...
This noncompliant code example attempts to rename a given file if it exists, perform operations on the renamed file, and then delete the renamed file. However, because of the short-circuit behavior of the || operator, the renameTo() method does not execute when the exists() method returns true. Because of this, the renamed file may could or may could not exist, which may can result in an attempt to use and then delete a nonexistent file. This problem is exacerbated by the fact that File.delete() does not throw an exception but returns an error code on failure, which is sometimes silently ignored or perceived as unnecessary. (See guideline EXP00-J. Do not ignore values returned by methods.)
...
This code snippet sequentially checks for potential error conditions , before allowing the main computation to proceed. The short-circuit behavior of && guarantees that the first error condition encountered will terminate the checking process.
...
Failure to understand the short-circuit behavior of the logical AND and OR operators may can cause unintended program behavior.
...
Detection of short-circuit operators is straightforward, but sound error checking for this guideline is not feasible in the general case. Heuristic warnings may could be useful.
Related Vulnerabilities
...