Write a class or library dedicated to error handling. Centralized error handling is easier to test and implement correctly. Handling errors is important for security, so better error handling improves security. Perform the following actions to implement centralized error handling:
  1. Identify existing error handling code. Review your code to find your existing error handling code. This code may be reused to write a centralized error handling subsystem.

  2. Identify possible types of errors. Review your application design to identify possible errors that you don't already have error handling code for. This information will be used to write new error handling code.

  3. Create a class for handling errors. Create a class or library for your centralized error handling code.

  4. Move error handling code. Move your existing error handling code to the new centralized error handling class or library.

  5. Add error handling code. Use information about errors and exceptions that may need to be handled to write functions to handle them.

  6. Replace error handling code. Replace your existing error and exception handling code with calls to the new centralized error handling functions.

  7. Use a global exception handler. Write a handler for exceptions that are not handled by any other code specifically. Use the global exception handler throughout all code to catch exceptions when no other exception handler catches them.

  8. Use centralized error handling. When adding new functionality to the program, use the centralized error handling subsystem to handle errors and exceptions.

Get the Newsletter

Every two weeks we'll send you our latest articles along with usable insights into the state of software security.

Posts by Topic

View Full Topic List