Guidelines

DCL00-J. Use visually distinct identifiers

DCL06-J. Use 'L', not 'l', to indicate a long value

DCL08-J. Do not overload variable argument methods

DCL02-J. Use meaningful symbolic constants to represent literal values in program logic

DCL01-J. Do not declare more than one variable per declaration

DCL03-J. Properly encode relationships in constant definitions

DCL07-J. Beware of integer literals beginning with '0'

DCL10-J. Ensure failure atomicity by declaring class and instance variables final and initializing immediately

DCL09-J. Enforce compile-time type checking of variable argument types

DCL05-J. Do not attempt to assign to the loop variable in an enhanced for loop

DCL04-J. Qualify mathematical constants with the static and final modifiers

Risk Assessment Summary

Recommendations

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

DCL00- J

low

unlikely

high

P1

L3

DCL01- J

low

unlikely

low

P3

L3

DCL02- J

low

unlikely

medium

P2

L3

DCL03- J

low

unlikely

high

P1

L3

DCL04- J

low

unlikely

low

P3

L3

DCL05- J

low

unlikely

high

P1

L3

DCL06- J

low

unlikely

low

P3

L3

DCL07- J

low

probable

medium

P4

L3

DCL08- J

low

unlikely

medium

P2

L3

Rules

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL30- J

low

unlikely

low

P3

L3

DCL31- J

low

probable

high

P2

L3


SEC08-J. Enforce security checks in code that performs sensitive operations      The CERT Sun Microsystems Secure Coding Standard for Java      DCL00-J. Use visually distinct identifiers