Kingdom: Code Quality

Poor code quality leads to unpredictable behavior. From a user's perspective that often manifests itself as poor usability. For an attacker it provides an opportunity to stress the system in unexpected ways.

Dead Code: Empty Try Block

Abstract
Empty try blocks are either dead code or indicate the presence of debug code.
Explanation
An empty try block serves no functional purpose. In fact, when compiled to byte code, the empty try block is optimized out and never makes it into the finished program. An empty try block might be indicative of code that has been removed or commented out.
Example 1: The following code contains an empty try block.

try {
//rs = stmt.executeQuery(query);
}
catch(SQLException e) {
log(e);
}

Dead code negatively impacts code quality, making code harder to read, understand, and maintain.
References
[1] Sun Microsystems, Inc. Java Sun Tutorial
[2] Standards Mapping - Common Weakness Enumeration CWE ID 561
[3] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3050 CAT II
[4] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3050 CAT II
[5] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3050 CAT II
[6] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3050 CAT II
[7] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3050 CAT II
[8] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3050 CAT II
[9] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3050 CAT II
desc.structural.java.dead_code_empty_try_block