...
| Wiki Markup |
|---|
Sometimes a state testing method \[[Bloch 08|AA. Java References#Bloch 08]\] can be used to ensure that the object is in consistent state at all points in time. This approach is not useful in the absence of external synchronization. Also, there is a TOCTOU race condition between invocation of the object's state testing method and the call to a method that depends on its state. During this interval, the object's state could change surreptitiously. |
A method should not return a value or status code that does not accurately specify the problem. Clients should be able to rely on the value for performing critical decisions.
Noncompliant code example
...
| Wiki Markup |
|---|
\[[Ware 08|AA. Java References#Ware 08]\] \[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 393|http://cwe.mitre.org/data/definitions/393.html] "Return of Wrong Status Code" and [CWE ID 389|http://cwe.mitre.org/data/definitions/393.html] "Error Conditions, Return Values, Status Codes" |
...
MET03-J. For methods that return an array or collection prefer returning an empty array or collection over a null value 11. Methods (MET) MET05-J. Validate method parameters