The source code contains a block that does not contain any code, i.e., the block is empty.
Empty code blocks can occur in the bodies of conditionals, function or method definitions, exception handlers, etc. While an empty code block might be intentional, it might also indicate incomplete implementation, accidental code deletion, unexpected macro expansion, etc. For some programming languages and constructs, an empty block might be allowed by the syntax, but the lack of any behavior within the block might violate a convention or API in such a way that it is an error.
Threat Mapped score: 1.8
Industry: Finiancial
Threat priority: P4 - Informational (Low)
N/A
N/A
| Phase | Note |
|---|---|
| None listed. | |
Intro: In the following Java example, the code catches an ArithmeticException.
Body: Since the exception block is empty, no action is taken.
public class Main { public static void main(String[] args) { int a = 1; int b = 0; int c = 0; try { c = a / b; } catch(ArithmeticException ae) { } } }Intro: The following code attempts to synchronize on an object, but does not execute anything in the synchronized block. This does not actually accomplish anything and may be a sign that a programmer is wrestling with synchronization but has not yet achieved the result they intend.
Body: Instead, in a correct usage, the synchronized statement should contain procedures that access or modify data that is exposed to multiple threads. For example, consider a scenario in which several threads are accessing student records at the same time. The method which sets the student ID to a new value will need to make sure that nobody else is accessing this data at the same time and will require synchronization.
synchronized(this) { }