[{"data":1,"prerenderedAt":3698},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-cwe":28,"surround-\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-cwe":2202,"sidebar-sei-cert-oracle-coding-standard-for-java":2211},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":41,"extension":2196,"meta":2197,"navigation":7,"path":2198,"seo":2199,"stem":2200,"__hash__":2201},"content\u002F6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F5.mitre-cwe.md","MITRE CWE",{"type":32,"value":33,"toc":2192},"minimark",[34,38,42,45],[35,36,30],"h1",{"id":37},"mitre-cwe",[39,40,41],"p",{},"This page was automatically generated and should not be edited.",[39,43,44],{},"The information on this page was provided by outside contributors and has not been verified by SEI CERT.",[46,47,48,57],"table",{},[49,50,51,55],"colgroup",{},[52,53],"col",{"style":54},"width: 50%",[52,56],{"style":54},[58,59,60,76,95,112,126,142,156,170,186,202,218,234,250,263,276,292,308,324,340,353,367,383,397,411,427,443,457,473,489,505,519,532,548,567,583,599,615,629,645,661,677,693,709,733,749,768,786,805,821,837,851,865,881,897,915,931,942,956,970,984,1000,1011,1027,1046,1062,1076,1090,1106,1120,1134,1149,1165,1181,1194,1210,1225,1241,1264,1277,1293,1307,1323,1339,1355,1369,1383,1399,1412,1428,1439,1450,1464,1477,1493,1509,1525,1539,1553,1567,1580,1596,1610,1623,1639,1655,1671,1682,1695,1708,1722,1738,1754,1765,1778,1794,1808,1821,1832,1843,1859,1873,1889,1900,1914,1928,1944,1957,1973,1989,2005,2019,2033,2047,2064,2080,2094,2110,2124,2135,2151,2165,2178],"tbody",{},[61,62,65,71],"tr",{"className":63},[64],"header",[66,67,68],"th",{},[39,69,70],{},"CERT Rule",[66,72,73],{},[39,74,75],{},"Related Guidelines",[61,77,80,88],{"className":78},[79],"odd",[81,82,83],"td",{},[84,85,87],"a",{"href":86},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids00-j","IDS00-J",[81,89,90,94],{},[84,91,93],{"href":92},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F116.html","CWE-116"," , Improper Encoding or Escaping of Output",[61,96,99,105],{"className":97},[98],"even",[81,100,101],{},[84,102,104],{"href":103},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids01-j","IDS01-J",[81,106,107,111],{},[84,108,110],{"href":109},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F289.html","CWE-289"," , Authentication bypass by alternate name",[61,113,115,119],{"className":114},[79],[81,116,117],{},[84,118,104],{"href":103},[81,120,121,125],{},[84,122,124],{"href":123},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F180.html","CWE-180"," , Incorrect behavior order: Validate before canonicalize",[61,127,129,135],{"className":128},[98],[81,130,131],{},[84,132,134],{"href":133},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids03-j","IDS03-J",[81,136,137,141],{},[84,138,140],{"href":139},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F144.html","CWE-144"," , Improper neutralization of line delimiters",[61,143,145,149],{"className":144},[79],[81,146,147],{},[84,148,134],{"href":133},[81,150,151,155],{},[84,152,154],{"href":153},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F150.html","CWE-150"," , Improper neutralization of escape, meta, or control sequences",[61,157,159,163],{"className":158},[98],[81,160,161],{},[84,162,134],{"href":133},[81,164,165,169],{},[84,166,168],{"href":167},"https:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F117.html","CWE-117"," , Improper Output Neutralization for Logs",[61,171,173,179],{"className":172},[79],[81,174,175],{},[84,176,178],{"href":177},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids04-j","IDS04-J",[81,180,181,185],{},[84,182,184],{"href":183},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F409.html","CWE-409"," , Improper Handling of Highly Compressed Data (Data Amplification)",[61,187,189,195],{"className":188},[98],[81,190,191],{},[84,192,194],{"href":193},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids06-j","IDS06-J",[81,196,197,201],{},[84,198,200],{"href":199},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F134.html","CWE-134"," , Uncontrolled Format String",[61,203,205,211],{"className":204},[79],[81,206,207],{},[84,208,210],{"href":209},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids07-j","IDS07-J",[81,212,213,217],{},[84,214,216],{"href":215},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F78.html","CWE-78,"," Improper Neutralization of Special Elements Used in an OS Command (\"OS Command