SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 80

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 81

changes.mady.by.user Brendan Saulsbury

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ee07ce3c4589e6c6-a06dee5f-4f334b79-84b7a697-ef20621b7bc44cb7057877b7"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID 502

http://cwe.mitre.org/data/definitions/502.html] "Deserialization of Untrusted Data"

]]></ac:plain-text-body></ac:structured-macro>

 

CWE ID 499 "Serializable Class Containing Sensitive Data"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a309eb666e5312a7-649e6852-451842cd-89358397-33a5161d2c96c1965ff69441"><ac:plain-text-body><![CDATA[

[[Bloch 2005

AA. Bibliography#Bloch 05]]

Puzzle 83: Dyslexic Monotheism

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="355e940bc672af67-13241b57-4d334024-9c27a427-c7256059b2292d2875e6ea60"><ac:plain-text-body><![CDATA[

[[Bloch 2001

AA. Bibliography#Bloch 01]]

Item 1: Enforce the singleton property with a private constructor

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b7cfb85ec9e85bbb-f6aa93de-497a4cf8-adc6bdfe-0d2ef355c6a8d146d57855f4"><ac:plain-text-body><![CDATA[

[[Greanier 2000

AA. Bibliography#Greanier 00]]

[Discover the secrets of the Java Serialization API

http://java.sun.com/developer/technicalArticles/Programming/serialization/]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2b64a14e0920e3aa-f321e67d-43b847a4-868fa5c4-330e4730600a28695d1788ac"><ac:plain-text-body><![CDATA[

[[Harold 1999

AA. Bibliography#Harold 99]]

 

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4db015f8580bd3f8-bf6d4a34-413e4f91-b825b101-455900ba6ee0d6e07d945b90"><ac:plain-text-body><![CDATA[

[[JLS 2005

AA. Bibliography#JLS 05]]

[Transient modifier

http://java.sun.com/docs/books/jls/third_edition/html/classes.html#37020]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="20eb3b8cc0385ed0-62d72304-473c462d-969e991a-9ad19e7a59b9a09665bd6282"><ac:plain-text-body><![CDATA[

[[Long 2005

AA. Bibliography#Long 05]]

Section 2.4, Serialization

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="825d9d89e5249c50-95f54208-4d274081-a7c8b982-11f681546e77885e8dedeb21"><ac:plain-text-body><![CDATA[

[[SCG 20072009

AA. Bibliography#SCG 0709]]

Guideline 5-1 2 Guard sensitive data during serialization

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b8549509fc7c9c5d-3ca5fea0-48f940dd-8a3cbed3-14a95c8f378251fa472b4400"><ac:plain-text-body><![CDATA[

[[Sun 2006

AA. Bibliography#Sun 06]]

"Serialization specification: A.4 Preventing Serialization of Sensitive Data"

]]></ac:plain-text-body></ac:structured-macro>

...