[{"data":1,"prerenderedAt":3130},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references":28,"surround-\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references":1545,"sidebar-sei-cert-oracle-coding-standard-for-java":1554},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":1535,"extension":1536,"meta":1537,"navigation":7,"path":1541,"seo":1542,"stem":1543,"__hash__":1544},"content\u002F6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F2.rec-aa-references.md","Rec. AA. References",{"type":32,"value":33,"toc":1531},"minimark",[34,38,60,74,91,105,122,136,152,164,176,188,200,212,230,244,258,270,288,300,314,326,340,354,368,380,397,416,430,442,456,468,483,495,507,521,533,550,564,578,590,602,618,636,648,662,675,689,701,713,725,742,757,771,788,800,817,831,848,862,874,888,902,915,932,945,959,970,984,1003,1016,1028,1042,1053,1069,1083,1096,1109,1123,1141,1154,1169,1181,1198,1212,1224,1237,1252,1269,1286,1302,1315,1334,1345,1359,1372,1389,1403,1420,1436,1452,1462,1476,1490,1504,1518],[35,36,30],"h1",{"id":37},"rec-aa-references",[39,40,41,45,46,49,52,53,59],"p",{},[42,43],"a",{"id":44},"Rec.AA.References-Apache13"," ",[42,47],{"id":48},"Rec.AA.References-Apache14",[50,51],"br",{},"\n[Apache 2014] ",[42,54,58],{"href":55,"rel":56},"http:\u002F\u002Ftika.apache.org\u002Findex.html",[57],"nofollow","Apache Tika: A Content Analysis Toolkit"," . The Apache Software Foundation (2014).",[39,61,62,65,67,68,73],{},[42,63],{"id":64},"Rec.AA.References-API06",[50,66],{},"\n[API 2006] ",[42,69,72],{"href":70,"rel":71},"http:\u002F\u002Fjava.sun.com\u002Fjavase\u002F6\u002Fdocs\u002Fapi\u002F",[57],"Java Platform, Standard Edition 6 API Specification"," , Oracle (2006).",[39,75,76,45,79,82,84,85,90],{},[42,77],{"id":78},"Rec.AA.References-API11",[42,80],{"id":81},"Rec.AA.References-API13",[50,83],{},"\n[API 2011] ",[42,86,89],{"href":87,"rel":88},"http:\u002F\u002Fdownload.oracle.com\u002Fjavase\u002F7\u002Fdocs\u002Fapi\u002Findex.html",[57],"Java Platform, Standard Edition 7 API Specification"," , Oracle (2011).",[39,92,93,96,98,99,104],{},[42,94],{"id":95},"Rec.AA.References-API14",[50,97],{},"\n[API 2014] ",[42,100,103],{"href":101,"rel":102},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F8\u002Fdocs\u002Fapi\u002F",[57],"Java Platform, Standard Edition 8 API Specification"," , Oracle (2014).",[39,106,107,110,112,113,121],{},[42,108],{"id":109},"Rec.AA.References-Arnold06",[50,111],{},"\n[Arnold 2006] Ken Arnold, James Gosling, and David Holmes. ",[114,115,116,117,120],"em",{},"The Java ",[114,118,119],{},"™"," Programming Language"," , 4th ed., Boston: Addison-Wesley (2006).",[39,123,124,127,129,130,135],{},[42,125],{"id":126},"Rec.AA.References-ASVS",[50,128],{},"\n[ASVS 2019] ",[42,131,134],{"href":132,"rel":133},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FCategory:OWASP_Application_Security_Verification_Standard_Project",[57],"OWASP Application Security Verification Standard Project"," (2019) .",[39,137,138,141,143,144,151],{},[42,139],{"id":140},"Rec.AA.References-Black04",[50,142],{},"\n[Black 2004] Black, Paul E., and Paul J. Tanenbaum. \"Partial order.\" In ",[42,145,148],{"href":146,"rel":147},"http:\u002F\u002Fxlinux.nist.gov\u002Fdads\u002FHTML\u002Fpartialorder.html",[57],[114,149,150],{},"Dictionary of Algorithms and Data Structures"," [online]. Paul E. Black, ed., U.S. National Institute of Standards and Technology (2004).",[39,153,154,157,159,160,163],{},[42,155],{"id":156},"Rec.AA.References-Bloch01",[50,158],{},"\n[Bloch 2001] Bloch, Joshua. ",[114,161,162],{},"Effective Java: Programming Language Guide"," . Boston: Addison-Wesley (2001).",[39,165,166,169,171,172,175],{},[42,167],{"id":168},"Rec.AA.References-Bloch05",[50,170],{},"\n[Bloch 2005] Bloch, Joshua, and Neal Gafter. ",[114,173,174],{},"Java Puzzlers: Traps, Pitfalls, and Corner Cases"," . Upper Saddle River, NJ: Addison-Wesley (2005).",[39,177,178,181,183,184,187],{},[42,179],{"id":180},"Rec.AA.References-Bloch08",[50,182],{},"\n[Bloch 2008] Bloch, Joshua. ",[114,185,186],{},"Effective Java"," , 2nd ed. Upper Saddle River, NJ: Addison-Wesley (2008).",[39,189,190,193,195,196,199],{},[42,191],{"id":192},"Rec.AA.References-Campione96",[50,194],{},"\n[Campione 1996] Campione, Mary, and Kathy Walrath. ",[114,197,198],{},"The Java Tutorial: Object-Oriented Programming for the Internet"," . Reading, MA: Addison-Wesley (1996).",[39,201,202,205,207,208,211],{},[42,203],{"id":204},"Rec.AA.References-Chan99",[50,206],{},"\n[Chan 1999] Chan, Patrick, Rosanna Lee, and Douglas Kramer. ",[114,209,210],{},"The Java Class Libraries: Supplement for the Java 2 Platform, v1.2"," , 2nd ed., vol. 1. Upper Saddle River, NJ: Prentice Hall (1999).",[39,213,214,217,219,220,225,226,229],{},[42,215],{"id":216},"Rec.AA.References-Cohen81",[50,218],{},"\n[Cohen 1981] Cohen, D. ",[42,221,224],{"href":222,"rel":223},"http:\u002F\u002Fdx.doi.org\u002F10.1109\u002FC-M.1981.220208",[57],"On Holy Wars and a Plea for Peace"," , ",[114,227,228],{},"IEEE Computer"," , 14(10):48–54 (1981).",[39,231,232,235,237,238,243],{},[42,233],{"id":234},"Rec.AA.References-Conventions09",[50,236],{},"\n[Conventions 2009] ",[42,239,242],{"href":240,"rel":241},"http:\u002F\u002Fwww.oracle.com\u002Ftechnetwork\u002Fjava\u002Findex-135089.html",[57],"Code Conventions for the Java Programming Language"," . Oracle (2009).",[39,245,246,249,251,252,257],{},[42,247],{"id":248},"Rec.AA.References-Coomes07",[50,250],{},"\n[Coomes 2007] Coomes, John, Peter Kessler, and Tony Printezis. ",[42,253,256],{"href":254,"rel":255},"http:\u002F\u002Fdocs.huihoo.com\u002Fjavaone\u002F2007\u002Fjava-se\u002FTS-2906.pdf",[57],"Garbage Collection-Friendly Programming"," . Java SE Garbage Collection Group, Sun Microsystems, JavaOne Conference (2007).",[39,259,260,263,265,266,269],{},[42,261],{"id":262},"Rec.AA.References-CoreJava04",[50,264],{},"\n[Core Java 2004] Horstmann, Cay S., and Gary Cornell. ",[114,267,268],{},"Core Java™ 2, Vol. I: Fundamentals"," , 7th ed. Upper Saddle River, NJ: Prentice Hall PTR (2004).",[39,271,272,275,277,278,281,282,287],{},[42,273],{"id":274},"Rec.AA.References-Coverity07",[50,276],{},"\n[Coverity 2007] ",[114,279,280],{},"Coverity Prevent User's Manual (3.3.0)"," . ",[42,283,286],{"href":284,"rel":285},"http:\u002F\u002Fwww.coverity.com\u002F",[57],"Coverity"," (2007).",[39,289,290,293,295,296,299],{},[42,291],{"id":292},"Rec.AA.References-Daconta03",[50,294],{},"\n[Daconta 2003] Daconta, Michael C., Kevin T. Smith, Donald Avondolio, and W. Clay Richardson. ",[114,297,298],{},"More Java Pitfalls: 50 New Time-Saving Solutions and Workarounds"," . Indianapolis, IN: Wiley (2003).",[39,301,302,305,307,308,313],{},[42,303],{"id":304},"Rec.AA.References-Davis08",[50,306],{},"\n[Davis 2008] Davis, Mark, and Ken Whistler (Ed.). ",[42,309,312],{"href":310,"rel":311},"http:\u002F\u002Funicode.org\u002Freports\u002Ftr15\u002F",[57],"Unicode Standard Annex #15: Unicode Normalization Forms"," (2008).",[39,315,316,319,321,322,325],{},[42,317],{"id":318},"Rec.AA.References-Dennis1966",[50,320],{},"\n[Dennis 1966] Dennis, Jack B., and Earl C. Van Horn. 1966. Programming Semantics for Multiprogrammed Computations. ",[114,323,324],{},"Communications of the ACM"," , 9(3):143–155 (1966). doi: 10.1145\u002F365230.365252.",[39,327,328,331,333,334,339],{},[42,329],{"id":330},"Rec.AA.References-Dougherty2009",[50,332],{},"\n[Dougherty 2009] Dougherty, Chad, Kirk Sayre, Robert C. Seacord, David Svoboda, and Kazuya Togashi. ",[42,335,338],{"href":336,"rel":337},"http:\u002F\u002Fwww.sei.cmu.edu\u002Flibrary\u002Fabstracts\u002Freports\u002F09tr010.cfm",[57],"Secure Design Patterns"," . CMU\u002FSEI-2009-TR-010 (2009).",[39,341,342,345,347,348,353],{},[42,343],{"id":344},"Rec.AA.References-ESA05",[50,346],{},"\n[ESA 2005] ESA (European Space Agency). ",[42,349,352],{"href":350,"rel":351},"http:\u002F\u002Fsoftware.ucv.ro\u002F%7Eeganea\u002FSoftE\u002FJavaCodingStandards.pdf",[57],"Java Coding Standards"," . Prepared by ESA Board for Software Standardisation and Control (BSSC) (2005).",[39,355,356,359,361,362,367],{},[42,357],{"id":358},"Rec.AA.References-FindBugs08",[50,360],{},"\n[FindBugs 2008] ",[42,363,366],{"href":364,"rel":365},"http:\u002F\u002Ffindbugs.sourceforge.net\u002FbugDescriptions.html",[57],"FindBugs Bug Descriptions"," (2008\u002F2011).",[39,369,370,373,375,376,379],{},[42,371],{"id":372},"Rec.AA.References-Flanagan05",[50,374],{},"\n[Flanagan 2005] Flanagan, David. ",[114,377,378],{},"Java in a Nutshell"," , 5th ed. Sebastopol, CA: O'Reilly Media (2005).",[39,381,382,45,385,388,390,391,396],{},[42,383],{"id":384},"Rec.AA.References-Fortify08",[42,386],{"id":387},"Rec.AA.References-Fortify14",[50,389],{},"\n[Fortify 2014] Fortify Software Security Research Group with Gary McGraw. ",[42,392,395],{"href":393,"rel":394},"http:\u002F\u002Fwww.hpenterprisesecurity.com\u002Fvulncat\u002Fen\u002Fvulncat\u002Findex.html",[57],"A Taxonomy of Coding Errors That Affect Security"," (see Java\u002FJSP) (2008\u002F2014).",[39,398,399,402,404,405,225,410,415],{},[42,400],{"id":401},"Rec.AA.References-GNU13",[50,403],{},"\n[GNU 2013] ",[42,406,409],{"href":407,"rel":408},"http:\u002F\u002Fwww.gnu.org\u002Fprep\u002Fstandards\u002F",[57],"GNU Coding Standards",[42,411,414],{"href":412,"rel":413},"http:\u002F\u002Fwww.gnu.org\u002Fprep\u002Fstandards\u002Fstandards.html#Syntactic-Conventions",[57],"§5.3, \"Clean Use of C Constructs.\""," Richard Stallman and other GNU Project volunteers (2013).",[39,417,418,421,423,424,429],{},[42,419],{"id":420},"Rec.AA.References-Goetz04",[50,422],{},"\n[Goetz 2004] Goetz, Brian. ",[42,425,428],{"href":426,"rel":427},"http:\u002F\u002Fwww.ibm.com\u002Fdeveloperworks\u002Fjava\u002Flibrary\u002Fj-jtp01274.html",[57],"Java Theory and Practice: Garbage Collection and Performance: Hints, Tips, and Myths about Writing Garbage Collection-Friendly Classes"," . IBM developerWorks (2004).",[39,431,432,435,437,438,441],{},[42,433],{"id":434},"Rec.AA.References-Goetz06",[50,436],{},"\n[Goetz 2006] Goetz, Brian, Tim Peierls, Joshua Bloch, Joseph Bowbeer, David Holmes, and Doug Lea. ",[114,439,440],{},"Java Concurrency in Practice"," . Boston: Addison-Wesley Professional (2006).",[39,443,444,447,449,450,455],{},[42,445],{"id":446},"Rec.AA.References-Goetz07",[50,448],{},"\n[Goetz 2007] Goetz, Brian. ",[42,451,454],{"href":452,"rel":453},"http:\u002F\u002Fwww.ibm.com\u002Fdeveloperworks\u002Fjava\u002Flibrary\u002Fj-jtp06197.html",[57],"Java Theory and Practice: Managing Volatility: Guidelines for Using Volatile Variables"," . IBM developerWorks (2007).",[39,457,458,461,463,464,467],{},[42,459],{"id":460},"Rec.AA.References-Gong03",[50,462],{},"\n[Gong 2003] Gong, Li, Gary Ellison, and Mary Dageforde. ",[114,465,466],{},"Inside Java 2 Platform Security: Architecture, API Design, and Implementation"," , 2nd ed. Boston: Addison-Wesley (2003).",[39,469,470,45,473,476,478,479,482],{},[42,471],{"id":472},"Rec.AA.References-Goodliffe06",[42,474],{"id":475},"Rec.AA.References-Goodliffe07",[50,477],{},"\n[Goodliffe 2007] Pete Goodliffe. ",[114,480,481],{},"Code Craft: The Practice of Writing Excellent Code"," . San Francisco: No Starch Press (2007 ).",[39,484,485,488,490,491,494],{},[42,486],{"id":487},"Rec.AA.References-Grand02",[50,489],{},"\n[Grand 2002] Grand, Mark. ",[114,492,493],{},"Patterns in Java, Vol. 1: A Catalog of Reusable Design Patterns Illustrated with UML"," , 2nd ed. Indianapolis, IN: Wiley (2002).",[39,496,497,500,502,503,506],{},[42,498],{"id":499},"Rec.AA.References-Grubb03",[50,501],{},"\n[Grubb 2003] Penny Grubb, and Armstrong A. Takang. ",[114,504,505],{},"Software Maintenance Concepts and Practice"," , 2nd ed.  