Difference between revisions of "Catch NullPointerException"

Latest revision as of 20:35, 31 August 2015

This page has been tagged and needs review. Please help OWASP and document the reason for this, see FixME.

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by

Last revision (mm/dd/yy): 08/31/2015

It is generally a bad practice to catch NullPointerException.

Programmers typically catch NullPointerException under three circumstances:

The program contains a null pointer dereference. Catching the resulting exception was easier than fixing the underlying problem.
The program explicitly throws a NullPointerException to signal an error condition.
The code is part of a test harness that supplies unexpected input to the classes under test.

Of these three circumstances, only the last is acceptable.

TBD

The following code mistakenly catches a NullPointerException.

	  try {
		mysteryMethod();
	  }
	  catch (NullPointerException npe) {
	  }

Note: A reference to related CWE or CAPEC article should be added when exists. Eg:

@@ Line 1: / Line 1: @@
+{{taggedDocument
+| type=pls review‎
+}}
 {{Template:Vulnerability}}
 {{Template:Fortify}}
-<br>
-[[ASDR Table of Contents]]
 Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
+[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]
-[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
 ==Description==