SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 90

changes.mady.by.user Michal Rozenau

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

...

Failure to restore prior object state on method failure can leave the object in an inconsistent state and can violate required state invariants.

Rule

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

ERR03-J

Low

Probable

No

NoHigh

P2

L3

Automated Detection

ToolVersionCheckerDescription
Klocwork

Include Page
Klocwork_V
Klocwork_V

SV.HTTP_SPLIT
SV.SSRF.URI
Parasoft Jtest

Include Page
Parasoft_V
Parasoft_V

CERT.ERR03.REVOBJRestore prior object state on method failure

Related Vulnerabilities

CVE-2008-0002 describes a vulnerability in several versions of Apache Tomcat. If an exception occurs during parameter processing, the program can be left in the context of the wrong request, which might allow remote attackers to obtain sensitive information. An exception can be triggered by disconnecting from Tomcat during this processing.

...