Page History

...

This noncompliant code example defines an isName() method that takes a String argument and returns true if the given string is a valid name. A valid name is defined as two capitalized words separated by one or more spaces.

Code Block

bgColor	#FFcccc

public boolean isName(String s) {
  String names[] = s.split(" ");
  if (names.length != 2) {
    return false;
  }
  return (isCapitalized(names[0]) && isCapitalized(names[1]));
}

...

This compliant solution demonstrates that the context in which code appears can impact its compliance. This example includes the same isName method as above, but this time as part of a more general method that tests string arguments. The isName() method is also now marked private.

Code Block

bgColor	#FFcccc

public class Foo {
  private boolean isName(String s) {
    String names[] = s.split(" ");
    if (names.length != 2) {
      return false;
    }
    return (isCapitalized(names[0]) && isCapitalized(names[1]));
  }

  public boolean testString(String s) {
    if (s == null) return false;
    else return isName(s);
  }
}

...

CERT C Secure Coding Standard	EXP34-C. Do not dereference null pointers
CERT C++ Secure Coding Standard	EXP34-CPP. Ensure a null pointer is not dereferenced
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="27fc2d88c7cda1fc-e93236fa-42b74552-8fc0956c-bc7546ca1bf028852788ddf9"><ac:plain-text-body><![CDATA[	[ISO/IEC TR 24772:2010	http://www.aitcnet.org/isai/]	Null Pointer Dereference [XYH]	]]></ac:plain-text-body></ac:structured-macro>
MITRE CWE	CWE-476. NULL pointer dereference

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="44ca81150a18fb6d-142a94b5-4fec475b-bb2fac70-aa2c774f093c8ee473b2653a"><ac:plain-text-body><![CDATA[	[[API 2006	AA. References#API 06]]	[Method `doPrivileged()`	http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)]	]]></ac:plain-text-body></ac:structured-macro>
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b9aeabda00e37472-2efe712b-41a34b57-81479079-a17cadcad1a68d5d1668ecdc"><ac:plain-text-body><![CDATA[	[[Hovemeyer 2007	AA. References#Hovemeyer 07]]		]]></ac:plain-text-body></ac:structured-macro>
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9046db2174173fa1-f0e9ceed-49a54611-9b989fc4-b0ef8bb063ed49d4c3abdd25"><ac:plain-text-body><![CDATA[	[[Reasoning 2003	AA. References#Reasoning 03]]	Defect ID 00-0001	]]></ac:plain-text-body></ac:structured-macro>
	Null Pointer Dereference
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="610d54ca59bef838-37aa1245-481e4689-af55afdf-ba96388a3c2d2361d19999f7"><ac:plain-text-body><![CDATA[	[[SDN 2008	AA. References#SDN 08]]	[Bug ID 6514454	http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6514454]	]]></ac:plain-text-body></ac:structured-macro>

...

Space shortcuts

Page tree

Versions Compared

Old Version 84

New Version 85

Key