Rule Definition
Software without consistent and complete handling of errors and exceptions makes it impossible to accurately identify and adequately respond to unusual and unexpected situations.

Remediation
Implement a consistent and complete handling of errors and exceptions to make it possible to accurately identify and adequately respond to unusual and unexpected situations. Using a logger library is a good practice.

Violation Code Sample

// Sample 1 
public void method1() { 
    try 
    { 
        Statement statement = connection.createStatement(); 
        String sql1 = "INSERT INTO STUDENTS VALUES" + 
                      "('BOB','DAVI', {d '2001-12-16'})"; 
        statement.execute(sql1); 
    } 
    catch (Exception e) 
    { 
        System.err.println("This is an output that does not handle properly the exception"); 
        System.err.println(e.toString()); 
    } 
} 

// Sample 2 
public void method2() { 
    try 
    { 
        Statement statement = connection.createStatement(); 
        String sql1 = "INSERT INTO STUDENTS VALUES" + 
                      "('BOB','DAVI', {d '2001-12-16'})"; 
        statement.execute(sql1); 
    } 
    catch (Exception e) 
    { 
        // comments are not a good way to handle the exception 
   } 
} 

// Sample 3 
public void method3() { 
    try 
    { 
        Statement statement = connection.createStatement(); 
        String sql1 = "INSERT INTO STUDENTS VALUES" + 
                      "('BOB','DAVI', {d '2001-12-16'})"; 
        statement.execute(sql1); 
    } 
    catch (Exception e) 
    { 
         
    } 
}

Fixed Code Sample

public void remediation() { 
    try 
    { 
        Statement statement = connection.createStatement(); 
        String sql1 = "INSERT INTO STUDENTS VALUES" + 
                      "('BOB','DAVI', {d '2001-12-16'})"; 
        statement.execute(sql1); 
    } 
    catch (Exception e) 
    { 
        logger.error("SQL error", e); 
    } 
}

ASCSM 1.0, Automated Source Code Security Measure, Object Management Group.