Applicable to Android (Java Rules/Recomendations)
Rules
- DCL00-J. Prevent class initialization cycles
- DCL01-J. Do not reuse public identifiers from the Java Standard Library
- DCL02-J. Do not modify the collection's elements during an enhanced for statement
- ERR00-J. Do not suppress or ignore checked exceptions
- ERR01-J. Do not allow exceptions to expose sensitive information
- ERR02-J. Prevent exceptions while logging data
- ERR03-J. Restore prior object state on method failure
- ERR04-J. Do not complete abruptly from a finally block
- ERR05-J. Do not let checked exceptions escape from a finally block
- ERR06-J. Do not throw undeclared checked exceptions
- ERR07-J. Do not throw RuntimeException, Exception, or Throwable
- ERR08-J. Do not catch NullPointerException or any of its ancestors
- EXP00-J. Do not ignore values returned by methods
- EXP02-J. Do not use the Object.equals() method to compare two arrays
- FIO02-J. Detect and handle file-related errors
- FIO03-J. Remove temporary files before termination
- FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code
- FIO07-J. Do not let external processes block on IO buffers
- FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255
- FIO10-J. Ensure the array is filled when using read() to fill an array
- FIO12-J. Provide methods to read and write little-endian data
- IDS03-J. Do not log unsanitized user input
- IDS06-J. Exclude unsanitized user input from format strings
- IDS08-J. Sanitize untrusted data included in a regular expression
- IDS11-J. Perform any string modifications before validation
- JNI00-J. Define wrappers around native methods
- JNI02-J. Do not assume object references are constant or unique
- JNI04-J. Do not assume that Java strings are null-terminated
- LCK01-J. Do not synchronize on objects that may be reused
- LCK02-J. Do not synchronize on the class object returned by getClass()
- LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects
- LCK04-J. Do not synchronize on a collection view if the backing collection is accessible
- LCK06-J. Do not use an instance lock to protect shared static data
- LCK07-J. Avoid deadlock by requesting and releasing locks in the same order
- LCK08-J. Ensure actively held locks are released on exceptional conditions
- LCK09-J. Do not perform operations that can block while holding a lock
- LCK10-J. Use a correct form of the double-checked locking idiom
- MET00-J. Validate method arguments
- MET04-J. Do not increase the accessibility of overridden or hidden methods
- MET05-J. Ensure that constructors do not call overridable methods
- MET06-J. Do not invoke overridable methods in clone()
- MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface
- MET08-J. Preserve the equality contract when overriding the equals() method
- MET09-J. Classes that define an equals() method must also define a hashCode() method
- MET10-J. Follow the general contract when implementing the compareTo() method
- MET11-J. Ensure that keys used in comparison operations are immutable
- MET12-J. Do not use finalizers
- MSC00-J. Use SSLSocket rather than Socket for secure data exchange
- MSC01-J. Do not use an empty infinite loop
- MSC02-J. Generate strong random numbers
- MSC04-J. Do not leak memory
- MSC05-J. Do not exhaust heap space
- MSC06-J. Do not modify the underlying collection when an iteration is in progress
- MSC07-J. Prevent multiple instantiations of singleton objects
- NUM01-J. Do not perform bitwise and arithmetic operations on the same data
- NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors
- NUM03-J. Use integer types that can fully represent the possible range of unsigned data
- NUM07-J. Do not attempt comparisons with NaN
- NUM08-J. Check floating-point inputs for exceptional values
- NUM09-J. Do not use floating-point variables as loop counters
- NUM10-J. Do not construct BigDecimal objects from floating-point literals
- NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data
- NUM13-J. Avoid loss of precision when converting primitive integers to floating-point
- OBJ01-J. Limit accessibility of fields
- OBJ02-J. Preserve dependencies in subclasses when changing superclasses
- OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
- OBJ05-J. Do not return references to private mutable class members
- OBJ06-J. Defensively copy mutable inputs and mutable internal components
- OBJ07-J. Sensitive classes must not let themselves be copied
- OBJ08-J. Do not expose private members of an outer class from within a nested class
- OBJ09-J. Compare classes and not class names
- OBJ10-J. Do not use public static nonfinal fields
- OBJ11-J. Be wary of letting constructors throw exceptions
- SER00-J. Enable serialization compatibility during class evolution
- SER01-J. Do not deviate from the proper signatures of serialization methods
- SER02-J. Sign then seal objects before sending them outside a trust boundary
- SER03-J. Do not serialize unencrypted sensitive data
- SER05-J. Do not serialize instances of inner classes
- SER06-J. Make defensive copies of private mutable components during deserialization
