Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

02. Declarations and Initialization (DCL)

Created by Fred Long, last modified on Aug 12, 2009

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Recommendations

DCL00-J. Use visually distinct identifiers

DCL01-J. Use 'L', not 'l', to indicate a long value

DCL02-J. Do not overload variable argument methods

DCL03-J. Use meaningful symbolic constants to represent literal values in program logic

DCL04-J. Do not declare more than one variable per declaration

DCL05-J. Properly encode relationships in constant definitions

DCL06-J. Beware of integer literals beginning with '0'

DCL07-J. Ensure failure atomicity by declaring class and instance variables final and initializing immediately

DCL08-J. Enforce compile-time type checking of variable argument types

DCL09-J. Prefer eager initialization

Rules

DCL30-J. Do not attempt to assign to the loop variable in an enhanced for loop

DCL31-J. Qualify mathematical constants with the static and final modifiers

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
DCL00-J	low	unlikely	high	P1	L3
DCL01-J	low	unlikely	low	P3	L3
DCL02-J	low	unlikely	low	P3	L3
DCL03-J	low	unlikely	high	P1	L3
DCL04-J	low	unlikely	low	P3	L3
DCL05-J	low	unlikely	high	P1	L3
DCL06-J	low	unlikely	low	P3	L3

Rules

SEC35-J. Do not disable bytecode verification The CERT Sun Microsystems Secure Coding Standard for Java DCL00-J. Use visually distinct identifiers

No labels