CQE-396: Declaration of Catch for Generic Exception

 
Declaration of Catch for Generic Exception
[an error occurred while processing this directive] Definition in a New Window Definition in a New Window
Quality Issue ID: 396 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the named callable control element or method control element contains the catch unit which declares to catch the exception parameter whose datatype is part of the list of overly broad exception datatypes. With Java, an example is {'java.lang.Exception'}.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Pr
Practice		9010Execution Status Control
Quality Issues Organized by Practices (primary)9002
ChildOf
Ch
Characteristic		9115Security
Default Graph (primary)9001
ChildOf
Ch
Characteristic		9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice		9131Error/Exception Handling
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence		9145Degraded Comprehension
Default Graph (primary)9001
CanPrecede
Co
Consequence		9154Poisoned Data Usage
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-396
ASCSM1ASCSM-CWE-396
CWE2.11396
+ References
"Automated Source Code Security Measure (ASCSM)". ASCSM-CWE-396. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCSM/1.0/>.
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-396. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
Page Last Updated or Reviewed: October 01, 2017