Because an exception is caught by its type, it is better to define exceptions for specific purposes rather than to use the general exception types for a variety of different multiple purposes. Throwing the general exception types makes code hard to understand and maintain , and defeats much of the advantage of the Java exception-handling mechanism.
...
Noncompliant Code Example
This noncompliant code example attempts to distinguish between different exceptional behavior behaviors by looking at the exception's message.:
| Code Block | ||
|---|---|---|
| ||
try { doSomething(); } catch (ExceptionThrowable e) { String msg = e.getMessage(); switch (msg) { case "stackfile not underflowfound": // ...Handle error break; case "connection timeout": // ...Handle error break; case "security violation": // ...Handle error break; default: throw e; } } |
If doSomething() throws an exception , or error whose type is a subclass of Exception, with message "stack underflow" then the appropriate action will be of Throwable, the switch statement allows selection of a specific case to execute. For example, if the exception message is "file not found," the appropriate action is taken in the exception handler-handling code.
However, any change to the exception message literals involved will break the code. For example, if a maintainer should edit the throw expression to read throw Exception("Stack Underflow"); the exception will be rethrown by the code of the noncompliant code example rather than handled. Also, an exception may be thrown with no message.
Compliant Solution
suppose this code is executed:
| Code Block |
|---|
throw new Exception("cannot find file");
|
This exception should be handled by the first case clause, but it will be rethrown because the string does not match any case clause.
Furthermore, exceptions may be thrown without a message.
This noncompliant code example falls under ERR08-J-EX0 of ERR08-J. Do not catch NullPointerException or any of its ancestors because it catches general exceptions but rethrows them.
Compliant Solution
This compliant solution uses specific exception types and defines new special-purpose exception types where requiredIt is better to user specific existing exception types, or define new, special purpose exception types.
| Code Block | ||
|---|---|---|
| ||
public class StackUnderflowExceptionTimeoutException extends Exception { StackUnderflowExceptionTimeoutException () { super(); } StackUnderflowExceptionTimeoutException (String msg) { super(msg); } } // ... try { doSomething(); } catch (StackUnderflowExceptionFileNotFoundException suee) { // Handle ...error } catch (TimeoutException te) { // Handle ...error } catch (SecurityException se) { // ... } catch(Exception e) { // ... throw e;Handle error } |
...
Applicability
Exceptions are used to handle exceptional conditions. If an exception is not caught, the program thread will be terminated, which may cause the program to exit. An exception that is incorrectly caught , or is caught at the wrong level of recovery will likely often cause incorrect behavior.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ERR54-J | low | probable | medium | P4 | L3 |
Bibliography
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Parasoft Jtest |
| CERT.ERR51.NCE | Do not catch exception types which are too general or are unchecked exceptions | ||||||
| SonarQube |
| S1193 |
Bibliography
...
Wiki Markup