Warn for catching RuntimeException, Exception and Throwable #2112
Conversation
According to [SEI CERT rule ERR08-J](https://wiki.sei.cmu.edu/confluence/display/java/ERR08-J.+Do+not+catch+NullPointerException+or+any+of+its+ancestors) catching `RuntimeException`, `Exception` and `Throwable` is a bad practice because it may hide exceptions which must be handled or avoided. This PR extends detector `RuntimeExceptionCapture` to warn for these cases.
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/RuntimeExceptionCapture.java
Outdated
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/RuntimeExceptionCapture.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
This PR will produce again a lot of false positives. The idea of catching exact the exception types that some code might throw and don’t catch others is purely academic. In most cases exception handlers that catch Exception or Throwable are written because they want catch all potential exceptions from the try block, not only some specific. I know lot of absolutely valid code that does that.
So this new checks should be disabled by default.
|
Thank you for your comment @iloveeclipse! I agree that this PR produces several new bug reports. However, based on my experience most of these reports are true positives. Unfortunately, many programmers are lazy to properly handle exceptions. Beside the true positives there are of course some false positives because you are right, there are some cases where you must catch all the exceptions. The SEI CERT rule itself describes such cases. Case ERR08-J-EX0 where the exception is rethrown (possibly after logging) is handled. Case ERR08-J-EX2 only affects some special software. Where we can reduce the false positives are the cases described in ERR08-J-EX1: we must check for methods called in the try block whether they are methods of a class received as a generic parameter of the current method or the class. It is a valid case to catch I think that setting a check to disabled by default is the last resort. First we should try fix it by recognizing corner cases and reducing the number of false positives. Only if that effort fails should we disable the checker by default. |
…e method of a class which is the generic parameter of the current method or the current class.
|
This far the results: 0 findings on 7 4 36 26 59 |
|
@iloveeclipse Any comments after seeing the statistics? |
I don't think the issue should be active by default either because sometimes its other libraries that abuse usage and that would be a false positive on wrong code bases. For example, Selenium is really bad about using Exception. Even worse with Selenium, is that they have unchecked exceptions that should actually be checked exceptions. Anyways point is that its not always in direct developer control. I agree we mark them but not as a default setting. Note: I didn't review this PR so I didn't check to see if that was modified, instead what I did was resolve most of the coding notes others left. |
# Conflicts: # CHANGELOG.md
SEI_CERT_ERR08_J master merge
| // should pass -- rethrows Throwable | ||
| public void testPass2() { | ||
| try { | ||
| for (int i = 0; i < 1000; i++) |
There was a problem hiding this comment.
Loops should always use braces.
|
@baloghadamsoftware If you have this set as disabled by default, it can come in. I personally like this but I know many libraries abuse what they catch and then rethrow which would cause the false positive but I personally would enable this to get my staff to be smarter about exception handling. Its not like sonar already doesn't say same thing ;) But let users opt into this one. |
According to SEI CERT rule ERR08-J catching
RuntimeException,ExceptionandThrowableis a bad practice because it may hide exceptions which must be handled or avoided. This PR extends detectorRuntimeExceptionCaptureto warn for these cases.Make sure these boxes are checked before submitting your PR -- thank you!
CHANGELOG.mdif you have changed SpotBugs code