a question about stand-alone Java applications that do not have a background DB.

In our Uni class we were asked to build a very small application using JOptionPane methods such as "showInputDialog". The application asks for users name and birthdate and at the end displays a summary of these to the user. The values entered by the user is fed to a variable of type String.

After building this tiny app I am wondering if there is a way to feed it any characters that would cause it to crash. It does not seem to react to much of any "non-standard" input (such as entries starting with \n, \d, or unprintable characters from the ASCII table) but faithfully returns it all to the user.

So for this type of Java applications (which cannot suffer from SQL query related issues since they do not have a DB), is there any reason to do input validation? Does Java actually suffer from any input vulnerabilities like those in C?

Best regards,


Edited by jjoensuu

5 Years
Discussion Span
Last Post by JamesCherrill

It depends on what you mean by validation. Correctly formatted email address. A name (no digits) A number(no letters)


I don't know of any way to make an application "crash" by entering stuff into a dialog, but things like invalid dates can cause an Exception to be thrown when you try to parse them- and if you don't catch and handle that properly your program will terminate.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.