Uploaded image for project: 'Rules Repository'
  1. Rules Repository
  2. RSPEC-2486

Exceptions should not be ignored

    XMLWordPrintable

    Details

    • Message:
      Handle this exception, rather than masking it with a "NULL;" statement
    • Default Severity:
      Minor
    • Impact:
      Low
    • Likelihood:
      Low
    • Default Quality Profiles:
      Sonar way
    • Legacy Key:
      MaskedExceptionCheck
    • Covered Languages:
      C#, C, C++, Objective-C, PL/SQL
    • Remediation Function:
      Constant/Issue
    • Constant Cost:
      1h
    • Analysis Scope:
      Main Sources
    • Implementation details:
    • Common Rule:
      Yes
    • CWE:
      CWE-391
    • OWASP:
      A10
    • ReSharper:
      EmptyGeneralCatchClause

      Description

      When exceptions occur, it is usually a bad idea to simply ignore them. Instead, it is better to handle them properly, or at least to log them.

      Noncompliant Code Example

      SET SERVEROUTPUT ON

DECLARE
  d VARCHAR2(1);
BEGIN
  SELECT dummy INTO d FROM DUAL WHERE dummy = 'Y'; -- Will raise NO_DATA_FOUND
  DBMS_OUTPUT.PUT_LINE('d = ' || d);
EXCEPTION
  WHEN NO_DATA_FOUND THEN -- Noncompliant, did we really want to mask this exception?
    NULL;
END;
/

      Compliant Solution

      SET SERVEROUTPUT ON

DECLARE
  d VARCHAR2(1);
BEGIN
  SELECT dummy INTO d FROM DUAL WHERE dummy = 'Y'; -- Will raise NO_DATA_FOUND
  DBMS_OUTPUT.PUT_LINE('d = ' || d);
EXCEPTION
  WHEN NO_DATA_FOUND THEN
    DBMS_OUTPUT.PUT_LINE('Error: No data found');
END;
/

      See

        Attachments

          Issue Links

          deprecates

          Vulnerability Detection - RSPEC-1674 "CATCH" clauses should not be empty

          • Deprecated
          is duplicated by

          Finding Detection - RSPEC-1169 At least one exception should be handled in an exception block

          • Closed
          is implemented by

          New Feature - A new feature of the product, which has yet to be developed. SONARPY-524 Rule S2486: Exceptions should not be ignored

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. CPP-1444 Rule: Exceptions should not be ignored

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. CPP-2900 S2486: move from vulnerability to code smell

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. SONARJAVA-1469 Rule S2486: Exceptions should not be ignored

          • Major - Major loss of function.
          • Closed
          is related to

          Bug Detection - RSPEC-2002 Errors should not be silenced

          • Active
          relates to

          Code Smell Detection - RSPEC-1166 Exception handlers should preserve the original exceptions

          • Active

            Activity

              People

              Assignee:
              eric.therond Eric Therond (Inactive)
              Reporter:
              ann.campbell.2 Ann Campbell
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated: