Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 139

changes.mady.by.user Pennie Walters

Saved on Nov 19, 2009

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on Aug 07, 2025

Key

This line was added.
This line was removed.
Formatting was changed.

Rules

Content by Label

showLabels	false
max	99
spaces	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
showSpace	false
sort	title
cql	label = "msc" and label = "rule" and label != "void" and space = currentSpace()
labels	+msc,-void, +rule

Risk Assessment Summary

Rule	Severity	Likelihood	Detectable	Repairable

Recommendations

MSC00-J. Eliminate class initialization cycles

MSC01-J. Avoid memory leaks

MSC02-J. Avoid cyclic dependencies between packages

MSC03-J. Prefer using Iterators over Enumerations

MSC04-J. Carefully design interfaces before releasing them

MSC05-J. Do not mix generic with non-generic raw types in new code

MSC06-J. Finish every set of statements associated with a case label with a break statement

MSC07-J. Do not assume infinite heap space

MSC08-J. Limit the lifetime of sensitive data

MSC09-J. Do not use insecure or weak cryptographic algorithms

MSC10-J. Detect and remove dead code

Rules

MSC30-J. Generate truly random numbers

MSC31-J. Never hardcode sensitive information

MSC32-J. Make sensitive classes noncloneable

MSC33-J. Do not modify the underlying collection when an iteration is in progress

MSC34-J. Reserved (sent to the VOID)

MSC35-J. Do not use Object.equals() to compare cryptographic keys

MSC36-J. Use numerical comparison operators to terminate a loop whose counter changes by more than one

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
MSC00-J	Medium	low Likely	unlikely No	medium No	P2 P6	L3 L2
MSC01-J	Low	low Unlikely	unlikely Yes	high Yes	P1 P3	L3
MSC02-J	High	Probable low	probable No	medium No	P4 P6	L3 L2
MSC03-J	High	low Probable	unlikely No	medium No	P2 P6	L3 L2
MSC04-J	Low	low Unlikely	probable No	high No	P2 P1	L3
MSC05-J	Low	low Probable	probable No	medium No	P4 P2	L3
MSC06-J	medium Low	unlikely Probable	low No	P6	L2	MSC07- J	low	probable	medium	No	P2 P4	L3 MSC08
MSC07-J	medium Low	likely Unlikely	medium Yes	P12	L1
MSC09- J	medium	probable	medium	P8	L2

Rules

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
MSC30- J	high	probable	medium	P12	L1
MSC31- J	high	probable	medium	P12	L1
MSC32- J	medium	probable	medium	P8	L2
MSC33- J	low	probable	medium	P4	L3
MSC35- J	high	unlikely	low	P9	L2
MSC36-J	low	unlikely	low	P1	L3

No

P2

L3

...

Image Added Image Added Image Added SER11-J. Do not invoke overridable methods from the readObject method The CERT Sun Microsystems Secure Coding Standard for Java MSC00-J. Eliminate class initialization cycles