SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 115

changes.mady.by.user Arthur Hicken

Saved on

compared with

New Version Current

changes.mady.by.user Jon O'Donnell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
private void doSomething() throws IOException {
  //...
}

Exceptions

ERR07-J-EX0: Classes that sanitize exceptions to comply with a security policy are permitted to translate specific exceptions into more general exceptions. This translation could potentially result in throwing RuntimeException, Exception, or Throwable in some cases, depending on the requirements of the security policy.

...

Throwing RuntimeException, Exception, or Throwable prevents classes from catching the intended exceptions without catching other unintended exceptions as well.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

ERR07-J

Low

Likely

Medium

P6

L2

Automated Detection

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

JAVA.STRUCT.EXCP.BROAD

Broad Throws Clause (Java)

Parasoft Jtest
9.5CODSTD.BP.NTX, EXCEPT.NTERRImplemented
Include Page
Parasoft_V
Parasoft_V
CERT.ERR07.NTX
CERT.ERR07.NTERR		Avoid declaring methods to throw general or unchecked Exception types
Do not throw exception types which are too general or are unchecked exceptions
SonarQube
Include Page
SonarQube_V
SonarQube_V
S112Generic exceptions should never be thrown

Related Guidelines

MITRE CWE

CWE-397, Declaration of Throws for Generic Exception

Bibliography

[Goetz 2004b]

 


[Java Tutorials]

Unchecked Exceptions—The Controversy

...


...