...
Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
SER10-J | Low | Unlikely | No | No | P1 | L3 |
Automated Detection
Detecting code that should be considered privileged or sensitive requires programmer assistance. Given identified privileged code as a starting point, automated tools could compute the closure of all code that can be invoked from that point. Such a tool could plausibly determine whether all code in that closure exists within a single package. A further check of whether the package is sealed is feasible.
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| JAVA.ALLOC.LEAK.NOTSTORED | Closeable not stored | ||||||
| Security Reviewer - Static Reviewer |
| SerializationNET | Full Implementation |
Related Guidelines
CWE-400, Uncontrolled Resource Consumption (aka "Resource Exhaustion") |
...