SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 115

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Rules

Content by Label
showLabelsfalse
max99
spacescom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
showSpacefalse
sorttitle
cqllabel = "fio" and label = "rule" and label != "void" and space = currentSpace()
labels+fio, +rule, -void

Guidelines

FIO00-J. Defensively copy mutable inputs and mutable internal components

FIO01-J. Do not expose buffers created using the wrap() or duplicate() methods to untrusted code

FIO02-J. Keep track of bytes read and account for character encoding while reading data

FIO03-J. Specify the character encoding while performing file or network IO

FIO04-J. Canonicalize path names before validating

FIO05-J. Do not create multiple buffered wrappers on an InputStream

FIO06-J. Ensure all resources are properly closed when they are no longer needed

FIO07-J. Do not create temporary files in shared directories

FIO08-J. Do not log sensitive information

FIO09-J. Exclude user input from format strings

FIO10-J. Do not let Runtime.exec() fail or block indefinitely

FIO11-J. Do not attempt to read raw binary data as character data

Risk Assessment Summary

Recommendations

Guideline Rule

Severity

Likelihood

Detectable

Repairable Remediation Cost

Priority

Level

FIO00-JMedium medium Unlikely probable No high No

P4 P2

L3

FIO01-JMedium medium Probable likely No low No

P18 P4

L1 L3

FIO02-JMediumProbable low unlikely Yes medium Yes

P2 P12

L3 L1

FIO03-JMedium low Probable unlikely No medium No

P2 P4

L3

FIO04-JLow medium Probable unlikely Yes medium No

P4

L3

FIO05-JMedium low Likely unlikely No medium No

P2 P6

L3 L2

FIO06-JLowUnlikely low probable No medium No

P4 P1

L3

FIO07-JLowProbable high probable Yes medium No

P12 P4

L1 L3

FIO08-JHighProbable medium probable Yes high Yes

P4 P18

L3 L1

FIO09-JLow medium Unlikely unlikely No medium Yes

P4 P2

L3

FIO10-JLowUnlikelyNoNo

P1

L3

FIO12-JLowUnlikelyNoNo

P1

L3

FIO13-JMediumProbableNoNo

low

probable

medium

P4

L3

FIO14-JMediumLikelyNoNo

P6

L2

FIO16-JMediumUnlikelyNoNo

P2

L3


...

Image Added Image Added Image AddedOBJ15-J. Ensure that keys used in comparison operations cannot be changed      The CERT Oracle Secure Coding Standard for Java      FIO00-J. Defensively copy mutable inputs and mutable internal components