Guidelines
MET00-J. Follow good design principles while defining methods
MET01-J. Avoid ambiguous uses of overloading
MET02-J. Validate method parameters
MET03-J. Methods that perform a security check must be declared private or final
MET04-J. Ensure that constructors do not call overridable methods
MET05-J. Do not subject overloaded methods to polymorphic invocations
MET06-J. Do not call overridable methods from a privileged block
MET07-J. Do not invoke overridable methods on the clone under construction
MET08-J. Do not use the clone method to copy untrusted method parameters
MET09-J. Always provide feedback about the resulting value of a method
MET11-J. Understand the difference between overriding and hiding
MET12-J. Ensure objects that are equated are equatable
MET13-J. Ensure that hashCode() is overridden when equals() is overridden
MET14-J. Follow the general contract when implementing the compareTo method
MET15-J. Do not use deprecated or obsolete methods
MET16-J. Ensure that the clone method calls super.clone
Risk Assessment Summary
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
MET00-J |
low |
unlikely |
high |
P1 |
L3 |
MET01-J |
low |
unlikely |
high |
P1 |
L3 |
MET02-J |
medium |
probable |
medium |
P8 |
L2 |
MET03-J |
medium |
probable |
medium |
P8 |
L2 |
MET04-J |
medium |
probable |
medium |
P8 |
L2 |
MET05-J |
low |
unlikely |
high |
P1 |
L3 |
MET06-J |
medium |
unlikely |
medium |
P4 |
L3 |
MET07-J |
medium |
probable |
low |
P12 |
L1 |
MET08-J |
high |
likely |
low |
P27 |
L1 |
MET09-J |
medium |
probable |
medium |
P8 |
L2 |
MET10-J |
low |
unlikely |
high |
P1 |
L3 |
MET11-J |
low |
unlikely |
medium |
P2 |
L3 |
MET12-J |
low |
unlikely |
medium |
P2 |
L3 |
MET13-J |
low |
unlikely |
high |
P1 |
L3 |
MET14-J |
medium |
unlikely |
medium |
P4 |
L3 |
MET15-J |
high |
likely |
medium |
P18 |
L1 |
The CERT Oracle Secure Coding Standard for Java MET00-J. Follow good design principles while defining methods