River Edge, NJ: World Scientific (2003).",[39,508,509,512,514,515,520],{},[42,510],{"id":511},"Rec.AA.References-Guillardoy12",[50,513],{},"\n[Guillardoy 2012] Guillardoy, Esteban. ",[42,516,519],{"href":517,"rel":518},"http:\u002F\u002Fimmunityproducts.blogspot.com.ar\u002F2012\u002F08\u002Fjava-0day-analysis-cve-2012-4681.html",[57],"Java 0-day Analysis (CVE-2012-4681)"," (2012).",[39,522,523,526,528,529,532],{},[42,524],{"id":525},"Rec.AA.References-Hatton95",[50,527],{},"\n[Hatton 1995] Hatton, Les. ",[114,530,531],{},"Safer C: Developing Software for High-Integrity and Safety-Critical Systems"," . New York: McGraw-Hill (1995).",[39,534,535,45,538,541,543,544,549],{},[42,536],{"id":537},"Rec.AA.References-Havelund10",[42,539],{"id":540},"Rec.AA.References-Havelund09",[50,542],{},"\n[Havelund 2009]  Havelund, Klaus, and Al Niessner. ",[42,545,548],{"href":546,"rel":547},"http:\u002F\u002Flars-lab.jpl.nasa.gov\u002FJPL_Coding_Standard_Java.pdf",[57],"JPL Coding Standard, Version 1.1"," (2009)",[39,551,552,555,557,558,563],{},[42,553],{"id":554},"Rec.AA.References-Hawtin06",[50,556],{},"\n[Hawtin 2006] Hawtin, Thomas. ",[42,559,562],{"href":560,"rel":561},"http:\u002F\u002Fmarkmail.org\u002Fmessage\u002F4scermxmn5oqhyii",[57],"[drlvm][kernel_classes] ThreadLocal Vulnerability"," . MarkMail (2006).",[39,565,566,569,571,572,577],{},[42,567],{"id":568},"Rec.AA.References-Hirondelle13",[50,570],{},"\n[Hirondelle 2013] Hirondelle Systems. ",[42,573,576],{"href":574,"rel":575},"http:\u002F\u002Fwww.javapractices.com\u002Ftopic\u002FTopicAction.do?Id=216",[57],"Passwords Never Clear in Text"," (2013).",[39,579,580,583,585,586,589],{},[42,581],{"id":582},"Rec.AA.References-ISO\u002FIEC01",[50,584],{},"\n[ISO\u002FIEC 9126-1:2001] ",[114,587,588],{},"Software Engineering—Product Quality—Part 1, Quality Model"," (ISO\u002FIEC 9126-1:2001). Geneva, Switzerland: International Organization for Standardization (2001).",[39,591,592,595,597,598,601],{},[42,593],{"id":594},"Rec.AA.References-ISO\u002FIEC10",[50,596],{},"\n[ISO\u002FIEC 24765:2010] ",[114,599,600],{},"Systems and Software Engineering—Vocabulary"," (ISO\u002FIEC 24765:2010). Geneva, Switzerland: International Organization for Standardization (2010).",[39,603,604,607,609,610,617],{},[42,605],{"id":606},"Rec.AA.References-JLS13",[50,608],{},"\n[JLS 2013] Gosling, James, Bill Joy, Guy Steele, Gilad Bracha, and Alex Buckley. ",[42,611,614],{"href":612,"rel":613},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002Fspecs\u002Fjls\u002Fse7\u002Fhtml\u002Findex.html",[57],[114,615,616],{},"Java Language Specification: Java SE 7 Edition"," . Oracle America (2013).",[39,619,620,623,625,626,631,632,635],{},[42,621],{"id":622},"Rec.AA.References-Jovanovic06",[50,624],{},"\n[Jovanovic 2006] Jovanovic, Nenad, Christopher Kruegel, and Engin Kirda. ",[42,627,630],{"href":628,"rel":629},"http:\u002F\u002Fdx.doi.org\u002F10.1109\u002FSP.2006.29",[57],"Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)"," . In ",[114,633,634],{},"Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P'06)"," , pp. 258–263, May 21–24, Oakland, CA (2006).",[39,637,638,641,643,644,647],{},[42,639],{"id":640},"Rec.AA.References-JPL06",[50,642],{},"\n[JPL 2006] Arnold, Ken, James Gosling, and David Holmes. ",[114,645,646],{},"The Java™ Programming Language"," , 4th ed. Reading, MA: Addison-Wesley Professional (2006).",[39,649,650,653,655,656,661],{},[42,651],{"id":652},"Rec.AA.References-JVMSpec99",[50,654],{},"\n[JVMSpec 1999] ",[42,657,660],{"href":658,"rel":659},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002Fspecs\u002F",[57],"The Java Virtual Machine Specification"," . Sun Microsystems (1999).",[39,663,664,667,669,670,617],{},[42,665],{"id":666},"Rec.AA.References-JVMSpec13",[50,668],{},"\n[JVMSpec 2013] ",[42,671,674],{"href":672,"rel":673},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002Fspecs\u002Fjvms\u002Fse7\u002Fhtml\u002Findex.html",[57],"The Java Virtual Machine Specification: Java SE 7 Edition",[39,676,677,680,682,683,688],{},[42,678],{"id":679},"Rec.AA.References-Kabanov09",[50,681],{},"\n[Kabanov 2009] Kabanov, Jevgeni. ",[42,684,687],{"href":685,"rel":686},"http:\u002F\u002Fdow.ngra.de\u002F2009\u002F02\u002F16\u002Fthe-ultimate-java-puzzler\u002F",[57],"The Ultimate Java Puzzler"," (2009).",[39,690,691,694,696,697,700],{},[42,692],{"id":693},"Rec.AA.References-Kalinovsky04",[50,695],{},"\n[Kalinovsky 2004] Kalinovsky, Alex. ",[114,698,699],{},"Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering"," . Indianapolis: SAMS (2004).",[39,702,703,706,708,709,712],{},[42,704],{"id":705},"Rec.AA.References-Knoernschild02",[50,707],{},"\n[Knoernschild 2002] Knoernschild, Kirk. ",[114,710,711],{},"Java™ Design: Objects, UML, and Process"," . Boston: Addison-Wesley Professional (2002).",[39,714,715,718,720,721,724],{},[42,716],{"id":717},"Rec.AA.References-Lea00",[50,719],{},"\n[Lea 2000] Lea, Doug. ",[114,722,723],{},"Concurrent Programming in Java: Design Principles and Patterns"," , 2nd ed. Boston: Addison-Wesley (2000).",[39,726,727,730,732,733,281,738,741],{},[42,728],{"id":729},"Rec.AA.References-Lo05",[50,731],{},"\n[Lo 2005] Lo, Chia-Tien Dan, Witawas Srisa-an, and J. Morris Chang. ",[42,734,737],{"href":735,"rel":736},"https:\u002F\u002Fweb.archive.org\u002Fweb\u002F20051029134713\u002Fhttp:\u002F\u002Fwww.stsc.hill.af.mil\u002Fcrosstalk\u002F2005\u002F10\u002F0510DanLo.html",[57],"Security Issues in Garbage Collection",[114,739,740],{},"STSC Crosstalk"," , (2005, October).",[39,743,744,45,747,750,752,753,756],{},[42,745],{"id":746},"Rec.AA.References-Long11",[42,748],{"id":749},"Rec.AA.References-Long12",[50,751],{},"\n[Long 2012] Long, Fred, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, and David Svoboda. ",[114,754,755],{},"The CERT Oracle Secure Coding Standard for Java"," , SEI Series in Software Engineering. Boston: Addison-Wesley (2012).",[39,758,759,762,764,765,770],{},[42,760],{"id":761},"Rec.AA.References-Manion13",[50,763],{},"\n[Manion 2013] Manion, Art. ",[42,766,769],{"href":767,"rel":768},"https:\u002F\u002Fwww.cert.org\u002Fblogs\u002Fcertcc\u002F2013\u002F01\u002Fanatomy_of_java_exploits.html",[57],"Anatomy of Java Exploits"," , CERT\u002FCC Blog (January 15, 2013).",[39,772,773,776,778,779,281,784,787],{},[42,774],{"id":775},"Rec.AA.References-Martin96",[50,777],{},"\n[Martin 1996] Martin, Robert C. ",[42,780,783],{"href":781,"rel":782},"http:\u002F\u002Fwww.objectmentor.com\u002Fresources\u002Farticles\u002Fgranularity.pdf",[57],"Granularity",[114,785,786],{},"The C++ Report"," 8(10):57–62 (1996).",[39,789,790,793,795,796,799],{},[42,791],{"id":792},"Rec.AA.References-McGraw99",[50,794],{},"\n[McGraw 1999] McGraw, Gary, and Edward W. Felten. ",[114,797,798],{},"Securing Java: Getting Down to Business with Mobile Code"," , 2nd ed. New York: Wiley (1999).",[39,801,802,805,807,808,225,813,816],{},[42,803],{"id":804},"Rec.AA.References-Mettler10",[50,806],{},"\n[Mettler 2010] Adrian Mettler and David Wagner, ",[42,809,812],{"href":810,"rel":811},"http:\u002F\u002Fdl.acm.org\u002Fcitation.cfm?doid=1814217.1814224",[57],"Class Properties for Security Review in an Object-Capability Subset of Java",[114,814,815],{},"Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS '10)"," . ACM, Article 7, DOI: 10.1145\u002F1814217.1814224, 2010.",[39,818,819,822,824,825,830],{},[42,820],{"id":821},"Rec.AA.References-Miller09",[50,823],{},"\n[Miller 2009] Miller, Alex. ",[42,826,829],{"href":827,"rel":828},"http:\u002F\u002Fdevelopers.sun.com\u002Flearning\u002Fjavaoneonline\u002Fsessions\u002F2009\u002Fpdf\u002FTS-4863.pdf",[57],"Java™ Platform Concurrency Gotchas"," . JavaOne Conference (2009).",[39,832,833,836,838,839,281,844,847],{},[42,834],{"id":835},"Rec.AA.References-Netzer92",[50,837],{},"\n[Netzer 1992] Netzer, Robert H. B., and Barton P. Miller. ",[42,840,843],{"href":841,"rel":842},"http:\u002F\u002Fportal.acm.org\u002Fcitation.cfm?id=130616.130623",[57],"What Are Race Conditions? Some Issues and Formalization",[114,845,846],{},"ACM Letters on Programming Languages and Systems"," 1(1):74–88 (1992).",[39,849,850,853,855,856,861],{},[42,851],{"id":852},"Rec.AA.References-NIST800-63",[50,854],{},"\n[NIST 2017] ",[42,857,860],{"href":858,"rel":859},"https:\u002F\u002Fwww.nist.gov\u002Fitl\u002Ftig\u002Fprojects\u002Fspecial-publication-800-63",[57],"NIST Special Publication 800-63"," (2017) .",[39,863,864,867,869,870,873],{},[42,865],{"id":866},"Rec.AA.References-Oaks01",[50,868],{},"\n[Oaks 2001] Oaks, Scott. ",[114,871,872],{},"Java Security"," . Sebastopol, CA: O'Reilly (2001).",[39,875,876,879,881,882,887],{},[42,877],{"id":878},"Rec.AA.References-Oracle08",[50,880],{},"\n[Oracle 2008] ",[42,883,886],{"href":884,"rel":885},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F6\u002Fdocs\u002Ftechnotes\u002Fguides\u002Fsecurity\u002Fpermissions.html",[57],"Permissions in the Java™ SE 6 Development Kit (JDK)"," . Oracle (2008).",[39,889,890,893,895,896,901],{},[42,891],{"id":892},"Rec.AA.References-Oracle10a",[50,894],{},"\n[Oracle 2010a] ",[42,897,900],{"href":898,"rel":899},"http:\u002F\u002Fwww.oracle.com\u002Ftechnetwork\u002Fjava\u002Fjavase\u002Fgc-tuning-6-140523.html",[57],"Java SE 6 HotSpot™ Virtual Machine Garbage Collection Tuning"," . Oracle (2010).",[39,903,904,907,909,910,901],{},[42,905],{"id":906},"Rec.AA.References-Oracle10b",[50,908],{},"\n[Oracle 2010b] ",[42,911,914],{"href":912,"rel":913},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F1.5.0\u002Fdocs\u002Fguide\u002Fnio\u002F",[57],"New I\u002FO APIs",[39,916,917,45,920,923,925,926,931],{},[42,918],{"id":919},"Rec.AA.References-Oracle11a",[42,921],{"id":922},"Rec.AA.References-Oracle11",[50,924],{},"\n[Oracle 2011a] ",[42,927,930],{"href":928,"rel":929},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F6\u002Fdocs\u002Ftechnotes\u002Fguides\u002Fsecurity\u002Fcertpath\u002FCertPathProgGuide.html",[57],"Java PKI Programmer's Guide"," , Oracle, 2011.",[39,933,934,937,939,940,931],{},[42,935],{"id":936},"Rec.AA.References-Oracle11b",[50,938],{},"\n[Oracle 2011b] ",[42,941,944],{"href":942,"rel":943},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F6\u002Fdocs\u002Findex.html",[57],"Java Platform™, Standard Edition 6 Documentation",[39,946,947,950,952,953,958],{},[42,948],{"id":949},"Rec.AA.References-Oracle11c",[50,951],{},"\n[Oracle 2011c] ",[42,954,957],{"href":955,"rel":956},"http:\u002F\u002Fdocs.oracle.com\u002Fjavaee\u002F6\u002Fapi\u002Fjavax\u002Fservlet\u002Fhttp\u002Fpackage-summary.html",[57],"Package javax.servelt.http"," , Oracle  2011.",[39,960,961,964,966,967,931],{},[42,962],{"id":963},"Rec.AA.References-Oracle11d",[50,965],{},"\n[Oracle 2011d] ",[42,968,886],{"href":884,"rel":969},[57],[39,971,972,975,977,978,983],{},[42,973],{"id":974},"Rec.AA.References-Oracle12a",[50,976],{},"\n[Oracle 2012a] ",[42,979,982],{"href":980,"rel":981},"http:\u002F\u002Fdownload.java.net\u002Fjdk8\u002Fdocs\u002Ftechnotes\u002Fguides\u002Fsecurity\u002Fdoprivileged.html",[57],"API for Privileged Blocks"," . Oracle (1993\u002F2012).",[39,985,986,989,991,992,997,998,1002],{},[42,987],{"id":988},"Rec.AA.References-Oracle12b",[50,990],{},"\n[Oracle 2012b] \" ",[42,993,996],{"href":994,"rel":995},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F7\u002Fdocs\u002Ftechnotes\u002Fguides\u002Fsecurity\u002Fcrypto\u002FCryptoSpec.html#ReadPassword",[57],"Reading ASCII Passwords from an InputStream Example"," ,\" ",[42,999,1001],{"href":994,"rel":1000},[57],"Java Cryptography Architecture (JCA) Reference Guide"," . Oracle (2012).",[39,1004,1005,1008,1010,1011,1002],{},[42,1006],{"id":1007},"Rec.AA.References-Oracle12c",[50,1009],{},"\n[Oracle 2012c] ",[42,1012,1015],{"href":1013,"rel":1014},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F7\u002Fdocs\u002F",[57],"Java Platform Standard Edition 7 Documentation",[39,1017,1018,1021,1023,1024,1027],{},[42,1019],{"id":1020},"Rec.AA.References-Oracle13a",[50,1022],{},"\n[Oracle 2013a] ",[42,1025,982],{"href":980,"rel":1026},[57]," , Oracle, 1993\u002F2013.",[39,1029,1030,1033,1035,1036,225,1039,1041],{},[42,1031],{"id":1032},"Rec.AA.References-Oracle13b",[50,1034],{},"\n[Oracle 2013b] ",[42,1037,996],{"href":994,"rel":1038},[57],[114,1040,1001],{}," , Oracle, 2013.",[39,1043,1044,1047,1049,1050,1041],{},[42,1045],{"id":1046},"Rec.AA.References-Oracle13c",[50,1048],{},"\n[Oracle 2013c] ",[42,1051,1015],{"href":1013,"rel":1052},[57],[39,1054,1055,45,1058,1061,1063,1064,1041],{},[42,1056],{"id":1057},"Rec.AA.References-Oracle13d",[42,1059],{"id":1060},"Rec.AA.References-Oracle13",[50,1062],{},"\n[Oracle 2013d] ",[42,1065,1068],{"href":1066,"rel":1067},"http:\u002F\u002Fwww.oracle.com\u002Ftechnetwork\u002Ftopics\u002Fsecurity\u002Falert-cve-2013-0422-1896849.html",[57],"Oracle Security Alert for CVE-2013-0422",[39,1070,1071,1074,1076,1077,1082],{},[42,1072],{"id":1073},"Rec.AA.References-OWASP05",[50,1075],{},"\n[OWASP 2005] OWASP (Open Web Application Security Project). ",[42,1078,1081],{"href":1079,"rel":1080},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FOWASP_Guide_Project",[57],"A Guide to Building Secure Web Applications and Web Services"," (2005).",[39,1084,1085,1088,1090,1091,313],{},[42,1086],{"id":1087},"Rec.AA.References-OWASP08",[50,1089],{},"\n[OWASP 2008] OWASP. ",[42,1092,1095],{"href":1093,"rel":1094},"http:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FMain_Page",[57],"Open Web Application Security Project homepage",[39,1097,1098,1101,1103,1104,688],{},[42,1099],{"id":1100},"Rec.AA.References-OWASP09",[50,1102],{},"\n[OWASP 2009] OWASP. ",[42,1105,1108],{"href":1106,"rel":1107},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FSession_Fixation_in_Java",[57],"Session Fixation in Java",[39,1110,1111,1114,1116,1117,1122],{},[42,1112],{"id":1113},"Rec.AA.References-OWASP11",[50,1115],{},"\n[OWASP 2011] OWASP. ",[42,1118,1121],{"href":1119,"rel":1120},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FCross-site_Scripting_%28XSS%29",[57],"Cross-site Scripting (XSS)"," (2011).",[39,1124,1125,1128,1130,1131,45,1136,520],{},[42,1126],{"id":1127},"Rec.AA.References-OWASP12",[50,1129],{},"\n[OWASP 2012] OWASP. ",[42,1132,1135],{"href":1133,"rel":1134},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FHashing_Java#Why_add_salt_.3F",[57],"\"Why Add Salt?