Please keep in mind that many of the definitions stated below are specific to Java programming language.
Errors vs Exceptions
Errors indicate that something severe enough has gone wrong, the application should crash rather than try to handle the error.
Exceptions are events that occurs in the code. A programmer can handle such conditions and take necessary corrective actions. One way to handle exceptions is using try/catch blocks.
The try block contains set of statements where an exception can occur. A try block is always followed by a catch block, which handles the exception that occurs in associated try block. A try block must be followed by catch blocks or finally block, or both.
Finally Block — No matter whether an exception is thrown or not inside the try or catch block the code inside the finally-block is executed.
Best practices to handle exceptions:
1. Clean-up resources in a Finally Block or use a Try-With-Resource statement
2. Prefer specific exceptions
3. Document the exceptions you specify
4. Throw exceptions with descriptive messages
5. Catch the most specific exception first
6. Don’t catch Throwable
7. Don’t ignore exceptions
8. Don’t log and throw
9. Wrap the exception without consuming it
Runtime vs Compile Errors
Runtime errors are the errors that are generated when the program is in running state. These types of errors will cause your program to behave unexpectedly or may even kill your program. They are often referred as Exceptions.
· Syntax errors
· Type checking errors
Compile time errors are errors occurred due to typing mistakes, if we do not follow the proper syntax and semantics.
· Division by zero
· Dereferencing a null pointer
· Running out of memory
Stack trace / Debugging
A stack trace is a report of the active stack frames at a certain point in time during the execution of a program. A stack trace allows tracking the sequence of nested functions called — up to the point where the stack trace is generated.
Debugging is the process of finding and resolving defects or problems within a computer program that prevent correct operation of computer software or a system.
Debugging tactics can involve interactive debugging, control flow analysis, unit testing, integration testing, log file analysis, monitoring at the application or system level, memory dumps, and profiling.
When receiving input that needs to be validated before it can be used, validate all input before using any of it. You should not change any state in the application or attached systems until all input data has been validated. That way you avoid leaving the application in a half valid state.
Input validation should be applied on both syntactical and semantic level.
Implementing input validation
Input validation can be implemented using any programming technique that allows effective enforcement of syntactic and semantic correctness, for example:
· Data type validators available natively in web application frameworks
· Validation against JSON Schema and XML Schema (XSD) for input in these formats
· Type conversion (e.g. Integer.parseInt() in Java) with strict exception handling
· Minimum and maximum value range check for numerical parameters and dates, minimum and maximum length check for strings
· Array of allowed values for small sets of string parameters
· Regular expressions for any other structured data covering the whole input string (^…$) and not using “any character” wildcard (such as “.” or “\S”)