RI.IGNOREDNEW

An RI.IGNOREDNEW warning appears when there is a call to a constructor method and the result of this method call is ignored. In some cases, it may cause an error (for example, Thread class, because user should start the thread after initialization).

Vulnerability and risk

Misunderstanding of method behavior will cause flaws in application logic.

Mitigation and prevention

Store the value return by the method, for example a=a.trim().

Example 1

9
10
11
12
13
14
15
16
      public void runMyProcessing() {
         Runnable myRunnable = new Runnable() {
             public void run() {
                 // do actual processing...
             }
         };
         new Thread(myRunnable); // ignored!
     }

RI.IGNOREDNEW is reported for line 15: Newly created object of type 'java.lang.Thread' is ignored.

External guidance

• CWE-391: Unchecked Error Condition
• STIG-ID:APP3120 Application has error handling vulnerabilities

Security training

Application security training materials provided by Secure Code Warrior.

• Dos Uncaught Errors Training Video - Test your skills with a training example