Guidelines
EXP00-J. Do not ignore values returned by methods
EXP01-J. Do not compare String objects using equality or relational operators
EXP02-J. Do not use the equals method to compare the contents of arrays
EXP03-J. Do not use the equal and not equal operators to compare boxed primitives
EXP04-J. Be wary of invisible implicit casts when using compound assignment operators
EXP05-J. Be aware of integer promotions in binary operators
EXP06-J. Use parentheses for precedence of operation
EXP07-J. Be aware of the short-circuit behavior of the conditional AND and OR operators
EXP08-J. Understand the evaluation of expressions containing non short-circuit operators
EXP09-J. Do not depend on operator precedence while using expressions containing side-effects
EXP10-J. Avoid side effects in assertions
EXP11-J. Be careful of autoboxing when removing elements from a Collection
EXP12-J. Ensure a null pointer is not dereferenced
EXP13-J. Do not diminish the benefits of constants by assuming their values in expressions
EXP14-J. Use the same type for the second and third operands in conditional expressions
Risk Assessment Summary
Recommendations
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
DCL00- J |
low |
unlikely |
high |
P1 |
L3 |
DCL01- J |
low |
unlikely |
low |
P3 |
L3 |
DCL02- J |
low |
unlikely |
high |
P1 |
L3 |
DCL03- J |
low |
unlikely |
high |
P1 |
L3 |
DCL04- J |
low |
probable |
high |
P2 |
L3 |
DCL05- J |
low |
unlikely |
low |
P3 |
L3 |
DCL06- J |
low |
unlikely |
low |
P3 |
L3 |
DCL07- J |
low |
unlikely |
low |
P3 |
L3 |
DCL08- J |
low |
unlikely |
medium |
P2 |
L3 |
DCL09- J |
low |
unlikely |
medium |
P2 |
L3 |
DCL10- J |
low |
probable |
medium |
P4 |
L3 |
DCL04-J. Qualify mathematical constants with the static and final modifiers The CERT Sun Microsystems Secure Coding Standard for Java EXP14-J. Use the same type for the second and third operands in conditional expressions