\"",[42,1137,1140],{"href":1138,"rel":1139},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FHashing_Java",[57],"Hashing Java",[39,1142,1143,1146,1148,1149,1122],{},[42,1144],{"id":1145},"Rec.AA.References-OWASP13",[50,1147],{},"\n[OWASP 2013] OWASP. ",[42,1150,1153],{"href":1151,"rel":1152},"http:\u002F\u002Fowasp.org\u002Findex.php\u002FOWASP_Guide_Project",[57],"OWASP Guide Project",[39,1155,1156,45,1159,1162,1164,1165,1168],{},[42,1157],{"id":1158},"Rec.AA.References-Paar09",[42,1160],{"id":1161},"Rec.AA.References-Paar10",[50,1163],{},"\n[Paar 2010] Paar, Christof, and Jan Pelzl. ",[114,1166,1167],{},"Understanding Cryptography: A Textbook for Students and Practitioners."," New York : Springer (2009). (Companion website contains online cryptography course that covers hash functions.)",[39,1170,1171,1174,1176,1177,1180],{},[42,1172],{"id":1173},"Rec.AA.References-Pistoia04",[50,1175],{},"\n[Pistoia 2004] Pistoia, Marco, Nataraj Nagaratnam, Larry Koved, and Anthony Nadalin. ",[114,1178,1179],{},"Enterprise Java Security: Building Secure J2EE Applications"," . Boston: Addison-Wesley (2004).",[39,1182,1183,45,1186,1189,1191,1192,1197],{},[42,1184],{"id":1185},"Rec.AA.References-Policy02",[42,1187],{"id":1188},"Rec.AA.References-Policy10",[50,1190],{},"\n[Policy 2010] ",[42,1193,1196],{"href":1194,"rel":1195},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F7\u002Fdocs\u002Ftechnotes\u002Fguides\u002Fsecurity\u002FPolicyFiles.html",[57],"Default Policy Implementation and Policy File Syntax"," , Document revision 1.6, Oracle (2010).",[39,1199,1200,1203,1205,1206,1211],{},[42,1201],{"id":1202},"Rec.AA.References-Reddy00",[50,1204],{},"\n[Reddy 2000] Reddy, Achut. ",[42,1207,1210],{"href":1208,"rel":1209},"http:\u002F\u002Fdevelopers.sun.com\u002Fsunstudio\u002Fproducts\u002Farchive\u002Fwhitepapers\u002Fjava-style.pdf",[57],"Java Coding Style Guide"," . (2000).",[39,1213,1214,1217,1219,1220,1223],{},[42,1215],{"id":1216},"Rec.AA.References-Rogue00",[50,1218],{},"\n[Rogue 2000] Vermeulen, Allan, Scott W. Ambler, Greg Bumgardner, and Eldon Metz. ",[114,1221,1222],{},"The Elements of Java Style"," . New York: Cambridge University Press (2000).",[39,1225,1226,1229,1231,1232,901],{},[42,1227],{"id":1228},"Rec.AA.References-SCG10",[50,1230],{},"\n[SCG 2010] ",[42,1233,1236],{"href":1234,"rel":1235},"http:\u002F\u002Fwww.oracle.com\u002Ftechnetwork\u002Fjava\u002Fseccodeguide-139067.html",[57],"Secure Coding Guidelines for the Java Programming Language, version 4.0",[39,1238,1239,45,1242,1245,1247,1248,1251],{},[42,1240],{"id":1241},"Rec.AA.References-Seacord08",[42,1243],{"id":1244},"Rec.AA.References-Seacord09",[50,1246],{},"\n[Seacord 2009] Seacord, Robert C. ",[114,1249,1250],{},"The CERT C Secure Coding Standard"," . Boston: Addison-Wesley (2009).",[39,1253,1254,1257,1259,1260,1263,1264,1268],{},[42,1255],{"id":1256},"Rec.AA.References-Seacord12",[50,1258],{},"\n[Seacord 2012] Seacord, Robert, Will Dormann, James McCurley, Philip Miller, Robert Stoddard, David Svoboda, and Jefferson Welch. ",[114,1261,1262],{},"Source Code Analysis Laboratory (SCALe)"," (CMU\u002FSEI-2012-TN-013). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2012. ",[42,1265,1266],{"href":1266,"rel":1267},"http:\u002F\u002Fwww.sei.cmu.edu\u002Flibrary\u002Fabstracts\u002Freports\u002F12tn013.cfm",[57]," .",[39,1270,1271,1274,1276,1277,1280,1281,1285],{},[42,1272],{"id":1273},"Rec.AA.References-Seacord13",[50,1275],{},"\n[Seacord 2013] Seacord, Robert C. ",[114,1278,1279],{},"Secure Coding in C and C++"," , 2nd ed. Boston: Addison-Wesley (2013). See ",[42,1282,1283],{"href":1283,"rel":1284},"http:\u002F\u002Fwww.cert.org\u002Fbooks\u002Fsecure-coding",[57]," for news and errata.",[39,1287,1288,45,1291,1294,1296,1297,901],{},[42,1289],{"id":1290},"Rec.AA.References-SecuritySpec08",[42,1292],{"id":1293},"Rec.AA.References-SecuritySpec10",[50,1295],{},"\n[SecuritySpec 2010] ",[42,1298,1301],{"href":1299,"rel":1300},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F1.5.0\u002Fdocs\u002Fguide\u002Fsecurity\u002Fspec\u002Fsecurity-specTOC.fm.html",[57],"Java Security Architecture",[39,1303,1304,1307,1309,1310,455],{},[42,1305],{"id":1306},"Rec.AA.References-Sen07",[50,1308],{},"\n[Sen 2007] Sen, Robi. ",[42,1311,1314],{"href":1312,"rel":1313},"http:\u002F\u002Fwww.ibm.com\u002Fdeveloperworks\u002Fxml\u002Flibrary\u002Fx-xpathinjection.html",[57],"Avoid the Dangers of XPath Injection",[39,1316,1317,1320,1322,1323,281,1328,1333],{},[42,1318],{"id":1319},"Rec.AA.References-Sethi09",[50,1321],{},"\n[Sethi 2009] Sethi, Amit. ",[42,1324,1327],{"href":1325,"rel":1326},"https:\u002F\u002Fwww.cigital.com\u002Fjustice-league-blog\u002F2009\u002F08\u002F14\u002Fproper-use-of-javas-securerandom\u002F",[57],"Proper Use of Java's SecureRandom",[42,1329,1332],{"href":1330,"rel":1331},"https:\u002F\u002Fwww.cigital.com\u002F",[57],"Cigital"," Justice League Blog (2009).",[39,1335,1336,45,1339,1342,1344],{},[42,1337],{"id":1338},"Rec.AA.References-Steinberg05",[42,1340],{"id":1341},"Rec.AA.References-Steinberg08",[50,1343],{},"\n[Steinberg 2008] Steinberg, Daniel H. Using the Varargs Language Feature. Java Developer Connection Tech Tips (2008).",[39,1346,1347,1350,1352,1353,1358],{},[42,1348],{"id":1349},"Rec.AA.References-Sterbenz06",[50,1351],{},"\n[Sterbenz 2006] Sterbenz, Andreas, and Charlie Lai. ",[42,1354,1357],{"href":1355,"rel":1356},"https:\u002F\u002Fconfluence.ucdavis.edu\u002Fconfluence\u002Fdownload\u002Fattachments\u002F16218\u002FTS-1238.pdf?version=1&modificationDate=1180213302000",[57],"Secure Coding Antipatterns: Avoiding Vulnerabilities"," . JavaOne Conference (2006).",[39,1360,1361,1364,1366,1367,1371],{},[42,1362],{"id":1363},"Rec.AA.References-Sun06",[50,1365],{},"\n[Sun 2006] ",[42,1368,1370],{"href":942,"rel":1369},[57],"Java™ Platform, Standard Edition 6 Documentation"," . Oracle (2006).",[39,1373,1374,1377,1379,1380,631,1385,1388],{},[42,1375],{"id":1376},"Rec.AA.References-Sutherland10",[50,1378],{},"\n[Sutherland 2010] Sutherland, Dean F., and William L. Scherlis. ",[42,1381,1384],{"href":1382,"rel":1383},"http:\u002F\u002Fportal.acm.org\u002Fcitation.cfm?doid=1693453.1693485",[57],"Composable Thread Coloring",[114,1386,1387],{},"Proceedings of the 15th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming"," . New York: ACM (2010).",[39,1390,1391,1394,1396,1397,1402],{},[42,1392],{"id":1393},"Rec.AA.References-Tools11",[50,1395],{},"\n[Tools 2011] ",[42,1398,1401],{"href":1399,"rel":1400},"http:\u002F\u002Fdownload.oracle.com\u002Fjavase\u002F7\u002Fdocs\u002Ftechnotes\u002Ftools\u002Findex.html",[57],"JDK Tools and Utilities Specification"," . Oracle (2011).",[39,1404,1405,45,1408,1411,1413,1414,1419],{},[42,1406],{"id":1407},"Rec.AA.References-Tutorials08",[42,1409],{"id":1410},"Rec.AA.References-Tutorials13",[50,1412],{},"\n[Tutorials 2013] ",[42,1415,1418],{"href":1416,"rel":1417},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002Ftutorial\u002Findex.html",[57],"The Java Tutorials"," . Oracle (2013).",[39,1421,1422,1425,1427,1428,1435],{},[42,1423],{"id":1424},"Rec.AA.References-Unicode09",[50,1426],{},"\n[Unicode 2009] The Unicode Consortium. The Unicode Standard, Version 5.2.0, defined by ",[42,1429,1432],{"href":1430,"rel":1431},"http:\u002F\u002Fwww.unicode.org\u002Fversions\u002FUnicode5.2.0\u002F",[57],[114,1433,1434],{},"The Unicode Standard, Version 5.2"," . Mountain View, CA: The Unicode Consortium (2009).",[39,1437,1438,1441,1443,1444,1451],{},[42,1439],{"id":1440},"Rec.AA.References-Unicode13",[50,1442],{},"\n[Unicode 2013] The Unicode Consortium. The Unicode Standard, Version 6.2.0, defined by ",[114,1445,1446],{},[42,1447,1450],{"href":1448,"rel":1449},"http:\u002F\u002Fwww.unicode.org\u002Fversions\u002FUnicode6.2.0\u002F",[57],"Unicode 6.2.0"," . Mountain View, CA: The Unicode Consortium (2013).",[39,1453,1454,1457,1459,1460,1223],{},[42,1455],{"id":1456},"Rec.AA.References-Vermeulen00",[50,1458],{},"\n[Vermeulen 2000] Vermeulen, Allan, Scott W. Ambler, Greg Bumgardner, and Eldon Metz. ",[114,1461,1222],{},[39,1463,1464,1467,1469,1470,1475],{},[42,1465],{"id":1466},"Rec.AA.References-Viega05",[50,1468],{},"\n[Viega 2005] Viega, John. ",[42,1471,1474],{"href":1472,"rel":1473},"http:\u002F\u002Fwww.securesoftware.com\u002Fprocess\u002F",[57],"CLASP Reference Guide, Volume 1.1."," Secure Software (2005).",[39,1477,1478,1481,1483,1484,1489],{},[42,1479],{"id":1480},"Rec.AA.References-W3C03",[50,1482],{},"\n[W3C 2003] ",[42,1485,1488],{"href":1486,"rel":1487},"http:\u002F\u002Fwww.w3.org\u002FSecurity\u002FFaq\u002Fwwwsf2.html",[57],"The World Wide Web Security FAQ"," . World Wide Web Consortium (W3C) (2003).",[39,1491,1492,1495,1497,1498,1503],{},[42,1493],{"id":1494},"Rec.AA.References-Ware08",[50,1496],{},"\n[Ware 2008] Ware, Michael S. ",[42,1499,1502],{"href":1500,"rel":1501},"http:\u002F\u002Fmikeware.us\u002Fthesis\u002F",[57],"Writing Secure Java Code: A Taxonomy of Heuristics and an Evaluation of Static Analysis Tools"," (thesis). James Madison University (2008).",[39,1505,1506,1509,1511,1512,1517],{},[42,1507],{"id":1508},"Rec.AA.References-White03",[50,1510],{},"\n[White 2003] White, Tom. ",[42,1513,1516],{"href":1514,"rel":1515},"http:\u002F\u002Fonjava.com\u002Fpub\u002Fa\u002Fonjava\u002F2003\u002F08\u002F20\u002Fmemoization.html",[57],"Memoization in Java Using Dynamic Proxy Classes"," . O'Reilly onJava.com (2003).",[39,1519,1520,1523,1525,1526,688],{},[42,1521],{"id":1522},"Rec.AA.References-Zadegan09",[50,1524],{},"\n[Zadegan 2009] Zadegan, Bryant. ",[42,1527,1530],{"href":1528,"rel":1529},"http:\u002F\u002Fwinjade.net\u002F2009\u002F01\u002Flesson-on-infinite-loops\u002F",[57],"A Lesson on Infinite Loops",{"title":1532,"searchDepth":1533,"depth":1533,"links":1534},"",2,[]," \n[Apache 2014] Apache Tika: A Content Analysis Toolkit . The Apache Software Foundation (2014).","md",{"tags":1538},[1539,1540],"bm","recommendation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references",{"title":30,"description":1535},"6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F2.rec-aa-references","C-jOHHucHoK95KX82MRoYT9tJtSuY095BCr4iHCFl6g",[1546,1550],{"title":1547,"path":1548,"stem":1549,"children":-1},"Back Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F1.index",{"title":1551,"path":1552,"stem":1553,"children":-1},"Rec. BB. Definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-bb-definitions","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F3.rec-bb-definitions",[1555],{"title":1556,"path":1557,"stem":1558,"children":1559},"SEI CERT Oracle Coding Standard for Java","\u002Fsei-cert-oracle-coding-standard-for-java","6.sei-cert-oracle-coding-standard-for-java\u002F1.index",[1560,1561,1701,2539,2938,3106],{"title":1556,"path":1557,"stem":1558},{"title":1562,"path":1563,"stem":1564,"children":1565},"Front Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F1.index",[1566,1567,1571,1575,1579,1625,1663],{"title":1562,"path":1563,"stem":1564},{"title":1568,"path":1569,"stem":1570},"Rules versus Recommendations (Java)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frules-versus-recommendations-java","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F2.rules-versus-recommendations-java",{"title":1572,"path":1573,"stem":1574},"Acknowledgments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Facknowledgments","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F3.acknowledgments",{"title":1576,"path":1577,"stem":1578},"Deprecations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Fdeprecations","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.deprecations",{"title":1580,"path":1581,"stem":1582,"children":1583},"Rec. