EXP06-J. Expressions used in assertions must not produce side effects

The assert statement is a convenient mechanism for incorporating diagnostic tests in code. The behavior of the assert statement depends on the status of a runtime property. When enabled, the assert statement evaluates its expression argument and throws an AssertionError if false. When disabled, assert is a no-op; any side effects resulting from evaluation of the expression in the assertion are lost. Consequently, expressions used with the standard assert statement must not produce side effects.

Noncompliant Code Example

This noncompliant code attempts to delete all the null names from the list in an assertion. However, the Boolean expression is not evaluated when assertions are disabled.

private ArrayList<String> names;

void process(int index) {
  assert names.remove(null); // Side effect 
  // ...
}

Compliant Solution

The possibility of side effects in assertions can be avoided by decoupling the Boolean expression from the assertion:

private ArrayList<String> names;

void process(int index) {
  boolean nullsRemoved = names.remove(null);
  assert nullsRemoved; // No side effect 
  // ... 
}

Risk Assessment

Side effects in assertions result in program behavior that depends on whether assertions are enabled or disabled.

Automated Detection

Automated detection of assertion operands that contain locally visible side effects is straightforward. Some analyses could require programmer assistance to determine which method invocations lack side effects.

Related Guidelines

Android Implementation Details

The assert statement is supported on the Dalvik VM but is ignored under the default configuration. Assertions may be enabled by setting the system property debug.assert via: adb shell setprop debug.assert 1 or by sending the command-line argument --enable-assert to the Dalvik VM.

Bibliography

[ Java Tutorials ]	Programming With Assertions
[ Seacord 2015 ]	IDS17-J. Prevent XML External Entity Attacks LiveLesson