Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
SEI CERT Oracle Coding Standard for Java
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
SEI CERT Oracle Coding Standard for Java
4 Back Matter
Rule or Rec. CC. Analyzers
Klocwork
Page Information
Title:
Klocwork
Author:
Pranjal Jumde
Nov 09, 2012
Last Changed by:
David Svoboda
Aug 13, 2025
Tiny Link:
(useful for email)
https://wiki.sei.cmu.edu/confluence/x/5zZGBQ
Export As:
Word
·
PDF
Incoming Links
SEI CERT Oracle Coding Standard for Java (45)
Page:
IDS00-J. Prevent SQL injection
Page:
THI01-J. Do not invoke ThreadGroup methods
Page:
IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method
Page:
THI03-J. Always invoke wait() and await() methods inside a loop
Page:
DCL02-J. Do not modify the collection's elements during an enhanced for statement
Page:
VNA00-J. Ensure visibility when accessing shared primitive variables
Page:
OBJ05-J. Do not return references to private mutable class members
Page:
JNI00-J. Define wrappers around native methods
Page:
OBJ09-J. Compare classes and not class names
Page:
ERR07-J. Do not throw RuntimeException, Exception, or Throwable
Page:
SER05-J. Do not serialize instances of inner classes
Page:
ERR09-J. Do not allow untrusted code to terminate the JVM
Page:
IDS16-J. Prevent XML Injection
Page:
EXP01-J. Do not use a null in a case where an object is required
Page:
VNA02-J. Ensure that compound operations on shared variables are atomic
Page:
LCK10-J. Use a correct form of the double-checked locking idiom
Page:
VNA01-J. Ensure visibility of shared references to immutable objects
Page:
NUM09-J. Do not use floating-point variables as loop counters
Page:
THI00-J. Do not invoke Thread.run()
Page:
IDS01-J. Normalize strings before validating them
Page:
IDS17-J. Prevent XML External Entity Attacks
Page:
OBJ10-J. Do not use public static nonfinal fields
Page:
ERR01-J. Do not allow exceptions to expose sensitive information
Page:
NUM00-J. Detect or prevent integer overflow
Page:
NUM07-J. Do not attempt comparisons with NaN
Page:
LCK05-J. Synchronize access to static fields that can be modified by untrusted code
Page:
NUM10-J. Do not construct BigDecimal objects from floating-point literals
Page:
ERR04-J. Do not complete abruptly from a finally block
Page:
MET09-J. Classes that define an equals() method must also define a hashCode() method
Page:
OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
Page:
ERR05-J. Do not let checked exceptions escape from a finally block
Page:
LCK09-J. Do not perform operations that can block while holding a lock
Page:
EXP02-J. Do not use the Object.equals() method to compare two arrays
Page:
ERR03-J. Restore prior object state on method failure
Page:
ENV06-J. Production code must not contain debugging entry points
Page:
IDS06-J. Exclude unsanitized user input from format strings
Page:
ERR08-J. Do not catch NullPointerException or any of its ancestors
Page:
MSC01-J. Do not use an empty infinite loop
Page:
OBJ01-J. Limit accessibility of fields
Page:
OBJ11-J. Be wary of letting constructors throw exceptions
Page:
EXP03-J. Do not use the equality operators when comparing values of boxed primitives
Page:
MET01-J. Never use assertions to validate method arguments
Page:
MET12-J. Do not use finalizers
Page:
IDS03-J. Do not log unsanitized user input
Page:
EXP00-J. Do not ignore values returned by methods
Hierarchy
Parent Page
Page:
Rule or Rec. CC. Analyzers
Labels
Global Labels (1)
analyzer
Recent Changes
Time
Editor
Aug 13, 2025 05:44
David Svoboda
View Changes
Aug 06, 2025 17:37
David Svoboda
View Changes
Aug 06, 2025 17:27
David Svoboda
View Changes
Jul 24, 2025 13:34
David Svoboda
View Changes
Jun 11, 2025 10:15
David Svoboda
View Page History
Outgoing Links
External Links (45)
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
SEI CERT Oracle Coding Standard for Java (1)
Page:
Klocwork_V
Overview
Content Tools
{"serverDuration": 99, "requestCorrelationId": "de0919bca2d59e13"}