Injection\")",[61,219,221,227],{"className":220},[98],[81,222,223],{},[84,224,226],{"href":225},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids08-j","IDS08-J",[81,228,229,233],{},[84,230,232],{"href":231},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F625.html","CWE-625"," , Permissive Regular Expression",[61,235,237,243],{"className":236},[79],[81,238,239],{},[84,240,242],{"href":241},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids11-j","IDS11-J",[81,244,245,249],{},[84,246,248],{"href":247},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F182.html","CWE-182"," , Collapse of Data into Unsafe Value",[61,251,253,259],{"className":252},[98],[81,254,255],{},[84,256,258],{"href":257},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids16-j","IDS16-J",[81,260,261,94],{},[84,262,93],{"href":92},[61,264,266,272],{"className":265},[79],[81,267,268],{},[84,269,271],{"href":270},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids17-j","IDS17-J",[81,273,274,94],{},[84,275,93],{"href":92},[61,277,279,285],{"className":278},[98],[81,280,281],{},[84,282,284],{"href":283},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-j","DCL00-J",[81,286,287,291],{},[84,288,290],{"href":289},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F665.html","CWE-665"," , Improper Initialization",[61,293,295,301],{"className":294},[79],[81,296,297],{},[84,298,300],{"href":299},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp00-j","EXP00-J",[81,302,303,307],{},[84,304,306],{"href":305},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F252.html","CWE-252"," , Unchecked Return Value",[61,309,311,317],{"className":310},[98],[81,312,313],{},[84,314,316],{"href":315},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp01-j","EXP01-J",[81,318,319,323],{},[84,320,322],{"href":321},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F476.html","CWE-476,"," NULL Pointer Dereference",[61,325,327,333],{"className":326},[79],[81,328,329],{},[84,330,332],{"href":331},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp02-j","EXP02-J",[81,334,335,339],{},[84,336,338],{"href":337},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F595.html","CWE-595"," , Comparison of Object References Instead of Object Contents",[61,341,343,349],{"className":342},[98],[81,344,345],{},[84,346,348],{"href":347},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp03-j","EXP03-J",[81,350,351,339],{},[84,352,338],{"href":337},[61,354,356,360],{"className":355},[79],[81,357,358],{},[84,359,348],{"href":347},[81,361,362,366],{},[84,363,365],{"href":364},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F597.html","CWE-597"," , Use of Wrong Operator in String Comparison",[61,368,370,376],{"className":369},[98],[81,371,372],{},[84,373,375],{"href":374},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum00-j","NUM00-J",[81,377,378,382],{},[84,379,381],{"href":380},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F682.html","CWE-682"," , Incorrect Calculation",[61,384,386,390],{"className":385},[79],[81,387,388],{},[84,389,375],{"href":374},[81,391,392,396],{},[84,393,395],{"href":394},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F190.html","CWE-190"," , Integer Overflow or Wraparound",[61,398,400,404],{"className":399},[98],[81,401,402],{},[84,403,375],{"href":374},[81,405,406,410],{},[84,407,409],{"href":408},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F191.html","CWE-191"," , Integer Underflow (Wrap or Wraparound)",[61,412,414,420],{"className":413},[79],[81,415,416],{},[84,417,419],{"href":418},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum02-j","NUM02-J",[81,421,422,426],{},[84,423,425],{"href":424},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F369.html","CWE-369"," , Divide by Zero",[61,428,430,436],{"className":429},[98],[81,431,432],{},[84,433,435],{"href":434},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum12-j","NUM12-J",[81,437,438,442],{},[84,439,441],{"href":440},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F681.html","CWE-681"," , Incorrect Conversion between Numeric Types",[61,444,446,450],{"className":445},[79],[81,447,448],{},[84,449,435],{"href":434},[81,451,452,456],{},[84,453,455],{"href":454},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F197.html","CWE-197"," , Numeric Truncation Error",[61,458,460,466],{"className":459},[98],[81,461,462],{},[84,463,465],{"href":464},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr03-j","STR03-J",[81,467,468,472],{},[84,469,471],{"href":470},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F838.html","CWE-838"," , Inappropriate Encoding for Output