SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 57

changes.mady.by.user Fred Long

Saved on

compared with

New Version 58

changes.mady.by.user Dean Sutherland

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Interfaces are used to group together all the methods that a class promises to publicly expose. The implementing classes are obliged to provide concrete implementations for all these methods. Interfaces are a necessary ingredient of the public API and, most public APIs; once released, it can be very hard to fix any flaws without breaking any code that implements the older version. The security-specific repercussions include the following:

  • The interface Interface changes resulting from security fixes can severely impair the contracts of the implementing classes. It is even possible that For example, a security fix introduced in a later version is may be accompanied by modifications to an unrelated interface that must now be implemented by the client. This can prevent the client from implementing the security fix because the new interface may impose additional implementation burden on it.
  • If an insider crafts changes to an interface or someone accidentally makes modifications, most of the client code that implements the interface will break, resulting in denial of service. This is particularly pernicious in distributed Java-based applications.
  • Implementers can provide default or skeletal implementations of interface methods that the clients can directly for their clients to extend; however, such code can adversely affect the behavior of the subclasses. When Conversely, when such default implementations are not providedabsent, the subclasses are forced to must provide dummy implementations. This fosters an environment where comments such as "ignore this code, does nothing," occur incessantly. Such code may never even get tested.
  • If there is a security flaw in a public API, (e.g., ThreadGroups, THI01-J. Do not invoke ThreadGroup methods), it will persist throughout the lifetime of the application.

...

A better design strategy is to anticipate the future evolution of the service. The core functionality should be implemented in the User interface, and ; in this case, only the premium service may be required to extend from it. To make use of the new free service, an existing class may then choose to implement the new interface FreeUser, or it may just completely ignore it.

...