Use structured exception handling
Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen
Use structured exception handling and catch exception conditions. Do not rely on function return codes to perform all error handling. The classic approach for error handling has been to use the codes that functions return in order to evaluate the success or
failure of certain operations. It is easy to forget to check a return code, and, as a result, your code will fail to an insecure mode.
In C#, you can use the try / catch and finally construct to implement the structured exception handling. You can protect code by placing it inside try blocks, and implement catch blocks to log and process exceptions. Also, use the finally construct to ensure
that critical system resources such as connections are closed, whether an exception condition occurs or not.