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F01.index",[1584,1585,1589,1593,1597,1601,1605,1609,1613,1617,1621],{"title":1580,"path":1581,"stem":1582},{"title":1586,"path":1587,"stem":1588},"Scope","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F02.scope",{"title":1590,"path":1591,"stem":1592},"Audience","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F03.audience",{"title":1594,"path":1595,"stem":1596},"Contents and Organization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F05.contents-and-organization",{"title":1598,"path":1599,"stem":1600},"Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fguidelines","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F06.guidelines",{"title":1602,"path":1603,"stem":1604},"Usage","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F07.usage",{"title":1606,"path":1607,"stem":1608},"System Qualities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F08.system-qualities",{"title":1610,"path":1611,"stem":1612},"Priority and Levels","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F09.priority-and-levels",{"title":1614,"path":1615,"stem":1616},"Automatically Generated Code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F10.automatically-generated-code",{"title":1618,"path":1619,"stem":1620},"Source Code Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsource-code-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F11.source-code-validation",{"title":1622,"path":1623,"stem":1624},"Tool Selection and Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F12.tool-selection-and-validation",{"title":1626,"path":1627,"stem":1628,"children":1629},"Rule. Introduction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F01.index",[1630,1631,1635,1639,1643,1647,1651,1655,1659],{"title":1626,"path":1627,"stem":1628},{"title":1632,"path":1633,"stem":1634},"Input Validation and Data Sanitization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Finput-validation-and-data-sanitization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F02.input-validation-and-data-sanitization",{"title":1636,"path":1637,"stem":1638},"Leaking Sensitive Data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-sensitive-data","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F03.leaking-sensitive-data",{"title":1640,"path":1641,"stem":1642},"Type Safety","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Ftype-safety","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F04.type-safety",{"title":1644,"path":1645,"stem":1646},"Leaking Capabilities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-capabilities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F05.leaking-capabilities",{"title":1648,"path":1649,"stem":1650},"Denial of Service","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fdenial-of-service","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F06.denial-of-service",{"title":1652,"path":1653,"stem":1654},"Libraries","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Flibraries","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F07.libraries",{"title":1656,"path":1657,"stem":1658},"Concurrency, Visibility, and Memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fconcurrency-visibility-and-memory","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F08.concurrency-visibility-and-memory",{"title":1660,"path":1661,"stem":1662},"Privilege Escalation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fprivilege-escalation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F09.privilege-escalation",{"title":1664,"path":1665,"stem":1666,"children":1667},"Rule. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F01.index",[1668,1669,1672,1675,1678,1682,1685,1688,1691,1694,1698],{"title":1664,"path":1665,"stem":1666},{"title":1586,"path":1670,"stem":1671},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F02.scope",{"title":1590,"path":1673,"stem":1674},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F03.audience",{"title":1594,"path":1676,"stem":1677},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F04.contents-and-organization",{"title":1679,"path":1680,"stem":1681},"Identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fidentifiers","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F05.identifiers",{"title":1602,"path":1683,"stem":1684},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F06.usage",{"title":1606,"path":1686,"stem":1687},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F07.system-qualities",{"title":1610,"path":1689,"stem":1690},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F08.priority-and-levels",{"title":1614,"path":1692,"stem":1693},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F09.automatically-generated-code",{"title":1695,"path":1696,"stem":1697},"Conformance Testing","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fconformance-testing","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F10.conformance-testing",{"title":1622,"path":1699,"stem":1700},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F11.tool-selection-and-validation",{"title":1702,"path":1703,"stem":1704,"children":1705},"Rules","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F01.index",[1706,1707,1711,1737,1755,1801,1839,1913,1967,1993,2047,2109,2163,2221,2283,2333,2373,2431,2461,2487,2509],{"title":1702,"path":1703,"stem":1704},{"title":1708,"path":1709,"stem":1710},"Android (DRD)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fandroid-drd","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F02.android-drd",{"title":1712,"path":1713,"stem":1714,"children":1715},"Characters and Strings (STR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F1.index",[1716,1717,1721,1725,1729,1733],{"title":1712,"path":1713,"stem":1714},{"title":1718,"path":1719,"stem":1720},"STR00-J. Don't form strings containing partial characters from variable-width encodings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F2.str00-j",{"title":1722,"path":1723,"stem":1724},"STR01-J. Do not assume that a Java char fully represents a Unicode code point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F3.str01-j",{"title":1726,"path":1727,"stem":1728},"STR02-J. Specify an appropriate locale when comparing locale-dependent data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F4.str02-j",{"title":1730,"path":1731,"stem":1732},"STR03-J. Do not encode noncharacter data as a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F5.str03-j",{"title":1734,"path":1735,"stem":1736},"STR04-J. Use compatible character encodings when communicating string data between JVMs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F6.str04-j",{"title":1738,"path":1739,"stem":1740,"children":1741},"Declarations and Initialization (DCL)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F1.index",[1742,1743,1747,1751],{"title":1738,"path":1739,"stem":1740},{"title":1744,"path":1745,"stem":1746},"DCL00-J. Prevent class initialization cycles","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F2.dcl00-j",{"title":1748,"path":1749,"stem":1750},"DCL01-J. Do not reuse public identifiers from the Java Standard Library","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F3.dcl01-j",{"title":1752,"path":1753,"stem":1754},"DCL02-J. Do not modify the collection's elements during an enhanced for statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F4.dcl02-j",{"title":1756,"path":1757,"stem":1758,"children":1759},"Exceptional Behavior (ERR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F01.index",[1760,1761,1765,1769,1773,1777,1781,1785,1789,1793,1797],{"title":1756,"path":1757,"stem":1758},{"title":1762,"path":1763,"stem":1764},"ERR00-J. Do not suppress or ignore checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F02.err00-j",{"title":1766,"path":1767,"stem":1768},"ERR01-J. Do not allow exceptions to expose sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F03.err01-j",{"title":1770,"path":1771,"stem":1772},"ERR02-J. Prevent exceptions while logging data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F04.err02-j",{"title":1774,"path":1775,"stem":1776},"ERR03-J. Restore prior object state on method failure","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F05.err03-j",{"title":1778,"path":1779,"stem":1780},"ERR04-J. Do not complete abruptly from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F06.err04-j",{"title":1782,"path":1783,"stem":1784},"ERR05-J. Do not let checked exceptions escape from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F07.err05-j",{"title":1786,"path":1787,"stem":1788},"ERR06-J. Do not throw undeclared checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F08.err06-j",{"title":1790,"path":1791,"stem":1792},"ERR07-J. Do not throw RuntimeException, Exception, or Throwable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F09.err07-j",{"title":1794,"path":1795,"stem":1796},"ERR08-J. Do not catch NullPointerException or any of its ancestors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F10.err08-j",{"title":1798,"path":1799,"stem":1800},"ERR09-J. Do not allow untrusted code to terminate the JVM","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F11.err09-j",{"title":1802,"path":1803,"stem":1804,"children":1805},"Expressions (EXP)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F1.index",[1806,1807,1811,1815,1819,1823,1827,1831,1835],{"title":1802,"path":1803,"stem":1804},{"title":1808,"path":1809,"stem":1810},"EXP00-J. Do not ignore values returned by methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F2.exp00-j",{"title":1812,"path":1813,"stem":1814},"EXP01-J. Do not use a null in a case where an object is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F3.exp01-j",{"title":1816,"path":1817,"stem":1818},"EXP02-J. Do not use the Object.equals() method to compare two arrays","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F4.exp02-j",{"title":1820,"path":1821,"stem":1822},"EXP03-J. Do not use the equality operators when comparing values of boxed primitives","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F5.exp03-j",{"title":1824,"path":1825,"stem":1826},"EXP04-J. Do not pass arguments to certain Java Collections Framework methods that are a different type than the collection parameter type","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F6.exp04-j",{"title":1828,"path":1829,"stem":1830},"EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F7.exp05-j",{"title":1832,"path":1833,"stem":1834},"EXP06-J. Expressions used in assertions must not produce side effects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F8.exp06-j",{"title":1836,"path":1837,"stem":1838},"EXP07-J. Prevent loss of useful data due to weak references","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F9.exp07-j",{"title":1840,"path":1841,"stem":1842,"children":1843},"Input Output (FIO)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F01.index",[1844,1845,1849,1853,1857,1861,1865,1869,1873,1877,1881,1885,1889,1893,1897,1901,1905,1909],{"title":1840,"path":1841,"stem":1842},{"title":1846,"path":1847,"stem":1848},"FIO00-J. Do not operate on files in shared directories","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F02.fio00-j",{"title":1850,"path":1851,"stem":1852},"FIO01-J. Create files with appropriate access permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F03.fio01-j",{"title":1854,"path":1855,"stem":1856},"FIO02-J. Detect and handle file-related errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F04.fio02-j",{"title":1858,"path":1859,"stem":1860},"FIO03-J. Remove temporary files before termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F05.fio03-j",{"title":1862,"path":1863,"stem":1864},"FIO04-J. Release resources when they are no longer needed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F06.fio04-j",{"title":1866,"path":1867,"stem":1868},"FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F07.fio05-j",{"title":1870,"path":1871,"stem":1872},"FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F08.fio06-j",{"title":1874,"path":1875,"stem":1876},"FIO07-J. Do not let external processes block on IO buffers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F09.fio07-j",{"title":1878,"path":1879,"stem":1880},"FIO08-J. Distinguish between characters or bytes read from a stream and -1","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F10.fio08-j",{"title":1882,"path":1883,"stem":1884},"FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F11.fio09-j",{"title":1886,"path":1887,"stem":1888},"FIO10-J. Ensure the array is filled when using read() to fill an array","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F12.fio10-j",{"title":1890,"path":1891,"stem":1892},"FIO11-J. Do not convert between strings and bytes without specifying a valid character encoding","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F13.fio11-j",{"title":1894,"path":1895,"stem":1896},"FIO12-J. Provide methods to read and write little-endian data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F14.fio12-j",{"title":1898,"path":1899,"stem":1900},"FIO13-J. Do not log sensitive information outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F15.fio13-j",{"title":1902,"path":1903,"stem":1904},"FIO14-J. Perform proper cleanup at program termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F16.fio14-j",{"title":1906,"path":1907,"stem":1908},"FIO15-J. Do not reset a servlet's output stream after committing it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F17.fio15-j",{"title":1910,"path":1911,"stem":1912},"FIO16-J. Canonicalize path names before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F18.fio16-j",{"title":1914,"path":1915,"stem":1916,"children":1917},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F01.index",[1918,1919,1923,1927,1931,1935,1939,1943,1947,1951,1955,1959,1963],{"title":1914,"path":1915,"stem":1916},{"title":1920,"path":1921,"stem":1922},"IDS00-J. Prevent SQL injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F02.ids00-j",{"title":1924,"path":1925,"stem":1926},"IDS01-J. Normalize strings before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F03.ids01-j",{"title":1928,"path":1929,"stem":1930},"IDS03-J. Do not log unsanitized user input","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F04.ids03-j",{"title":1932,"path":1933,"stem":1934},"IDS04-J. Safely extract files from ZipInputStream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F05.ids04-j",{"title":1936,"path":1937,"stem":1938},"IDS06-J. Exclude unsanitized user input from format strings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F06.ids06-j",{"title":1940,"path":1941,"stem":1942},"IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F07.ids07-j",{"title":1944,"path":1945,"stem":1946},"IDS08-J. Sanitize untrusted data included in a regular expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F08.ids08-j",{"title":1948,"path":1949,"stem":1950},"IDS11-J. Perform any string modifications before validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F09.ids11-j",{"title":1952,"path":1953,"stem":1954},"IDS14-J. Do not trust the contents of hidden form fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F10.ids14-j",{"title":1956,"path":1957,"stem":1958},"IDS15-J. Do not allow sensitive information to leak outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F11.ids15-j",{"title":1960,"path":1961,"stem":1962},"IDS16-J. Prevent XML Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F12.ids16-j",{"title":1964,"path":1965,"stem":1966},"IDS17-J. Prevent XML External Entity Attacks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids17-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F13.ids17-j",{"title":1968,"path":1969,"stem":1970,"children":1971},"Java Native Interface (JNI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F1.index",[1972,1973,1977,1981,1985,1989],{"title":1968,"path":1969,"stem":1970},{"title":1974,"path":1975,"stem":1976},"JNI00-J. Define wrappers around native methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F2.jni00-j",{"title":1978,"path":1979,"stem":1980},"JNI01-J. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance (loadLibrary)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F3.jni01-j",{"title":1982,"path":1983,"stem":1984},"JNI02-J. Do not assume object references are constant or unique","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F4.jni02-j",{"title":1986,"path":1987,"stem":1988},"JNI03-J. Do not use direct pointers to Java objects in JNI code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F5.jni03-j",{"title":1990,"path":1991,"stem":1992},"JNI04-J. Do not assume that Java strings are null-terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F6.jni04-j",{"title":1994,"path":1995,"stem":1996,"children":1997},"Locking (LCK)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F01.index",[1998,1999,2003,2007,2011,2015,2019,2023,2027,2031,2035,2039,2043],{"title":1994,"path":1995,"stem":1996},{"title":2000,"path":2001,"stem":2002},"LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F02.lck00-j",{"title":2004,"path":2005,"stem":2006},"LCK01-J. Do not synchronize on objects that may be reused","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F03.lck01-j",{"title":2008,"path":2009,"stem":2010},"LCK02-J. Do not synchronize on the class object returned by getClass()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F04.lck02-j",{"title":2012,"path":2013,"stem":2014},"LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F05.lck03-j",{"title":2016,"path":2017,"stem":2018},"LCK04-J. Do not synchronize on a collection view if the backing collection is accessible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F06.lck04-j",{"title":2020,"path":2021,"stem":2022},"LCK05-J. Synchronize access to static fields that can be modified by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F07.lck05-j",{"title":2024,"path":2025,"stem":2026},"LCK06-J. Do not use an instance lock to protect shared static data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F08.lck06-j",{"title":2028,"path":2029,"stem":2030},"LCK07-J. Avoid deadlock by requesting and releasing locks in the same order","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F09.lck07-j",{"title":2032,"path":2033,"stem":2034},"LCK08-J. Ensure actively held locks are released on exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F10.lck08-j",{"title":2036,"path":2037,"stem":2038},"LCK09-J. Do not perform operations that can block while holding a lock","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F11.lck09-j",{"title":2040,"path":2041,"stem":2042},"LCK10-J. Use a correct form of the double-checked locking idiom","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F12.lck10-j",{"title":2044,"path":2045,"stem":2046},"LCK11-J. Avoid client-side locking when using classes that do not commit to their locking strategy","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F13.lck11-j",{"title":2048,"path":2049,"stem":2050,"children":2051},"Methods (MET)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F01.index",[2052,2053,2057,2061,2065,2069,2073,2077,2081,2085,2089,2093,2097,2101,2105],{"title":2048,"path":2049,"stem":2050},{"title":2054,"path":2055,"stem":2056},"MET00-J. Validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F02.met00-j",{"title":2058,"path":2059,"stem":2060},"MET01-J. Never use assertions to validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F03.met01-j",{"title":2062,"path":2063,"stem":2064},"MET02-J. Do not use deprecated or obsolete classes or methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F04.met02-j",{"title":2066,"path":2067,"stem":2068},"MET03-J. Methods that perform a security check must be declared private or final","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F05.met03-j",{"title":2070,"path":2071,"stem":2072},"MET04-J. Do not increase the accessibility of overridden or hidden methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F06.met04-j",{"title":2074,"path":2075,"stem":2076},"MET05-J. Ensure that constructors do not call overridable methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F07.met05-j",{"title":2078,"path":2079,"stem":2080},"MET06-J. Do not invoke overridable methods in clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F08.met06-j",{"title":2082,"path":2083,"stem":2084},"MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F09.met07-j",{"title":2086,"path":2087,"stem":2088},"MET08-J. Preserve the equality contract when overriding the equals() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F10.met08-j",{"title":2090,"path":2091,"stem":2092},"MET09-J. Classes that define an equals() method must also define a hashCode() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F11.met09-j",{"title":2094,"path":2095,"stem":2096},"MET10-J. Follow the general contract when implementing the compareTo() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F12.met10-j",{"title":2098,"path":2099,"stem":2100},"MET11-J. Ensure that keys used in comparison operations are immutable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F13.met11-j",{"title":2102,"path":2103,"stem":2104},"MET12-J. Do not use finalizers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F14.met12-j",{"title":2106,"path":2107,"stem":2108},"MET13-J. Do not assume that reassigning method arguments modifies the calling environment","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F15.met13-j",{"title":2110,"path":2111,"stem":2112,"children":2113},"Miscellaneous (MSC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F01.index",[2114,2115,2119,2123,2127,2131,2135,2139,2143,2147,2151,2155,2159],{"title":2110,"path":2111,"stem":2112},{"title":2116,"path":2117,"stem":2118},"MSC00-J. Use SSLSocket rather than Socket for secure data exchange","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F02.msc00-j",{"title":2120,"path":2121,"stem":2122},"MSC01-J. Do not use an empty infinite loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F03.msc01-j",{"title":2124,"path":2125,"stem":2126},"MSC02-J. Generate strong random numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F04.msc02-j",{"title":2128,"path":2129,"stem":2130},"MSC03-J. Never hard code sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F05.msc03-j",{"title":2132,"path":2133,"stem":2134},"MSC04-J. Do not leak memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F06.msc04-j",{"title":2136,"path":2137,"stem":2138},"MSC05-J. Do not exhaust heap space","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F07.msc05-j",{"title":2140,"path":2141,"stem":2142},"MSC06-J. Do not modify the underlying collection when an iteration is in progress","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F08.msc06-j",{"title":2144,"path":2145,"stem":2146},"MSC07-J. Prevent multiple instantiations of singleton objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F09.msc07-j",{"title":2148,"path":2149,"stem":2150},"MSC08-J. Do not store nonserializable objects as attributes in an HTTP session","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F10.msc08-j",{"title":2152,"path":2153,"stem":2154},"MSC09-J. For OAuth, ensure (a) [relying party receiving user's ID in last step] is same as (b) [relying party the access token was granted to].","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F11.msc09-j",{"title":2156,"path":2157,"stem":2158},"MSC10-J. Do not use OAuth 2.0 implicit grant (unmodified) for authentication","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F12.msc10-j",{"title":2160,"path":2161,"stem":2162},"MSC11-J. Do not let session information leak within a servlet","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F13.msc11-j",{"title":2164,"path":2165,"stem":2166,"children":2167},"Numeric Types and Operations (NUM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F01.index",[2168,2169,2173,2177,2181,2185,2189,2193,2197,2201,2205,2209,2213,2217],{"title":2164,"path":2165,"stem":2166},{"title":2170,"path":2171,"stem":2172},"NUM00-J. Detect or prevent integer overflow","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F02.num00-j",{"title":2174,"path":2175,"stem":2176},"NUM01-J. Do not perform bitwise and arithmetic operations on the same data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F03.num01-j",{"title":2178,"path":2179,"stem":2180},"NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F04.num02-j",{"title":2182,"path":2183,"stem":2184},"NUM03-J. Use integer types that can fully represent the possible range of unsigned data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F05.num03-j",{"title":2186,"path":2187,"stem":2188},"NUM04-J. Do not use floating-point numbers if precise computation is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F06.num04-j",{"title":2190,"path":2191,"stem":2192},"NUM07-J. Do not attempt