- SER07-J. Do not use the default serialized form for classes with implementation-defined invariants
- SER08-J. Minimize privileges before deserializing from a privileged context
- SER09-J. Do not invoke overridable methods from the readObject() method
- SER10-J. Avoid memory and resource leaks during serialization
- SER11-J. Prevent overwriting of externalizable objects
- STR03-J. Do not encode noncharacter data as a string
- THI01-J. Do not invoke ThreadGroup methods
- TSM03-J. Do not publish partially initialized objects
- VNA00-J. Ensure visibility when accessing shared primitive variables
- VNA01-J. Ensure visibility of shared references to immutable objects
- VNA02-J. Ensure that compound operations on shared variables are atomic
- VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic
- VNA04-J. Ensure that calls to chained methods are atomic
- VNA05-J. Ensure atomicity when reading and writing 64-bit values
Recommendations
- CON50-J. Do not assume that declaring a reference volatile guarantees safe publication of the members of the referenced object
- CON51-J. Do not assume that the sleep(), yield(), or getState() methods provide synchronization semantics
- CON52-J. Document thread-safety and use annotations where applicable
- DCL50-J. Use visually distinct identifiers
- DCL51-J. Do not shadow or obscure identifiers in subscopes
- DCL52-J. Do not declare more than one variable per declaration
- DCL53-J. Minimize the scope of variables
- DCL54-J. Use meaningful symbolic constants to represent literal values in program logic
- DCL55-J. Properly encode relationships in constant definitions
- DCL56-J. Do not attach significance to the ordinal associated with an enum
- DCL57-J. Avoid ambiguous overloading of variable arity methods
- DCL58-J. Enable compile-time type checking of variable arity parameter types
- DCL59-J. Do not apply public final to constants whose value might change in later releases
- DCL60-J. Avoid cyclic dependencies between packages
- ERR50-J. Use exceptions only for exceptional conditions
- ERR51-J. Prefer user-defined exceptions over more general exception types
- ERR52-J. Avoid in-band error indicators
- ERR53-J. Try to gracefully recover from system errors
- EXP50-J. Do not confuse abstract object equality with reference equality
- EXP51-J. Do not perform assignments in conditional expressions
- EXP52-J. Use braces for the body of an if, for, or while statement
- EXP53-J. Use parentheses for precedence of operation
- EXP54-J. Understand the differences between bitwise and logical operators
- EXP55-J. Use the same type for the second and third operands in conditional expressions
- FIO52-J. Do not store unencrypted sensitive information on the client side
- FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care
- IDS53-J. Prevent XPath Injection
- IDS55-J. Understand how escape characters are interpreted when strings are loaded
- MET50-J. Avoid ambiguous or confusing uses of overloading
- MET51-J. Do not use overloaded methods to differentiate between runtime types
- MET52-J. Do not use the clone() method to copy untrusted method parameters
- MET53-J. Ensure that the clone() method calls super.clone()
- MET54-J. Always provide feedback about the resulting value of a method
- MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection
- MET56-J. Do not use Object.equals() to compare cryptographic keys
- MSC50-J. Minimize the scope of the @SuppressWarnings annotation
- MSC51-J. Do not place a semicolon immediately following an if, for, or while condition
- MSC52-J. Finish every set of statements associated with a case label with a break statement
- MSC53-J. Carefully design interfaces before releasing them
- MSC54-J. Avoid inadvertent wrapping of loop counters
- MSC55-J. Use comments consistently and in a readable fashion
- MSC56-J. Detect and remove superfluous code and values
- MSC57-J. Strive for logical completeness
- MSC58-J. Prefer using iterators over enumerations
- MSC61-J. Do not use insecure or weak cryptographic algorithms
- MSC62-J. Store passwords using a hash function
- MSC63-J. Ensure that SecureRandom is properly seeded
- NUM50-J. Convert integers to floating point for floating-point operations
- NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands
- NUM52-J. Be aware of numeric promotion behavior
- NUM54-J. Do not use denormalized numbers
- OBJ50-J. Never confuse the immutability of a reference with that of the referenced object
- OBJ51-J. Minimize the accessibility of classes and their members
- OBJ52-J. Write garbage-collection-friendly code
- OBJ53-J. Do not use direct buffers for short-lived, infrequently used objects
- OBJ54-J. Do not attempt to help the garbage collector by setting local reference variables to null
- OBJ55-J. Remove short-lived objects from long-lived container objects
- OBJ57-J. Do not rely on methods that can be overridden by untrusted code
- OBJ58-J. Limit the extensibility of classes and methods with invariants
- SEC56-J. Do not serialize direct handles to system resources