...
Exposing the lock object to untrusted code can result in DoS.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
LCK00-J | low | probable | No | Nomedium | P4P2 | L3 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| The Checker Framework |
| Lock Checker | Concurrency and lock errors (see Chapter 6) | ||||||
| CodeSonar |
| JAVA.CONCURRENCY.LOCK.ISTR | Synchronization on Interned String (Java) | ||||||
| Parasoft Jtest |
| CERT.LCK00.SOPF | Do not synchronize on "public" fields since doing so may cause deadlocks | ||||||
| SonarQube |
| S2445 |
...