Guidelines
OBJ00-J. Declare data members private
OBJ01-J. Understand how a superclass can affect a subclass
OBJ02-J. Avoid using finalizers
OBJ01-J. Be aware that a final reference may not always refer to immutable data
OBJ04-J. Encapsulate the absence of an object by using a Null Object
OBJ05-J. Write garbage collection friendly code
OBJ02-J. Do not ignore return values of methods that operate on immutable objects
OBJ31-J. Do not use public static non-final variables
OBJ32-J. Do not allow partially initialized objects to be accessed
OBJ33-J. Limit the extensibility of non-final classes and methods to only trusted subclasses
OBJ34-J. Compare classes and not class names
OBJ35-J. Use checked collections against external code
OBJ37-J. Defensively copy private mutable class members before returning their references
OBJ38-J. Immutable classes must prohibit extension
Risk Assessment Summary
Recommendations
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
OBJ00- J |
medium |
likely |
medium |
P12 |
L1 |
OBJ01- J |
medium |
probable |
high |
P4 |
L3 |
OBJ02- J |
medium |
probable |
medium |
P8 |
L2 |
OBJ03- J |
low |
probable |
medium |
P4 |
L3 |
OBJ04- J |
low |
probable |
high |
P2 |
L3 |
OBJ05- J |
low |
likely |
high |
P3 |
L3 |
Rules
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
OBJ30- J |
low |
unlikely |
medium |
P2 |
L3 |
OBJ31- J |
medium |
probable |
medium |
P8 |
L2 |
OBJ32- J |
high |
probable |
medium |
P12 |
L1 |
OBJ33- J |
medium |
likely |
medium |
P12 |
L1 |
OBJ34- J |
medium |
unlikely |
low |
P6 |
L2 |
OBJ35- J |
low |
probable |
medium |
P4 |
L3 |
OBJ36- J |
low |
likely |
medium |
P6 |
L2 |
OBJ37- J |
high |
probable |
medium |
P12 |
L1 |
OBJ38- J |
medium |
probable |
low |
P12 |
L1 |
FLP08-J. Avoid using decimal literals in BigDecimal constructor The CERT Sun Microsystems Secure Coding Standard for Java OBJ00-J. Declare data members private