comparisons with NaN","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F07.num07-j",{"title":2194,"path":2195,"stem":2196},"NUM08-J. Check floating-point inputs for exceptional values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F08.num08-j",{"title":2198,"path":2199,"stem":2200},"NUM09-J. Do not use floating-point variables as loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F09.num09-j",{"title":2202,"path":2203,"stem":2204},"NUM10-J. Do not construct BigDecimal objects from floating-point literals","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F10.num10-j",{"title":2206,"path":2207,"stem":2208},"NUM11-J. Do not compare or inspect the string representation of floating-point values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F11.num11-j",{"title":2210,"path":2211,"stem":2212},"NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F12.num12-j",{"title":2214,"path":2215,"stem":2216},"NUM13-J. Avoid loss of precision when converting primitive integers to floating-point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F13.num13-j",{"title":2218,"path":2219,"stem":2220},"NUM14-J. Use shift operators correctly","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F14.num14-j",{"title":2222,"path":2223,"stem":2224,"children":2225},"Object Orientation (OBJ)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F01.index",[2226,2227,2231,2235,2239,2243,2247,2251,2255,2259,2263,2267,2271,2275,2279],{"title":2222,"path":2223,"stem":2224},{"title":2228,"path":2229,"stem":2230},"OBJ01-J. Limit accessibility of fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F02.obj01-j",{"title":2232,"path":2233,"stem":2234},"OBJ02-J. Preserve dependencies in subclasses when changing superclasses","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F03.obj02-j",{"title":2236,"path":2237,"stem":2238},"OBJ03-J. Prevent heap pollution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F04.obj03-j",{"title":2240,"path":2241,"stem":2242},"OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F05.obj04-j",{"title":2244,"path":2245,"stem":2246},"OBJ05-J. Do not return references to private mutable class members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F06.obj05-j",{"title":2248,"path":2249,"stem":2250},"OBJ06-J. Defensively copy mutable inputs and mutable internal components","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F07.obj06-j",{"title":2252,"path":2253,"stem":2254},"OBJ07-J. Sensitive classes must not let themselves be copied","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F08.obj07-j",{"title":2256,"path":2257,"stem":2258},"OBJ08-J. Do not expose private members of an outer class from within a nested class","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F09.obj08-j",{"title":2260,"path":2261,"stem":2262},"OBJ09-J. Compare classes and not class names","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F10.obj09-j",{"title":2264,"path":2265,"stem":2266},"OBJ10-J. Do not use public static nonfinal fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F11.obj10-j",{"title":2268,"path":2269,"stem":2270},"OBJ11-J. Be wary of letting constructors throw exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F12.obj11-j",{"title":2272,"path":2273,"stem":2274},"OBJ12-J. Respect object-based annotations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F13.obj12-j",{"title":2276,"path":2277,"stem":2278},"OBJ13-J. Ensure that references to mutable objects are not exposed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F14.obj13-j",{"title":2280,"path":2281,"stem":2282},"OBJ14-J. Do not use an object that has been freed.","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F15.obj14-j",{"title":2284,"path":2285,"stem":2286,"children":2287},"Platform Security (SEC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F01.index",[2288,2289,2293,2297,2301,2305,2309,2313,2317,2321,2325,2329],{"title":2284,"path":2285,"stem":2286},{"title":2290,"path":2291,"stem":2292},"SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F02.sec00-j",{"title":2294,"path":2295,"stem":2296},"SEC01-J. Do not allow tainted variables in privileged blocks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F03.sec01-j",{"title":2298,"path":2299,"stem":2300},"SEC02-J. Do not base security checks on untrusted sources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F04.sec02-j",{"title":2302,"path":2303,"stem":2304},"SEC03-J. Do not load trusted classes after allowing untrusted code to load arbitrary classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F05.sec03-j",{"title":2306,"path":2307,"stem":2308},"SEC04-J. Protect sensitive operations with security manager checks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F06.sec04-j",{"title":2310,"path":2311,"stem":2312},"SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F07.sec05-j",{"title":2314,"path":2315,"stem":2316},"SEC06-J. Do not rely on the default automatic signature verification provided by URLClassLoader and java.util.jar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F08.sec06-j",{"title":2318,"path":2319,"stem":2320},"SEC07-J. Call the superclass's getPermissions() method when writing a custom class loader","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F09.sec07-j",{"title":2322,"path":2323,"stem":2324},"SEC08-J Trusted code must discard or clean any arguments provided by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F10.sec08-j",{"title":2326,"path":2327,"stem":2328},"SEC09-J Never leak the results of certain standard API methods from trusted code to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F11.sec09-j",{"title":2330,"path":2331,"stem":2332},"SEC10-J Never permit untrusted code to invoke any API that may (possibly transitively) invoke the reflection APIs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F12.sec10-j",{"title":2334,"path":2335,"stem":2336,"children":2337},"Runtime Environment (ENV)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F1.index",[2338,2339,2343,2347,2351,2361,2365,2369],{"title":2334,"path":2335,"stem":2336},{"title":2340,"path":2341,"stem":2342},"ENV00-J. Do not sign code that performs only unprivileged operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F2.env00-j",{"title":2344,"path":2345,"stem":2346},"ENV01-J. Place all security-sensitive code in a single JAR and sign and seal it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F3.env01-j",{"title":2348,"path":2349,"stem":2350},"ENV02-J. Do not trust the values of environment variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F4.env02-j",{"title":2352,"path":2353,"stem":2354,"children":2355},"ENV03-J. Do not grant dangerous combinations of permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F1.index",[2356,2357],{"title":2352,"path":2353,"stem":2354},{"title":2358,"path":2359,"stem":2360},"DUMMY ENV03-J","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j\u002Fdummy-env03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F2.dummy-env03-j",{"title":2362,"path":2363,"stem":2364},"ENV04-J. Do not disable bytecode verification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F6.env04-j",{"title":2366,"path":2367,"stem":2368},"ENV05-J. Do not deploy an application that can be remotely monitored","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F7.env05-j",{"title":2370,"path":2371,"stem":2372},"ENV06-J. Production code must not contain debugging entry points","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F8.env06-j",{"title":2374,"path":2375,"stem":2376,"children":2377},"Serialization (SER)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F01.index",[2378,2379,2383,2387,2391,2395,2399,2403,2407,2411,2415,2419,2423,2427],{"title":2374,"path":2375,"stem":2376},{"title":2380,"path":2381,"stem":2382},"SER00-J. Enable serialization compatibility during class evolution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F02.ser00-j",{"title":2384,"path":2385,"stem":2386},"SER01-J. Do not deviate from the proper signatures of serialization methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F03.ser01-j",{"title":2388,"path":2389,"stem":2390},"SER02-J. Sign then seal objects before sending them outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F04.ser02-j",{"title":2392,"path":2393,"stem":2394},"SER03-J. Do not serialize unencrypted sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F05.ser03-j",{"title":2396,"path":2397,"stem":2398},"SER04-J. Do not allow serialization and deserialization to bypass the security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F06.ser04-j",{"title":2400,"path":2401,"stem":2402},"SER05-J. Do not serialize instances of inner classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F07.ser05-j",{"title":2404,"path":2405,"stem":2406},"SER06-J. Make defensive copies of private mutable components during deserialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F08.ser06-j",{"title":2408,"path":2409,"stem":2410},"SER07-J. Do not use the default serialized form for classes with implementation-defined invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F09.ser07-j",{"title":2412,"path":2413,"stem":2414},"SER08-J. Minimize privileges before deserializing from a privileged context","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F10.ser08-j",{"title":2416,"path":2417,"stem":2418},"SER09-J. Do not invoke overridable methods from the readObject() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F11.ser09-j",{"title":2420,"path":2421,"stem":2422},"SER10-J. Avoid memory and resource leaks during serialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F12.ser10-j",{"title":2424,"path":2425,"stem":2426},"SER11-J. Prevent overwriting of externalizable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F13.ser11-j",{"title":2428,"path":2429,"stem":2430},"SER12-J. Prevent deserialization of untrusted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F14.ser12-j",{"title":2432,"path":2433,"stem":2434,"children":2435},"Thread APIs (THI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F1.index",[2436,2437,2441,2445,2449,2453,2457],{"title":2432,"path":2433,"stem":2434},{"title":2438,"path":2439,"stem":2440},"THI00-J. Do not invoke Thread.run()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F2.thi00-j",{"title":2442,"path":2443,"stem":2444},"THI01-J. Do not invoke ThreadGroup methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F3.thi01-j",{"title":2446,"path":2447,"stem":2448},"THI02-J. Notify all waiting threads rather than a single thread","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F4.thi02-j",{"title":2450,"path":2451,"stem":2452},"THI03-J. Always invoke wait() and await() methods inside a loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F5.thi03-j",{"title":2454,"path":2455,"stem":2456},"THI04-J. Ensure that threads performing blocking operations can be terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F6.thi04-j",{"title":2458,"path":2459,"stem":2460},"THI05-J. Do not use Thread.stop() to terminate threads","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F7.thi05-j",{"title":2462,"path":2463,"stem":2464,"children":2465},"Thread Pools (TPS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F1.index",[2466,2467,2471,2475,2479,2483],{"title":2462,"path":2463,"stem":2464},{"title":2468,"path":2469,"stem":2470},"TPS00-J. Use thread pools to enable graceful degradation of service during traffic bursts","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F2.tps00-j",{"title":2472,"path":2473,"stem":2474},"TPS01-J. Do not execute interdependent tasks in a bounded thread pool","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F3.tps01-j",{"title":2476,"path":2477,"stem":2478},"TPS02-J. Ensure that tasks submitted to a thread pool are interruptible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F4.tps02-j",{"title":2480,"path":2481,"stem":2482},"TPS03-J. Ensure that tasks executing in a thread pool do not fail silently","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F5.tps03-j",{"title":2484,"path":2485,"stem":2486},"TPS04-J. Ensure ThreadLocal variables are reinitialized when using thread pools","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F6.tps04-j",{"title":2488,"path":2489,"stem":2490,"children":2491},"Thread-Safety Miscellaneous (TSM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F1.index",[2492,2493,2497,2501,2505],{"title":2488,"path":2489,"stem":2490},{"title":2494,"path":2495,"stem":2496},"TSM00-J. Do not override thread-safe methods with methods that are not thread-safe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F2.tsm00-j",{"title":2498,"path":2499,"stem":2500},"TSM01-J. Do not let the this reference escape during object construction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F3.tsm01-j",{"title":2502,"path":2503,"stem":2504},"TSM02-J. Do not use background threads during class initialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F4.tsm02-j",{"title":2506,"path":2507,"stem":2508},"TSM03-J. Do not publish partially initialized objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F5.tsm03-j",{"title":2510,"path":2511,"stem":2512,"children":2513},"Visibility and Atomicity (VNA)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F1.index",[2514,2515,2519,2523,2527,2531,2535],{"title":2510,"path":2511,"stem":2512},{"title":2516,"path":2517,"stem":2518},"VNA00-J. Ensure visibility when accessing shared primitive variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F2.vna00-j",{"title":2520,"path":2521,"stem":2522},"VNA01-J. Ensure visibility of shared references to immutable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F3.vna01-j",{"title":2524,"path":2525,"stem":2526},"VNA02-J. