Rules
| Content by Label | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Risk Assessment Summary
Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| LCK00-J | Low | Probable | No | No | P2 | L3 |
| LCK01-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK02-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK03-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK04-J | Low | Probable | Yes | No | P4 | L3 |
| LCK05-J | Low | Probable | No | No | P2 | L3 |
| LCK06-J | Medium | Probable | Yes | No | P8 | L2 |
| LCK07-J | Low | Likely | No | No | P3 | L3 |
| LCK08-J | Low | Likely | Yes | Yes | P9 | L2 |
| LCK09-J | Low | Probable | No | No | P2 | L3 |
| LCK10-J | Low | Probable | Yes | No | P4 | L3 |
| LCK11-J | Low | Probable | No | No | P2 | L3 |
...
Recommendations
CON00-J. Use synchronization judiciously
CON01-J. Avoid using ThreadGroup APIs
CON02-J. Facilitate thread reuse by using Thread Pools
Rules
CON30-J. Synchronize access to shared mutable variables
CON31-J. Always invoke the wait() method inside a loop
CON32-J. Prefer notifyAll() to notify()
CON33-J. When using lazy initialization in Singleton, synchronize the getInstance() method
CON34-J. Avoid deadlock by requesting fine-grained locks in the proper order
CON35-J. Do not use the deprecated Thread.stop() method to stop threads
Risk Assessment Summary
Recommendations
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON00-J | low | unlikely | high | P1 | L3 |
Rules
Rules | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON30-J | low | unlikely | medium | P2 | L3 |
CON31-J | low | unlikely | medium | P2 | L3 |
CON32-J | low | unlikely | medium | P2 | L3 |
FIO35-J. Exclude user input from format strings The CERT Sun Microsystems Secure Coding Standard for Java CON00-J. Use synchronization judiciously