Guidelines
EXP00-J. Do not ignore values returned by methods
EXP01-J. Do not confuse abstract object equality with reference equality
EXP02-J. Use the two-argument Arrays.equals() method to compare the contents of arrays
EXP03-J. Avoid the equal and not equal operators when comparing values of boxed primitives
EXP04-J. Beware of invisible implicit casts when using compound assignment operators
EXP05-J. Be aware of integer promotions in binary operators
EXP06-J. Use parentheses for precedence of operation
EXP07-J. Be aware of the short-circuit behavior of the conditional AND and OR operators
EXP08-J. Understand the evaluation of expressions containing non-short-circuit operators
EXP09-J. Do not depend on operator precedence while using expressions containing side-effects
EXP10-J. Avoid side-effects in assertions
EXP11-J. Be careful of autoboxing when removing elements from a Collection
EXP12-J. Avoid dereferencing null pointers
EXP13-J. Consistently use the symbolic constants you define
EXP14-J. Use the same type for the second and third operands in conditional expressions
Risk Assessment Summary
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
EXP00-J |
medium |
probable |
medium |
P8 |
L2 |
EXP01-J |
low |
probable |
medium |
P4 |
L3 |
EXP02-J |
low |
likely |
low |
P9 |
L2 |
EXP03-J |
low |
likely |
medium |
P6 |
L2 |
EXP04-J |
low |
unlikely |
medium |
P2 |
L3 |
EXP05-J |
low |
probable |
medium |
P4 |
L3 |
EXP06-J |
low |
probable |
medium |
P4 |
L3 |
EXP07-J |
low |
unlikely |
medium |
P2 |
L3 |
EXP08-J |
low |
probable |
medium |
P4 |
L3 |
EXP09-J |
low |
unlikely |
medium |
P2 |
L3 |
EXP10-J |
low |
unlikely |
low |
P3 |
L3 |
EXP11-J |
low |
probable |
low |
P6 |
L2 |
EXP12-J |
low |
likely |
high |
P3 |
L3 |
EXP13-J |
low |
unlikely |
medium |
P2 |
L3 |
EXP14-J |
low |
unlikely |
medium |
P2 |
L3 |
DCL10-J. Ensure proper initialization by declaring class and instance variables final The CERT Oracle Secure Coding Standard for Java