SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 5

changes.mady.by.user Jose Sandoval Chaverri

Saved on

compared with

New Version 6

changes.mady.by.user Jose Sandoval Chaverri

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Feedback can also be provided by throwing objects derived from the Exception class. With this approach, the developer can still get precise information about the outcome of the method. To do so, the exception thrown should give a good description of the problem found in execution.

To achieve a better handling of both correct and incorrect results, a combination of the two previous approaches should be used. Be aware to differentiate between cases when an error value should be returned instead of an exception and vice versa.

Noncompliant code example

As shown in this example, methods that are subject to fail could compromise the state of the object if they do not return a value that the developer can interpret.

Code Block
bgColor#F7D6C1#FFCCCC
public void updateNode(int id, int newValue){
		
  Node current = root;
  while(current != null){
    if(current.getId() == id){
      current.setValue(newValue);
      break;
    }
    current = current.next;
  }
}

Compliant solution

A recommended solution for this example could be to return the result of the operation. The method could return true if it was successful and false if it wasn't.

Code Block
bgColor#CCCCFF
public boolean updateNode(int id, int newValue){
		
  Node current = root;
  while(current != null){
    if(current.getId() == id){
      current.setValue(newValue);
      return true;
    }
    current = current.next;
  }
  return false;
}

Compliant solution

Another solution that could provide more information could return the updated node Node so the developer could verify the new state of the object and null if the operation did not succeed. Appropriate return values for methods could vary depending on the different paths that the implementation can follow or on the information that the developer finds more useful.

Code Block
bgColor#CCCCFF
public Node updateNode(int id, int newValue){
	
  Node current = root;
  while(current != null){
    if(current.getId() == id){
      current.setValue(newValue);
      return current;
    }
    current = current.next;
  }
  return null;
}

Compliant solution

This solution provides a combination of both approaches mentioned. In this case, an exception is thrown if the received newValue is not evaluated as a valid ID. The code then follows the same behavior as in the previous compliant solution, returning the updated Node if it was found and null otherwise.operation was not successful.

code
Code Block
bgColor#CCCCFF
public Node updateNode(int id, int newValue){
 throws IdNotFoundException if(isInvalidId(newValue)){
    throw new InvalidIdException();
  }
  Node current = root;
  while(current != null){
    if(current.getId() == id){
      current.setValue(newValue);
      return current;
    }
    current = current.next;
  }
	
  throw returnnew nullIdNotFoundException();
}

Risk assesment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

 MET04-J

medium

unlikely

medium

P4

L3

References

Wiki Markup
\[[Ware 08|AA. Java References#Ware 08]\]