Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
SEI CERT Oracle Coding Standard for Java
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
SEI CERT Oracle Coding Standard for Java
2 Rules
Rule 07. Exceptional Behavior (ERR)
ERR01-J. Do not allow exceptions to expose sensitive information
Page Information
Title:
ERR01-J. Do not allow exceptions to expose sensitive information
Author:
Dhruv Mohindra
Jul 03, 2008
Last Changed by:
Michal Rozenau
May 18, 2021
Tiny Link:
(useful for email)
https://wiki.sei.cmu.edu/confluence/x/-zZGBQ
Export As:
Word
·
PDF
Incoming Links
SEI CERT Oracle Coding Standard for Java (5)
Page:
ERR08-J. Do not catch NullPointerException or any of its ancestors
Page:
SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields
Page:
ERR02-J. Prevent exceptions while logging data
Page:
IDS15-J. Do not allow sensitive information to leak outside a trust boundary
Page:
ERR00-J. Do not suppress or ignore checked exceptions
Hierarchy
Parent Page
Page:
Rule 07. Exceptional Behavior (ERR)
Labels
Global Labels (8)
sensitive
draft
android-applicable
android
dos-enable
rule
err
cwe-209
Recent Changes
Time
Editor
May 18, 2021 07:47
Michal Rozenau
View Changes
Parasoft Jtest 2021.1
Feb 26, 2021 09:13
Michal Rozenau
View Changes
Parasoft Jtest 2020.2
Jan 11, 2019 16:28
Alexandre GIGLEUX
View Changes
Feb 12, 2018 22:02
Will Snavely
View Changes
Jul 20, 2017 15:28
G. Ann Campbell
View Page History
Outgoing Links
External Links (8)
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2897
cwe.mitre.org/data/definitions/600.html
cwe.mitre.org/
https://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnera…
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-208…
https://rules.sonarsource.com/java/RSPEC-1989
cwe.mitre.org/data/definitions/209.html
cwe.mitre.org/data/definitions/497.html
SEI CERT C++ Coding Standard (2)
Home page:
SEI CERT C++ Coding Standard
Page:
VOID ERR12-CPP. Do not allow exceptions to transmit sensitive information
SEI CERT Oracle Coding Standard for Java (13)
Page:
SonarQube
Page:
Parasoft_V
Home page:
SEI CERT Oracle Coding Standard for Java
Page:
ERR08-J. Do not catch NullPointerException or any of its ancestors
Page:
SonarQube_V
Page:
Parasoft
Page:
FIO04-J. Release resources when they are no longer needed
Page:
ERR00-J. Do not suppress or ignore checked exceptions
Page:
Rule AA. References
Page:
Rule BB. Glossary
Page:
FIO16-J. Canonicalize path names before validating them
Page:
Rule 07. Exceptional Behavior (ERR)
Page:
ERR02-J. Prevent exceptions while logging data
Overview
Content Tools
{"serverDuration": 133, "requestCorrelationId": "99913e0163b93569"}
