SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 28

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 29

changes.mady.by.user Dhruv Mohindra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#CCCCFF
public Node updateNode(int id, int newValue) throws IdNotFoundException {
  Node current = root;
  while(current != null){
    if(current.getId() == id){
      current.setValue(newValue);
      return current;
    }
    current = current.next;
  }	
  throw new NodeNotFoundException();
}

Risk

...

Assessment

Failure to provide appropriate feedback through return values, error codes and exceptions can lead to inconsistent object state and unexpected program behavior.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

This guideline is similar to the C Secure Coding Standard recommendation ERR02-C. Avoid in-band error indicators

References

Wiki Markup
\[[Ware 08|AA. Java References#Ware 08]\]
\[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 393|http://cwe.mitre.org/data/definitions/393.html] "Return of Wrong Status Code" and [CWE ID 389|http://cwe.mitre.org/data/definitions/393.html] "Error Conditions, Return Values, Status Codes"

...