Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 63

changes.mady.by.user Dhruv Mohindra

Saved on Sep 16, 2009

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on Aug 07, 2025

Key

This line was added.
This line was removed.
Formatting was changed.

Rules

Content by Label

showLabels	false
max	99
spaces	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
showSpace	false
sort	title
cql	label = "lck" and label = "rule" and space = currentSpace()
labels	+lck +rule

Risk Assessment Summary

Rule	Severity	Likelihood	Detectable	Repairable	Priority	Level
LCK00-J	Low	Probable	No	No	P2	L3
LCK01-J	Medium	Probable	Yes	No	P8	L2
LCK02-J	Medium	Probable	Yes	No	P8	L2
LCK03-J	Medium	Probable	Yes	No	P8	L2
LCK04-J	Low	Probable	Yes	No	P4	L3
LCK05-J	Low	Probable	No	No	P2	L3
LCK06-J	Medium	Probable	Yes	No	P8	L2
LCK07-J	Low	Likely	No	No	P3	L3
LCK08-J	Low	Likely	Yes	Yes	P9	L2
LCK09-J	Low	Probable	No	No	P2	L3
LCK10-J	Low	Probable	Yes	No	P4	L3
LCK11-J	Low	Probable	No	No	P2	L3

...

Image Added Image Added Image Added

Recommendations

CON00-J. Do not invoke a superclass method or constructor from a synchronized region in the subclass

CON01-J. Avoid using ThreadGroup APIs

CON02-J. Facilitate thread reuse by using Thread Pools

CON03-J. Do not assume that elements of an array declared volatile are volatile

CON04-J. Do not call overridable methods from synchronized regions

CON05-J. Use a unique channel to acquire locks on any file

CON06-J. Do not subclass Thread if you can use a Runnable instead

Rules

CON30-J. Synchronize access to shared mutable variables

CON31-J. Always invoke the wait() method inside a loop

CON32-J. Use notifyAll() instead of notify() to resume waiting threads

CON33-J. Address the shortcomings of the Singleton design pattern

CON34-J. Avoid deadlock by requesting locks in the proper order

CON35-J. Do not try to force thread shutdown

CON36-J. Always synchronize on the appropriate object

CON37-J. Never apply a lock to methods making network calls

CON38-J. Ensure atomicity of thread-safe code

CON39-J. Ensure atomicity of 64-bit operations

CON40-J. Do not let the "this" reference escape during object construction

CON41-J. Do not use file locks for arbitrating file access at the thread level

CON42-J. Ensure locks are released on error conditions

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
CON00- J	low	likely	high	P3	L3
CON01- J	low	probable	low	P6	L2
CON02- J	low	probable	high	P2	L3
CON03- J	low	probable	medium	P4	L3

Rules

Rules	Severity	Likelihood	Remediation Cost	Priority	Level
CON30- J	medium	probable	medium	P8	L2
CON31- J	low	unlikely	medium	P2	L3
CON32- J	low	unlikely	medium	P2	L3
CON33- J	low	unlikely	medium	P2	L3
CON34- J	low	likely	high	P3	L3
CON35- J	low	probable	medium	P4	L3
CON36- J	medium	probable	medium	P8	L2
CON37- J	low	probable	high	P2	L3
CON38- J	low	probable	medium	P4	L3
CON39- J	low	probable	medium	P4	L3
CON40-J	medium	probable	high	P4	L3

FIO36-J. Do not create multiple buffered wrappers on an InputStream The CERT Sun Microsystems Secure Coding Standard for Java CON00-J. Do not invoke a superclass method or constructor from a synchronized region in the subclass