SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 67

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 68

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: clarified catch clause in try-with-resources

...

Code Block
bgColor#ccccff
Statement stmt = null;
ResultSet rs = null;
Connection conn = getConnection();
try {
    stmt = conn.createStatement();
    rs = stmt.executeQuery(sqlQuery);
    processResults(rs);
} catch (SQLException e) { 
  // forward to handler 
} finally {
  try {
    if (rs != null) {
    try {
      rs.close();
    } catch (SQLException e) {
     } finally {
 // forward to handler 
    } tryfinally {
      if (stmt != null) {
        try {
          stmt.close();
      } catch (SQLException e) {
        // forward to handler 
      } finally {
        if (conn != null) {
          try {
            conn.close();
          } catch (SQLException e) {
            // forward to handler 
          }
        }
      }
    }
  }
}

Compliant Solution (Java 1.7, try-with-resources)

...

Code Block
bgColor#ccccff
try (Connection conn = getConnection();
     Statement stmt = conn.createStatement();
     ResultSet rs = stmt.executeQuery(sqlQuery)) {

    processResults(rs);
} catch (SQLException e) { 
  // forward to handler 
}

The try-with-resource construct will send any SQLException to the catch clause, where it gets forwarded to an exception handler. This includes exceptions generated during the allocation of resources (that is, the creation of the Connection, Statement, or ResultSet. It also includes any SQLException thrown by processResults(). Finally, it includes any SQLException generated by closing rs, stmt, or conn.

Noncompliant Code Example (File Handle)

...

Code Block
bgColor#ccccff
FileInputStream stream = null;
BufferedReader bufRead = null;
String line;
try {
  stream = new FileInputStream(fileName);
  bufRead = new BufferedReader(new InputStreamReader(stream));

  String line;
  while ((line = bufRead.readLine()) != null) {
    sendLine(line);
  }
} catch (IOException e) { 
  // forward to handler 
} finally {
  if (stream != null) { 
    try {
      stream.close();
    } catch (IOException e) { 
      // forward to handler 
    }
  } 
}

Compliant Solution (Java 1.7, try-with-resources)

...

Code Block
bgColor#ccccff
try (FileInputStream stream = new FileInputStream(fileName);
     BufferedReader bufRead = new BufferedReader(new InputStreamReader(stream))) {

  String line;
  while ((line = bufRead.readLine()) != null) {
    sendLine(line);
  }
} catch (IOException e) { 
  // forward to handler 
}

The try-with-resource construct will send any IOException to the catch clause, where it gets forwarded to an exception handler. This includes exceptions generated during the allocation of resources (that is, the creation of the FileInputStream or BufferedReader. It also includes any IOException thrown during the while loop. Finally, it includes any IOException generated by closing bufRead or stream.

Risk Assessment

Failure to explicitly release non-memory system resources when they are no longer needed can result in resource exhaustion.

...