...
This noncompliant code example attempts to delete a specified file but gives no indication of its success. The Java Platform, Standard Edition 6, API Specification [API 2014] platform requires File.delete() to throw a SecurityException only when the program lacks authorization to delete the file [API 2014]. No other exceptions are thrown, so the deletion can silently fail.
...
| Code Block | ||
|---|---|---|
| ||
File file = new File("file");
if (!file.delete()) {
System.out.println("// Deletion failed");, handle error
}
|
Compliant Solution
...
This compliant solution uses the java.nio.file.Files.delete() method from Java SE 7 to delete the file:
| Code Block | ||
|---|---|---|
| ||
Path file = new File(args[0]).toPath();
try {
Files.delete(file);
} catch (IOException x) {
System.out.println(" // Deletion failed");
// Handle, handle error
}
|
The Java SE 7 Documentation [J2SE 2011] defines Files.delete() to throw the following exceptions:
Exception | Reason |
|---|---|
| File does not exist |
| File is a directory and could not otherwise be deleted because the directory is not empty |
| An I/O error occurs |
| In the case of the default provider and a security manager is installed, the |
Because SecurityException is a runtime exception, it need not be declared. Because NoSuchFileException and DirectoryNotExmptyException both inherit from IOException, they will be caught by the compliant solution's catch clause.
...
Failure to check the return values of methods that perform file I/O can result in unexpected behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FIO02-J | Medium | Probable | Medium | P8 | L2 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| JAVA.FUNCS.IRV | Ignored Return Value (Java) | ||||||
| SonarQube |
| S899 |
Related Guidelines
Bibliography
[API 2014] |
|
| |
Chapter 8, "File I/O" |
...
...