SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 107

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

...

Failure to internally synchronize access to static fields that can be modified by untrusted code risks incorrect synchronization because the author of the untrusted code can inadvertently or maliciously ignore the synchronization policy.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

LCK05-J

Low

Probable

No

Medium

No

P4

P2

L3

Automated Detection

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

JAVA.CONCURRENCY.UG.METH

Unguarded method

Klocwork

Include Page
Klocwork_V
Klocwork_V

SV.SHARED.VAR
Parasoft Jtest
Include Page
java:
Parasoft_V
java:
Parasoft_V
TRS
CERT.LCK05.IASF
Implemented
Inspect accesses to "static" fields which may require synchronization

Related Guidelines

MITRE CWE

CWE-820, Missing Synchronization

Bibliography

[API 2014]

 


[Bloch 2008]

Item 67, "Avoid Excessive Synchronization"

...


...