SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 90

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 91

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Sound automated detection of this vulnerability is not feasible in the general case. Heuristic approaches may be useful.

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="45e5e390-bbd3-4e91-b883-9fdc073b4b2a"><ac:plain-text-body><![CDATA[

[ [API 2006AA. References#API 06]]

[Method read

http://java.sun.com/javase/6/docs/api/java/io/InputStream.html#read()]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6e2d9bd9-8bae-4d61-bdee-e6d8dc4d3dbf"><ac:plain-text-body><![CDATA[

[ [API 2006AA. References#API 06]]

[Class BufferedInputStreamhttp://java.sun.com/javase/6/docs/api/java/io/BufferedInputStream.html] ]]></ac:plain-text-body></ac:structured-macro>

...

FIO05-J. Do not expose buffers created using the wrap() or duplicate() methods to untrusted code      12. Input Output (FIO)