SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 130

changes.mady.by.user Amy Gale

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

...

Failure to explicitly release nonmemory system resources when they are no longer needed can result in resource exhaustion.

Rule

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

FIO04-J

Low

Probable

Yes

MediumNo

P4

L3

Automated Detection

Although sound automated detection of this vulnerability is not feasible in the general case, many interesting cases can be soundly detected.

...

Tool
Version
Checker
Description
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

JAVA.ALLOC.LEAK.NOTCLOSED
JAVA.ALLOC.LEAK.NOTSTORED

Closeable not closed
Closeable not stored

Coverity7.5

ITERATOR
JDBC_CONNECTION
RESOURCE_LEAK

Implemented
Parasoft Jtest
Include Page
Parasoft_V
Parasoft_V
CERT.FIO04.LEAKS
CERT.FIO04.CIO
CERT.FIO04.CCR		Ensure resources are deallocated
Close input and output resources in "finally" blocks
Close all "java.io.Closeable" resources in a "finally" block
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V6127
SonarQube
Include Page
SonarQube_V
SonarQube_V
S2095Implemented

Related Guidelines

SEI CERT C Coding Standard

FIO22-C. Close files before spawning processes

SEI CERT C++ Coding Standard

FIO51-CPP. Close files when they are no longer needed

MITRE CWE

CWE-404, Improper Resource Shutdown or Release
CWE-405, Asymmetric Resource Consumption (Amplification)
CWE-459, Incomplete Cleanup
CWE-770, Allocation of Resources without Limits or Throttling

...