SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 7

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

...

Leaving extra entry points into production code could allow an attacker to gain special access to the program.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

ENV06-J

High

Probable

Low

No

No

P18

P6

L1

L2

Automated Detection

This rule is not amenable to automated static analysis.

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

JAVA.DEBUG.CEDF
JAVA.DEBUG.MEDF

Class enables debug features
Method enables debug features

Klocwork

Include Page
Klocwork_V
Klocwork_V

JAVA.DEBUG.ENTRY
SonarQube
Include Page
SonarQube_V
SonarQube_V
S2653Detects main in Servlets and EJBs


Bibliography

[Hewlett-Packard 2015]

J2EE Bad Practices: Leftover Debug Code

...


...

Image Modified Image Modified Image Modified