\[[Tutorials 08|AA. Java References#tutorials 08]\] [Exceptions|
Best Practices for Exception Handling by Gunjan Doshi, 11/19/2003 http://www.onjava.com/pub/a/onjava/2003/11/19/exceptions.html?page=2Image Removed
JLS CHAPTER 11, Exceptions
Java Tutorial, Exceptions 
http://java.sun.com/docs/books/tutorial/essential/exceptions/index.html
Image Removed
Exception Handling: Common Problems and Best Practice with Java 1.4, by Dr. Andreas Müller and Geoffrey Simmons
]
\[[Müller 02|AA. Java References#Müller 02]\]