SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 80

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 81

changes.mady.by.user Todd Nowacki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

CERT C++ Secure Coding Standard

"OOP35-CPP. Do not return references to private data."

MITRE CWE

CWE -ID 375, "Returning a Mutable Object to an Untrusted Caller"

Secure Coding Guidelines, V 2.0

Guideline 2-1 Create a copy of mutable inputs and outputs

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ff43d37e5b7bac04-e8af2e4b-426743d2-bbde9d61-e013cc77d2e2ae60f88f59ee"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[method clone()

http://java.sun.com/javase/6/docs/api/java/lang/Object.html#clone()]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="da782bde89d86638-0ce97dd9-444145d9-b2438e6d-118db3f9512c269337adc6cc"><ac:plain-text-body><![CDATA[

[[Bloch 2008

AA. Bibliography#Bloch 08]]

Item 39: Make defensive copies when needed

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="29a852f60cc803cd-06d7ac27-46ba4110-a871914a-651de16d5e17b3472ffe4677"><ac:plain-text-body><![CDATA[

[[Goetz 2006

AA. Bibliography#Goetz 06]]

3.2. Publication and Escape: Allowing Internal Mutable State to Escape

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3c259d694d0e021c-ec11ed2a-46f24fa0-8067885b-bfa97b79a09b7c9bd70f4632"><ac:plain-text-body><![CDATA[

[[Gong 2003

AA. Bibliography#Gong 03]]

9.4 Private Object State and Object Immutability

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f461a182f1f25542-828e58d9-4e9e4819-8d338669-01a2d5aa4413db878f23d934"><ac:plain-text-body><![CDATA[

[[Haggar 2000

AA. Bibliography#Haggar 00]]

[Practical Java Praxis 64: Use clone for Immutable Objects When Passing or Receiving Object References to Mutable Objects

http://www.informit.com/articles/article.aspx?p=20530]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="eeb4f0869f495ae5-6259de82-416848d2-93f99991-a0d0316848789e5a6c3c2937"><ac:plain-text-body><![CDATA[

[[Security 2006

AA. Bibliography#Security 06]]

 

]]></ac:plain-text-body></ac:structured-macro>

...