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F4.vna02-j",{"title":2528,"path":2529,"stem":2530},"VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F5.vna03-j",{"title":2532,"path":2533,"stem":2534},"VNA04-J. Ensure that calls to chained methods are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F6.vna04-j",{"title":2536,"path":2537,"stem":2538},"VNA05-J. Ensure atomicity when reading and writing 64-bit values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F7.vna05-j",{"title":2540,"path":2541,"stem":2542,"children":2543},"Recommendations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F01.index",[2544,2545,2558,2576,2629,2654,2683,2704,2737,2770,2831,2856,2897],{"title":2540,"path":2541,"stem":2542},{"title":1712,"path":2546,"stem":2547,"children":2548},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F1.index",[2549,2550,2554],{"title":1712,"path":2546,"stem":2547},{"title":2551,"path":2552,"stem":2553},"STR50-J. Use the appropriate method for counting characters in a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F2.str50-j",{"title":2555,"path":2556,"stem":2557},"STR51-J. Use the charset encoder and decoder classes when more control over the encoding process is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F3.str51-j",{"title":2559,"path":2560,"stem":2561,"children":2562},"Concurrency (CON)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F1.index",[2563,2564,2568,2572],{"title":2559,"path":2560,"stem":2561},{"title":2565,"path":2566,"stem":2567},"CON50-J. Do not assume that declaring a reference volatile guarantees safe publication of the members of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F2.con50-j",{"title":2569,"path":2570,"stem":2571},"CON51-J. Do not assume that the sleep(), yield(), or getState() methods provide synchronization semantics","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F3.con51-j",{"title":2573,"path":2574,"stem":2575},"CON52-J. Document thread-safety and use annotations where applicable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F4.con52-j",{"title":1738,"path":2577,"stem":2578,"children":2579},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F01.index",[2580,2581,2585,2589,2593,2597,2601,2605,2609,2613,2617,2621,2625],{"title":1738,"path":2577,"stem":2578},{"title":2582,"path":2583,"stem":2584},"DCL50-J. Use visually distinct identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F02.dcl50-j",{"title":2586,"path":2587,"stem":2588},"DCL51-J. Do not shadow or obscure identifiers in subscopes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F03.dcl51-j",{"title":2590,"path":2591,"stem":2592},"DCL52-J. Do not declare more than one variable per declaration","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F04.dcl52-j",{"title":2594,"path":2595,"stem":2596},"DCL53-J. Minimize the scope of variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F05.dcl53-j",{"title":2598,"path":2599,"stem":2600},"DCL54-J. Use meaningful symbolic constants to represent literal values in program logic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F06.dcl54-j",{"title":2602,"path":2603,"stem":2604},"DCL55-J. Properly encode relationships in constant definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F07.dcl55-j",{"title":2606,"path":2607,"stem":2608},"DCL56-J. Do not attach significance to the ordinal associated with an enum","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F08.dcl56-j",{"title":2610,"path":2611,"stem":2612},"DCL57-J. Avoid ambiguous overloading of variable arity methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F09.dcl57-j",{"title":2614,"path":2615,"stem":2616},"DCL58-J. Enable compile-time type checking of variable arity parameter types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F10.dcl58-j",{"title":2618,"path":2619,"stem":2620},"DCL59-J. Do not apply public final to constants whose value might change in later releases","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F11.dcl59-j",{"title":2622,"path":2623,"stem":2624},"DCL60-J. Avoid cyclic dependencies between packages","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F12.dcl60-j",{"title":2626,"path":2627,"stem":2628},"DCL61-J. Do not use raw types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F13.dcl61-j",{"title":1756,"path":2630,"stem":2631,"children":2632},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F1.index",[2633,2634,2638,2642,2646,2650],{"title":1756,"path":2630,"stem":2631},{"title":2635,"path":2636,"stem":2637},"ERR50-J. Use exceptions only for exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F2.err50-j",{"title":2639,"path":2640,"stem":2641},"ERR51-J. Prefer user-defined exceptions over more general exception types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F3.err51-j",{"title":2643,"path":2644,"stem":2645},"ERR52-J. Avoid in-band error indicators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F4.err52-j",{"title":2647,"path":2648,"stem":2649},"ERR53-J. Try to gracefully recover from system errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F5.err53-j",{"title":2651,"path":2652,"stem":2653},"ERR54-J. Use a try-with-resources statement to safely handle closeable resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F6.err54-j",{"title":1802,"path":2655,"stem":2656,"children":2657},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F1.index",[2658,2659,2663,2667,2671,2675,2679],{"title":1802,"path":2655,"stem":2656},{"title":2660,"path":2661,"stem":2662},"EXP50-J. Do not confuse abstract object equality with reference equality","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F2.exp50-j",{"title":2664,"path":2665,"stem":2666},"EXP51-J. Do not perform assignments in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F3.exp51-j",{"title":2668,"path":2669,"stem":2670},"EXP52-J. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F4.exp52-j",{"title":2672,"path":2673,"stem":2674},"EXP53-J. Use parentheses for precedence of operation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F5.exp53-j",{"title":2676,"path":2677,"stem":2678},"EXP54-J. Understand the differences between bitwise and logical operators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F6.exp54-j",{"title":2680,"path":2681,"stem":2682},"EXP55-J. Use the same type for the second and third operands in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F7.exp55-j",{"title":1840,"path":2684,"stem":2685,"children":2686},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F1.index",[2687,2688,2692,2696,2700],{"title":1840,"path":2684,"stem":2685},{"title":2689,"path":2690,"stem":2691},"FIO50-J. Do not make assumptions about file creation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F2.fio50-j",{"title":2693,"path":2694,"stem":2695},"FIO51-J. Identify files using multiple file attributes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F3.fio51-j",{"title":2697,"path":2698,"stem":2699},"FIO52-J. Do not store unencrypted sensitive information on the client side","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F4.fio52-j",{"title":2701,"path":2702,"stem":2703},"FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F5.fio53-j",{"title":1914,"path":2705,"stem":2706,"children":2707},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F1.index",[2708,2709,2713,2717,2721,2725,2729,2733],{"title":1914,"path":2705,"stem":2706},{"title":2710,"path":2711,"stem":2712},"IDS50-J. Use conservative file naming conventions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F2.ids50-j",{"title":2714,"path":2715,"stem":2716},"IDS51-J. Properly encode or escape output","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F3.ids51-j",{"title":2718,"path":2719,"stem":2720},"IDS52-J. Prevent code injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F4.ids52-j",{"title":2722,"path":2723,"stem":2724},"IDS53-J. Prevent XPath Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F5.ids53-j",{"title":2726,"path":2727,"stem":2728},"IDS54-J. Prevent LDAP injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F6.ids54-j",{"title":2730,"path":2731,"stem":2732},"IDS55-J. Understand how escape characters are interpreted when strings are loaded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F7.ids55-j",{"title":2734,"path":2735,"stem":2736},"IDS56-J. Prevent arbitrary file upload","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F8.ids56-j",{"title":2048,"path":2738,"stem":2739,"children":2740},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F1.index",[2741,2742,2746,2750,2754,2758,2762,2766],{"title":2048,"path":2738,"stem":2739},{"title":2743,"path":2744,"stem":2745},"MET50-J. Avoid ambiguous or confusing uses of overloading","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F2.met50-j",{"title":2747,"path":2748,"stem":2749},"MET51-J. Do not use overloaded methods to differentiate between runtime types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F3.met51-j",{"title":2751,"path":2752,"stem":2753},"MET52-J. Do not use the clone() method to copy untrusted method parameters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F4.met52-j",{"title":2755,"path":2756,"stem":2757},"MET53-J. Ensure that the clone() method calls super.clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F5.met53-j",{"title":2759,"path":2760,"stem":2761},"MET54-J. Always provide feedback about the resulting value of a method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F6.met54-j",{"title":2763,"path":2764,"stem":2765},"MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F7.met55-j",{"title":2767,"path":2768,"stem":2769},"MET56-J. Do not use Object.equals() to compare cryptographic keys","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F8.met56-j",{"title":2110,"path":2771,"stem":2772,"children":2773},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F01.index",[2774,2775,2779,2783,2787,2791,2795,2799,2803,2807,2811,2815,2819,2823,2827],{"title":2110,"path":2771,"stem":2772},{"title":2776,"path":2777,"stem":2778},"MSC50-J. Minimize the scope of the @SuppressWarnings annotation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F02.msc50-j",{"title":2780,"path":2781,"stem":2782},"MSC51-J. Do not place a semicolon immediately following an if, for, or while condition","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F03.msc51-j",{"title":2784,"path":2785,"stem":2786},"MSC52-J. