SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 94

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

...

Failure to verify a digital signature, whether manually or programmatically, can result in the execution of malicious code.

Rule

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

SEC06-J

High

Probable

No

Medium

No

P12

P6

L1

L2

Automated Detection

Automated detection is not feasible in the fully general case. However, an approach similar to Design Fragments [Fairbanks 2007] could assist both programmers and static analysis tools.

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

JAVA.IO.INJ.ANDROID.MESSAGE
JAVA.IO.TAINT.MESSAGE

Android Message Injection (Java)
Tainted Message (Java)

Related Guidelines

ISO/IEC TR 24772:2010

Improperly Verified Signature [XZR]

MITRE CWE

CWE-300, Channel Accessible by Non-endpoint (aka "Man-in-the-Middle")
CWE-319, Cleartext Transmission of Sensitive Information
CWE-347, Improper Verification of Cryptographic Signature
CWE-494, Download of Code without Integrity Check

Bibliography

[API 2014]

 


[Bea 2008]

 


[Eclipse 2008]

JAR Signing
Signed Bundles and Protecting against Malicious Code

[Fairbanks 2007]

 


[Flanagan 2005]

Chapter 24, "The java.util.jar Package"

[Gong 2003]

Section 12.8.3, "jarsigner"

[Halloway 2001]

 


[JarSpec 2008]

Signature Validation

[Java Tutorials]

The JarRunner Class
Lesson: API and Tools Use for Secure Code and File Exchanges
Verifying Signed JAR Files

[Muchow 2001]
 

[Oaks 2001]

Chapter 12, "Digital Signatures, Signed Classes"

...


...

Image Modified Image Modified Image Modified