Why you should care
When an exception occurs during programming, it is usually caught in a catch block. Empty catch is when an exception occurs but the program fails because nothing occurs. As a result, they are a common source for obtaining errors in the code, and then executing these errors. It is also inefficient since it catches nothing and executes nothing.
Empty catch blocks are considered a risk from a business perspective as it can pose security issues. Risks can involve programmers and/or the company are unaware of the security being compromised.
CAST Recommends enforcing a Style Guide for the company that strongly suggests avoiding the use of empty-catch blocks to solve a problem in the code. Instead teams should be encouraged to collaborate and work on the problem together through communication.
How we detect
This code insight shows that catching an exception provides robustness treatment or error management. A catch doing nothing can masks an error, allowing the program to pursue and ignore the problem.
About CAST and Highlight’s Code Insights
Over the last 25 years, CAST has leveraged unique knowledge on software quality measurement by analyzing thousands of applications and billions of lines of code. Based on this experience and community standards on programming best practices, Highlight implements hundreds of code insights across 15+ technologies to calculate health factors of a software.