SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 73

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 74

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Methods can throw a specific exception subclassed from Exception or RuntimeException. Note that it is permissible to construct an exception class specifically for a single throw statement.

Noncompliant Code Example

The isCapitalized() method in this noncompliant code example accepts a string and returns true when it consists of a capital letter followed by lowercase letters. The method also throws a RuntimeException when passed a null string argument.

...

A calling method must also violate rule ERR14-J. Do not catch NullPointerException, RuntimeException, Exception, or Throwable to determine if the https://www.securecoding.cert.org/confluence/pages/editpage.action?pageId=24608774RuntimeException was thrown.

Compliant Solution

This compliant solution throws the (NullPointerException) to denote the specific exceptional condition.

...

Note that the null check is redundant; if it were removed, the next call (s.equals("")) will throw a NullPointerException when s is null. However, the explicit null check is a good form, because it explicitly indicates the programmer's intent. More complex code may require explicit testing of invariants and appropriate throw statements.

Noncompliant Code Example

This noncompliant code example specifies the Exception class in the throws clause of the method declaration for the doSomething() method.

Code Block
bgColor#ffcccc
private void doSomething() throws Exception {
  //...
}

Compliant Solution

This compliant solution declares a specific exception in the throws clause of the method declaration for the doSomething() method.

Code Block
bgColor#ccccff
private void doSomething() throws IOException {
  //...
}

Exceptions

EXC13-EX0: Classes that sanitize exceptions to comply with a security policy are permitted to translate specific exceptions into more general exceptions. This translation could potentially result in throwing RuntimeException or Exception in some cases, depending on the details of the security policy.

Risk Assessment

Throwing RuntimeException and Exception prevents classes from catching the intended exceptions without catching other unintended exceptions as well.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

ERR13-J

low

likely

medium

P6

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2732f1ec00d089c2-f42e39cb-4e574a3f-9148af89-5e2f4b685cb3360110dca6c9"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID 397

http://cwe.mitre.org/data/definitions/397.html] "Declaration of Throws for Generic Exception"

]]></ac:plain-text-body></ac:structured-macro>

 

CWE ID 537 "Information Exposure Through Java Runtime Error Message"

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="05f5c49d31b3b99d-f525018c-4e4645b8-98f78ef2-d0de62b760c2ff4b795d140d"><ac:plain-text-body><![CDATA[

[[Goetz 2004b

AA. Bibliography#Goetz 04b]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="59b5bcfb166b0d77-7af412dd-47624c3c-aa0bad03-2ee197576fccf7f6f56f742d"><ac:plain-text-body><![CDATA[

[[Tutorials 2008

AA. Bibliography#Tutorials 08]]

[Unchecked Exceptions — The Controversy

http://java.sun.com/docs/books/tutorial/essential/exceptions/runtime.html]

]]></ac:plain-text-body></ac:structured-macro>

...