#110 Java methods do not have proper error checking for input

api-only
nobody
None
Defect
6
Mac OSX 10.6.8
V 1.7.7
2013-04-07
2013-02-23
Milan
No

Summary:

Some methods inside the java classes do not validate the input before processing it.

Environment:

This is a code issue, therefore is not isolated to any specific OS.

Priority:

Low

Problem:

The problem happens in DateUtil.java and Address.java classes.
The problem in DateUtil.java class is that most of the methods take Date as input, and these dates are passed in from the GUI, however, when I pass in NULL value instead of date, the program crashes. Specifically, in the isAfter method, the method tries to create a GregorianCalendar object without checking if the input date d1 and d2 are valid dates (not null).

Similar problem happens in Address.java class where if I set the first name to more than 25 characters, the method should return me a boolean value indicating that if the first name is proper format/size/length or not. Instead, there is no return value, and application generates a SQL error message. This SQL error is also generated on the GUI side when user runs the application and enters a huge string for First name.

Probable fixes:

  1. Validate all input values before they are processed which will give the application proper error handling.

Discussion

  • Mike Berger
    Mike Berger
    2013-04-07

    • status: open --> api-only