SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Title: IDS08-J. Sanitize untrusted data included in a regular expression  
Author: Joman Chu Mar 04, 2010
Last Changed by: David Svoboda Aug 06, 2025
Tiny Link: (useful for email) https://wiki.sei.cmu.edu/confluence/x/fzdGBQ
Export As: Word · PDF  
Incoming Links
SEI CERT Oracle Coding Standard for Java (1)
    Page: IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method
Hierarchy
Parent Page
    Page: Rule 00. Input Validation and Data Sanitization (IDS)
Labels
Global Labels (6)
Recent Changes
Time Editor  
Aug 06, 2025 10:09 Amy Gale View Changes
REM cost reform
Mar 10, 2025 21:44 Amy Gale View Changes
Localize CodeSonar crossreferences to Java scope
Dec 17, 2024 10:26 David Svoboda View Changes
Aug 06, 2021 08:59 Jon O'Donnell View Changes
Dec 19, 2018 10:53 Alexandre GIGLEUX  
Outgoing Links
External Links (8)
    cwe.mitre.org/
    https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
    https://www.safaribooksonline.com/library/view/secure-codin…
    https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
    https://rules.sonarsource.com/java/RSPEC-2631
    java.sun.com/docs/books/tutorial/essential/regex/index.html
    cwe.mitre.org/data/definitions/625.html
    cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1949
SEI CERT Oracle Coding Standard for Java (10)     Page: Rule BB. Glossary
    Page: The Checker Framework_V
    Page: Rule AA. References
    Page: CodeSonar_V
    Page: SonarQube
    Home page: SEI CERT Oracle Coding Standard for Java
    Page: The Checker Framework
    Page: SonarQube_V
    Page: VOID IDS09-J. Specify an appropriate locale when comparing locale-dependent data
    Page: CodeSonar