 
                            ...
Failure to define wrappers around native methods can allow unprivileged callers to invoke them and exploit inherent vulnerabilities such as buffer overflows in native libraries.
| Rule | Severity | Likelihood | Remediation Cost | Priority | Level | 
|---|---|---|---|---|---|
| JNI00-J | Medium | Probable | High | P4 | L3 | 
Automated Detection
Automated detection is not feasible in the fully general case. However, an approach similar to Design Fragments [Fairbanks 2007] could assist both programmers and static analysis tools.
| Tool | Version | Checker | Description | 
|---|---|---|---|
| Parasoft Jtest | 
 | 
| 
 | 
| 
 | SECURITY.IBA.NATIW | 
| Use wrapper methods to secure native methods | 
Related Guidelines
| CWE-111, Direct Use of Unsafe JNI | |
| Guideline 5-3 / INPUT-3: Define wrappers around native methods | 
Bibliography
...
...