Java Reference
In-Depth Information
}
return null;
}
A return value that might be null is an in-band error indicator,which is discussed more
thoroughlyin
Guideline52
,“
Avoidin-banderrorindicators
.
”Thisdesignispermittedbut
is considered inferior to other designs, such as those shown in the other compliant solu-
tions in this guideline.
Applicability
Failure to provide appropriate feedback through a combination of return values, error
codes, and exceptions can lead to inconsistent object state and unexpected program beha-
vior.
Bibliography
[Bloch 2008]
Item 59. Avoid unnecessary use of checked exceptions
[Long 2012]
EXP00-J. Do not ignore values returned by methods
[Ware 2008]
Writing Secure Java Code
27. Identify files using multiple file attributes
Many file-related security vulnerabilities result from a program accessing an unintended
file object. This often happens because file names are only loosely bound to underlying
file objects. File names provide no information regarding the nature of the file object it-
self. Furthermore, the binding of a file name to a file object is reevaluated each time the
file name is used in an operation. This reevaluation can introduce a time-of-check, time-
of-use (TOCTOU) race condition into an application. Objects of type
java.io.File
and
of type
java.nio.file.Path
are bound to underlying file objects by the operating sys-
tem only when the file is accessed.
The
java.io.File
constructors and the
java.io.File
methods
renameTo()
and
delete()
rely solely on file names for file identification. The same holds for the
java.nio.file.Path.get()
methods for creating
Path
objects and the
move()
and
de-
lete()
methods of
java.nio.file.Files
. Use all of these methods with caution.
