SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 122

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user Hiromi Kinoshita

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: removed redundant closing parenthesis

...

Code Block
bgColor#ccccff
public String sanitizeUser(String username) {
  return Pattern.matches("[A-Za-z0-9_]+", username)) 
      ? username : "unauthorized user";
}

...

This compliant solution uses a text logger that automatically sanitizes its input. A sanitized logger saves the developer from having to worry about unsanitized log messages. 


Code Block
bgColor#ccccff
Logger sanLogger = new SanitizedTextLogger(logger);

if (loginSuccessful) {
  sanLogger.severe("User login succeeded for: " + username);
} else {
  sanLogger.severe("User login failed for: " + username);
}

...

Allowing unvalidated user input to be logged can result in forging of log entries, leaking secure information, or storing sensitive data in a manner that violates a local law or regulation.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

IDS03-J

Medium

Probable

Medium

No

No

P8

P4

L2

L3

Automated Detection

ToolVersionCheckerDescription
The Checker Framework

Include Page
The Checker Framework_V
The Checker Framework_V

Tainting CheckerTrust and security errors (see Chapter 8)
CodeSonar
Include Page
CodeSonar_V
Fortify 
CodeSonar_V

JAVA.IO.TAINT.LOG

Tainted log

Fortify
Log_ForgingImplemented
Klocwork

Include Page
Klocwork_V

 

Klocwork_V

SVLOG_FORGINGImplemented
Parasoft Jtest
Include Page
java:
Parasoft_V
java:
Parasoft_V
BD-SECURITY-
CERT.IDS03.TDLOG
Implemented
Protect against log forging

Related Guidelines

ISO/IEC TR 24772:2013

Injection [RST]

MITRE CWE

CWE-144, Improper neutralization of line delimiters
CWE-150, Improper neutralization of escape, meta, or control sequences
CWE-117, Improper Output Neutralization for Logs 

MITRE CAPEC

CAPEC-93, Log Injection-Tampering-Forging

Bibliography

[API 2006]

Java Platform, Standard Edition 6 API Specification

[OWASP 2008]

 

[Seacord 2015]
Image result for video iconImage Modified IDS03-J. Do not log unsanitized user input LiveLesson

 


...

IDS02-J. Canonicalize path names before validating them Image Added