You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 64 Next »

Methods must not throw RuntimeException or Exception. Handling these exceptions requires catching RuntimeException, which is disallowed by rule ERR14-J. Do not catch RuntimeException. Moreover, throwing a RuntimeException can lead to subtle errors, for instance, a caller cannot examine the exception to determine why it was thrown, and consequently cannot attempt recovery.

Methods can throw a specific exception subclassed from Exception. Note that it is permissible to construct an exception class specifically for a single throw statement.

Noncompliant Code Example

The isCapitalized() method in this noncompliant code example accepts a string and returns true when it consists of a capital letter followed by lowercase letters. The method also throws null a RuntimeException when passed a null string argument.

boolean isCapitalized(String s) {
  if (s == null) {
    throw new RuntimeException("Null String");
  }
  if (s.equals("")) {
    return true;
  }
  String first = s.substring(0, 1);
  String rest = s.substring(1);
  return (first.equals(first.toUpperCase()) &&
          rest.equals(rest.toLowerCase()));
}

A calling method must violate also rule ERR14-J. Do not catch RuntimeException to determine if the RuntimeException was thrown.

Compliant Solution

This compliant solution throws the (NullPointerException) to denote the specific exceptional condition.

boolean isCapitalized(String s) {
  if (s == null) {
    throw new NullPointerException();
  }
  if (s.equals("")) {
    return true;
  }
  String first = s.substring(0, 1);
  String rest = s.substring(1);
  return (first.equals(first.toUpperCase()) &&
          rest.equals(rest.toLowerCase()));
}

Note that the null check is redundant; if it were removed, the next call (s.equals("")) will throw a NullPointerException when s is null. However, the explicit null check is good form, because it explicitly indicates the programmer's intent. More complex code may require explicit testing of invariants and appropriate throw statements.

Noncompliant Code Example

This noncompliant code example specifies the Exception class in the throws clause of the method declaration for the doSomething() method.

private void doSomething() throws Exception {
  //...
}

Compliant Solution

This compliant solution declares a specific exception in the throws clause of the method declaration for the doSomething() method.

private void doSomething() throws IOException {
  //...
}

Using instanceof to check for narrower exceptions in a general catch block is often inadequate because it is frequently impossible to enumerate all possible exceptions that the code could throw.

Compliant Solution (Wrapping)

Occasionally it is necessary to invoke library code that can throw any exception. While it is advisable to redesign the library code to be specific about which exceptions it throws, this is not always possible.

This compliant solution catches any exception thrown, and wraps it inside a custom exception, consequently limiting the exceptions that can be thrown.

class DoSomethingException extends Exception {
  public DoSomethingException(Throwable cause) {
    super( cause);
  }
    
  // other methods
};

private void doSomething() throws DoSomethingException {
  try {
    // code that might throw an Exception
  } catch (Throwable t) {
    throw new DoSomethingException(t);
  }
}

This code is valid by ERR14-EX0 of rule ERR14-J. Do not catch RuntimeException.

Exception wrapping is a common technique to safely handle unknown exceptions, for another example, see rule ERR10-J. Do not let code throw undeclared checked exceptions.

Exceptions

EXC13-EX0: Classes that sanitize exceptions to comply with a security policy are permitted to translate specific exceptions into more general exceptions. This translation could potentially result in throwing RuntimeException or Exception in some cases, depending on the details of the security policy.

Risk Assessment

Throwing RuntimeException and Exception prevents classes from catching the intended exceptions without catching other unintended exceptions as well.

Guideline

Severity

Likelihood

Remediation Cost

Priority

Level

EXC13-J

low

likely

medium

P6

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

[[Goetz 2004b]]
[[MITRE 2009]] CWE ID 397 "Declaration of Throws for Generic Exception", CWE ID 537 "Information Leak Through Java Runtime Error Message"
[[Tutorials 2008]] Unchecked Exceptions — The Controversy


ERR11-J. Restore prior object state on method failure      06. Exceptional Behavior (ERR)      ERR14-J. Do not catch RuntimeException

  • No labels