Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
SEI CERT Oracle Coding Standard for Java
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
SEI CERT Oracle Coding Standard for Java
2 Rules
Rule 13. Input Output (FIO)
Page Information
Title:
Rule 13. Input Output (FIO)
Author:
Fred Long
Sep 13, 2007
Last Changed by:
David Svoboda
Mar 15, 2022
Tiny Link:
(useful for email)
https://wiki.sei.cmu.edu/confluence/x/LTdGBQ
Export As:
Word
·
PDF
Incoming Links
SEI CERT Oracle Coding Standard for Java (10)
Page:
FIO01-J. Create files with appropriate access permissions
Page:
FIO00-J. Do not operate on files in shared directories
Page:
FIO13-J. Do not log sensitive information outside a trust boundary
Page:
FIO16-J. Canonicalize path names before validating them
Page:
FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code
Page:
FIO07-J. Do not let external processes block on IO buffers
Page:
TSM03-J. Do not publish partially initialized objects
Page:
FIO03-J. Remove temporary files before termination
Page:
FIO02-J. Detect and handle file-related errors
Page:
FIO12-J. Provide methods to read and write little-endian data
Hierarchy
Parent Page
Page:
2 Rules
Children (17)
Page:
FIO00-J. Do not operate on files in shared directories
Page:
FIO01-J. Create files with appropriate access permissions
Page:
FIO02-J. Detect and handle file-related errors
Page:
FIO03-J. Remove temporary files before termination
Page:
FIO04-J. Release resources when they are no longer needed
Page:
FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code
Page:
FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream
Page:
FIO07-J. Do not let external processes block on IO buffers
Page:
FIO08-J. Distinguish between characters or bytes read from a stream and -1
Page:
FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255
Show all...
Page:
FIO10-J. Ensure the array is filled when using read() to fill an array
Page:
FIO11-J. Do not convert between strings and bytes without specifying a valid character encoding
Page:
FIO12-J. Provide methods to read and write little-endian data
Page:
FIO13-J. Do not log sensitive information outside a trust boundary
Page:
FIO14-J. Perform proper cleanup at program termination
Page:
FIO15-J. Do not reset a servlet's output stream after committing it
Page:
FIO16-J. Canonicalize path names before validating them
Hide...
Labels
Global Labels (4)
fio038j
fio
rule-list
section
Recent Changes
Time
Editor
Mar 15, 2022 09:46
David Svoboda
View Changes
Mar 11, 2020 12:55
David Svoboda
View Changes
Nov 21, 2018 14:11
Derek Leung
View Changes
Nov 20, 2018 14:34
Derek Leung
View Changes
Nov 20, 2018 13:50
Derek Leung
View Page History
Outgoing Links
External Links (3)
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
SEI CERT Oracle Coding Standard for Java (1)
Home page:
SEI CERT Oracle Coding Standard for Java
Overview
Content Tools
{"serverDuration": 112, "requestCorrelationId": "6dfa109c8568a705"}