Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

03. Declarations and Initialization (DCL)

Created by Fred Long, last modified by Ankur Goyal on Nov 30, 2009

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Guidelines

DCL00-J. Use visually distinct identifiers

DCL01-J. Do not declare more than one variable per declaration

DCL02-J. Use meaningful symbolic constants to represent literal values in program logic

DCL03-J. Properly encode relationships in constant definitions

DCL04-J. Qualify mathematical constants with the static and final modifiers

DCL05-J. Do not attempt to assign to the loop variable in an enhanced for loop

DCL06-J. Use 'L', not 'l', to indicate a long value

DCL07-J. Beware of integer literals beginning with '0'

DCL08-J. Do not overload variable argument methods

DCL09-J. Enforce compile-time type checking of variable argument types

DCL10-J. Ensure failure atomicity by declaring class and instance variables final and initializing immediately

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
DCL00- J	low	unlikely	high	P1	L3
DCL01- J	low	unlikely	low	P3	L3
DCL02- J	low	unlikely	medium	P2	L3
DCL03- J	low	unlikely	high	P1	L3
DCL04- J	low	unlikely	low	P3	L3
DCL05- J	low	unlikely	high	P1	L3
DCL06- J	low	unlikely	low	P3	L3
DCL07- J	low	probable	medium	P4	L3
DCL08- J	low	unlikely	medium	P2	L3

Rules

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
DCL30- J	low	unlikely	low	P3	L3
DCL31- J	low	probable	high	P2	L3

SEC08-J. Enforce security checks in code that performs sensitive operations The CERT Sun Microsystems Secure Coding Standard for Java DCL00-J. Use visually distinct identifiers

No labels