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F04.msc52-j",{"title":2788,"path":2789,"stem":2790},"MSC53-J. Carefully design interfaces before releasing them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F05.msc53-j",{"title":2792,"path":2793,"stem":2794},"MSC54-J. Avoid inadvertent wrapping of loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F06.msc54-j",{"title":2796,"path":2797,"stem":2798},"MSC55-J. Use comments consistently and in a readable fashion","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F07.msc55-j",{"title":2800,"path":2801,"stem":2802},"MSC56-J. Detect and remove superfluous code and values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F08.msc56-j",{"title":2804,"path":2805,"stem":2806},"MSC57-J. Strive for logical completeness","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F09.msc57-j",{"title":2808,"path":2809,"stem":2810},"MSC58-J. Prefer using iterators over enumerations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F10.msc58-j",{"title":2812,"path":2813,"stem":2814},"MSC59-J. Limit the lifetime of sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F11.msc59-j",{"title":2816,"path":2817,"stem":2818},"MSC60-J. Do not use assertions to verify the absence of runtime errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F12.msc60-j",{"title":2820,"path":2821,"stem":2822},"MSC61-J. Do not use insecure or weak cryptographic algorithms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F13.msc61-j",{"title":2824,"path":2825,"stem":2826},"MSC62-J. Store passwords using a hash function","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc62-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F14.msc62-j",{"title":2828,"path":2829,"stem":2830},"MSC63-J. Ensure that SecureRandom is properly seeded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc63-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F15.msc63-j",{"title":2164,"path":2832,"stem":2833,"children":2834},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F1.index",[2835,2836,2840,2844,2848,2852],{"title":2164,"path":2832,"stem":2833},{"title":2837,"path":2838,"stem":2839},"NUM50-J. Convert integers to floating point for floating-point operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F2.num50-j",{"title":2841,"path":2842,"stem":2843},"NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F3.num51-j",{"title":2845,"path":2846,"stem":2847},"NUM52-J. Be aware of numeric promotion behavior","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F4.num52-j",{"title":2849,"path":2850,"stem":2851},"NUM53-J. Use the strictfp modifier for floating-point calculation consistency across platforms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F5.num53-j",{"title":2853,"path":2854,"stem":2855},"NUM54-J. Do not use denormalized numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F6.num54-j",{"title":2222,"path":2857,"stem":2858,"children":2859},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F01.index",[2860,2861,2865,2869,2873,2877,2881,2885,2889,2893],{"title":2222,"path":2857,"stem":2858},{"title":2862,"path":2863,"stem":2864},"OBJ50-J. Never confuse the immutability of a reference with that of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F02.obj50-j",{"title":2866,"path":2867,"stem":2868},"OBJ51-J. Minimize the accessibility of classes and their members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F03.obj51-j",{"title":2870,"path":2871,"stem":2872},"OBJ52-J. Write garbage-collection-friendly code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F04.obj52-j",{"title":2874,"path":2875,"stem":2876},"OBJ53-J. Do not use direct buffers for short-lived, infrequently used objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F05.obj53-j",{"title":2878,"path":2879,"stem":2880},"OBJ54-J. Do not attempt to help the garbage collector by setting local reference variables to null","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F06.obj54-j",{"title":2882,"path":2883,"stem":2884},"OBJ55-J. Remove short-lived objects from long-lived container objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F07.obj55-j",{"title":2886,"path":2887,"stem":2888},"OBJ56-J. Provide sensitive mutable classes with unmodifiable wrappers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F08.obj56-j",{"title":2890,"path":2891,"stem":2892},"OBJ57-J. Do not rely on methods that can be overridden by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F09.obj57-j",{"title":2894,"path":2895,"stem":2896},"OBJ58-J. Limit the extensibility of classes and methods with invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F10.obj58-j",{"title":2284,"path":2898,"stem":2899,"children":2900},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F01.index",[2901,2902,2906,2910,2914,2918,2922,2926,2930,2934],{"title":2284,"path":2898,"stem":2899},{"title":2903,"path":2904,"stem":2905},"SEC50-J. Avoid granting excess privileges","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F02.sec50-j",{"title":2907,"path":2908,"stem":2909},"SEC51-J. Minimize privileged code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F03.sec51-j",{"title":2911,"path":2912,"stem":2913},"SEC52-J. Do not expose methods that use reduced-security checks to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F04.sec52-j",{"title":2915,"path":2916,"stem":2917},"SEC53-J. Define custom security permissions for fine-grained security","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F05.sec53-j",{"title":2919,"path":2920,"stem":2921},"SEC54-J. Create a secure sandbox using a security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F06.sec54-j",{"title":2923,"path":2924,"stem":2925},"SEC55-J. Ensure that security-sensitive methods are called with validated arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F07.sec55-j",{"title":2927,"path":2928,"stem":2929},"SEC56-J. Do not serialize direct handles to system resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F08.sec56-j",{"title":2931,"path":2932,"stem":2933},"SEC57-J. Do not let untrusted code misuse privileges of callback methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F09.sec57-j",{"title":2935,"path":2936,"stem":2937},"SEC58-J. Deserialization methods should not perform potentially dangerous operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F10.sec58-j",{"title":1547,"path":1548,"stem":1549,"children":2939},[2940,2941,2942,2943,2947,2951,3076,3102],{"title":1547,"path":1548,"stem":1549},{"title":30,"path":1541,"stem":1543},{"title":1551,"path":1552,"stem":1553},{"title":2944,"path":2945,"stem":2946},"Rule AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F4.rule-aa-references",{"title":2948,"path":2949,"stem":2950},"Rule BB. Glossary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-bb-glossary","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F5.rule-bb-glossary",{"title":2952,"path":2953,"stem":2954,"children":2955},"Rule or Rec. CC. Analyzers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F01.index",[2956,2957,2961,2965,2968,2972,2976,2980,2984,2988,2992,2996,3000,3004,3008,3012,3016,3020,3024,3028,3032,3036,3040,3044,3048,3052,3056,3060,3064,3068,3072],{"title":2952,"path":2953,"stem":2954},{"title":2958,"path":2959,"stem":2960},"CodeSonar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F02.codesonar",{"title":2962,"path":2963,"stem":2964},"CodeSonar_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F03.codesonar_v",{"title":286,"path":2966,"stem":2967},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F04.coverity",{"title":2969,"path":2970,"stem":2971},"Coverity_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F05.coverity_v",{"title":2973,"path":2974,"stem":2975},"Eclipse","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F06.eclipse",{"title":2977,"path":2978,"stem":2979},"Eclipse_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F07.eclipse_v",{"title":2981,"path":2982,"stem":2983},"Error Prone","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F08.error-prone",{"title":2985,"path":2986,"stem":2987},"Error Prone_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F09.error-prone_v",{"title":2989,"path":2990,"stem":2991},"Findbugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F10.findbugs",{"title":2993,"path":2994,"stem":2995},"Findbugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F11.findbugs_v",{"title":2997,"path":2998,"stem":2999},"Fortify","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F12.fortify",{"title":3001,"path":3002,"stem":3003},"Fortify_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F13.fortify_v",{"title":3005,"path":3006,"stem":3007},"Klocwork","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F14.klocwork",{"title":3009,"path":3010,"stem":3011},"Klocwork_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F15.klocwork_v",{"title":3013,"path":3014,"stem":3015},"Parasoft","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F16.parasoft",{"title":3017,"path":3018,"stem":3019},"Parasoft_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F17.parasoft_v",{"title":3021,"path":3022,"stem":3023},"Pmd","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F18.pmd",{"title":3025,"path":3026,"stem":3027},"Pmd_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F19.pmd_v",{"title":3029,"path":3030,"stem":3031},"PVS-Studio","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F20.pvs-studio",{"title":3033,"path":3034,"stem":3035},"PVS-Studio_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F21.pvs-studio_v",{"title":3037,"path":3038,"stem":3039},"Security Reviewer - Static Reviewer","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F22.security-reviewer-static-reviewer",{"title":3041,"path":3042,"stem":3043},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F23.security-reviewer-static-reviewer_v",{"title":3045,"path":3046,"stem":3047},"SonarQube","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F24.sonarqube",{"title":3049,"path":3050,"stem":3051},"SonarQube_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F25.sonarqube_v",{"title":3053,"path":3054,"stem":3055},"SpotBugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F26.spotbugs",{"title":3057,"path":3058,"stem":3059},"SpotBugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F27.spotbugs_v",{"title":3061,"path":3062,"stem":3063},"The Checker Framework","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F28.the-checker-framework",{"title":3065,"path":3066,"stem":3067},"The Checker Framework_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F29.the-checker-framework_v",{"title":3069,"path":3070,"stem":3071},"ThreadSafe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F30.threadsafe",{"title":3073,"path":3074,"stem":3075},"ThreadSafe_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F31.threadsafe_v",{"title":3077,"path":3078,"stem":3079,"children":3080},"Rule or Rec. DD. Related Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F1.index",[3081,3082,3086,3090,3094,3098],{"title":3077,"path":3078,"stem":3079},{"title":3083,"path":3084,"stem":3085},"2010","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F2.2010","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F2.2010",{"title":3087,"path":3088,"stem":3089},"2013","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F3.2013","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F3.2013",{"title":3091,"path":3092,"stem":3093},"MITRE CAPEC","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-capec","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F4.mitre-capec",{"title":3095,"path":3096,"stem":3097},"MITRE CWE","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-cwe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F5.mitre-cwe",{"title":3099,"path":3100,"stem":3101},"SECURE CODING GUIDELINES FOR JAVA SE, VERSION 5.0","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fsecure-coding-guidelines-for-java-se-version-50","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F6.secure-coding-guidelines-for-java-se-version-50",{"title":3103,"path":3104,"stem":3105},"Rule or Rec. EE. Risk Assessments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-ee-risk-assessments","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F8.rule-or-rec-ee-risk-assessments",{"title":3107,"path":3108,"stem":3109,"children":3110},"Admin","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F1.index",[3111,3112,3116,3120,3124,3128],{"title":3107,"path":3108,"stem":3109},{"title":3113,"path":3114,"stem":3115},"All Guidelines with Classification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fall-guidelines-with-classification","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F2.all-guidelines-with-classification",{"title":3117,"path":3118,"stem":3119},"Normative Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fnormative-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F3.normative-guidelines",{"title":3121,"path":3122,"stem":3123},"Tech-edit","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftech-edit","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F4.tech-edit",{"title":3125,"path":3126,"stem":3127},"TODO List","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftodo-list","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F5.todo-list",{"title":3125,"path":3126,"stem":3129},"6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F6.todo-list",1775657766077]