SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 9

changes.mady.by.user Dhruv Mohindra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: edited

A switch statement is comprised of block comprises several case labels , and a an optional but highly recommended default label. The default label is not required, but strongly recommended. The statements following a case label conventionally By convention, statements that follow each case label end with a break; statement, which moves control flow responsible for transferring the control to the end of the switch block. If When omitted, control flow falls through to the next case statement in the switch blocksubsequent case label gets executed. Because the break statement is not required, omitting it optional, its omission produces no compiler warnings, and if this was . If this behavior is unintentional, it can lead to an unexpected undesirable control flowflows.

Noncompliant Code Example

In this noncompliant code example, the case where wherein the card = is 11 does not have a break statement. Thus, the statements for card = 12 are also executed when card = 11.

Code Block
bgColor#FFCCCC
int card = 11;

switch (card) {
  /* ... */
  case 11: 
    System.out.println("Jack");
  case 12: 
    System.out.println("Queen"); 
    break;
  case 13: 
    System.out.println("King"); 
    break;
  default: 
    System.out.println("Invalid Card"); 
  break;
}

Compliant Solution

In the this compliant solution, each case label is ended with (including the default) is terminated by a break statement.

Code Block
bgColor#CCCCFF
int card = 11;

switch (card) {
  /* ... */
  case 11: 
    System.out.println("Jack");
    break;
  case 12: 
    System.out.println("Queen"); 
    break;
  case 13: 
    System.out.println("King"); 
    break;
  default: 
    System.out.println("Invalid Card"); 
    break;
}

Exceptions

EX1: The last label in a switch statement requires no break. The break statement serves to skip to the end of the switch block, so control flow will continue to statements following the switch block with or without it. . Conventionally, the last label is the default label.

EX2: In some cases, where control flow is intended to execute the same code for multiple cases, it is permissible to omit the break statement. However, these instances must be explicitly documented.

Code Block
bgColor#CCCCFF
int card=11;
int value;

/* Case 11,12,13 fall through to the same case */
switch (card) {
  /* MSC13-J:EX2: these three cases are treated identically  */
  case 11: 
  case 12: 
  case 13: 
    value=10; 
  break;
  default: 
    /* Handle Error Condition */ 
}

EX3: A case block needs no break statement if its last statement is a return or throw.

Risk Assessment

...

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

  MSC13-J

medium

likely unlikely

low

P6

L2

Other Languages

This rule appears in the C Secure Coding Standard as MSC17-C. Finish every set of statements associated with a case label with a break statement.

...