Context",[61,474,476,482],{"className":475},[79],[81,477,478],{},[84,479,481],{"href":480},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj01-j","OBJ01-J",[81,483,484,488],{},[84,485,487],{"href":486},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F766.html","CWE-766"," , Critical Variable Declared Public",[61,490,492,498],{"className":491},[98],[81,493,494],{},[84,495,497],{"href":496},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj04-j","OBJ04-J",[81,499,500,504],{},[84,501,503],{"href":502},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F374.html","CWE-374"," , Passing Mutable Objects to an Untrusted Method",[61,506,508,512],{"className":507},[79],[81,509,510],{},[84,511,497],{"href":496},[81,513,514,518],{},[84,515,517],{"href":516},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F375.html","CWE-375"," , Returning a Mutable Object to an Untrusted Caller",[61,520,522,528],{"className":521},[98],[81,523,524],{},[84,525,527],{"href":526},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj05-j","OBJ05-J",[81,529,530,518],{},[84,531,517],{"href":516},[61,533,535,541],{"className":534},[79],[81,536,537],{},[84,538,540],{"href":539},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj07-j","OBJ07-J",[81,542,543,547],{},[84,544,546],{"href":545},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F498.html","CWE-498"," , Cloneable Class Containing Sensitive Information",[61,549,551,555],{"className":550},[98],[81,552,553],{},[84,554,540],{"href":539},[81,556,557,561,562,566],{},[84,558,560],{"href":559},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F491.html","CWE-491"," , Public ",[563,564,565],"code",{}," cloneable() "," Method without Final (aka \"Object Hijack\")",[61,568,570,576],{"className":569},[79],[81,571,572],{},[84,573,575],{"href":574},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj08-j","OBJ08-J",[81,577,578,582],{},[84,579,581],{"href":580},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F492.html","CWE-492"," , Use of Inner Class Containing Sensitive Data",[61,584,586,592],{"className":585},[98],[81,587,588],{},[84,589,591],{"href":590},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj09-j","OBJ09-J",[81,593,594,598],{},[84,595,597],{"href":596},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F486.html","CWE-486"," , Comparison of Classes by Name",[61,600,602,608],{"className":601},[79],[81,603,604],{},[84,605,607],{"href":606},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj10-j","OBJ10-J",[81,609,610,614],{},[84,611,613],{"href":612},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F493.html","CWE-493"," , Critical Public Variable without Final Modifier",[61,616,618,622],{"className":617},[98],[81,619,620],{},[84,621,607],{"href":606},[81,623,624,628],{},[84,625,627],{"href":626},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F500.html","CWE-500"," , Public Static Field Not Marked Final",[61,630,632,638],{"className":631},[79],[81,633,634],{},[84,635,637],{"href":636},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj14-j","OBJ14-J",[81,639,640,644],{},[84,641,643],{"href":642},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F416.html","CWE-416"," , Use After Free",[61,646,648,654],{"className":647},[98],[81,649,650],{},[84,651,653],{"href":652},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet01-j","MET01-J",[81,655,656,660],{},[84,657,659],{"href":658},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F617.html","CWE-617"," , Reachable Assertion",[61,662,664,670],{"className":663},[79],[81,665,666],{},[84,667,669],{"href":668},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet02-j","MET02-J",[81,671,672,676],{},[84,673,675],{"href":674},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F589.html","CWE-589"," , Call to Non-ubiquitous API",[61,678,680,686],{"className":679},[98],[81,681,682],{},[84,683,685],{"href":684},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet04-j","MET04-J",[81,687,688,692],{},[84,689,691],{"href":690},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F487.html","CWE-487"," , Reliance on Package-Level Scope",[61,694,696,702],{"className":695},[79],[81,697,698],{},[84,699,701],{"href":700},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet08-j","MET08-J",[81,703,704,708],{},[84,705,707],{"href":706},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F697.html","CWE-697"," , Insufficient Comparison",[61,710,712,718],{"className":711},[98],[81,713,714],{},[84,715,717],{"href":716},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet09-j","MET09-J",[81,719,720,724,725,728,729,732],{},[84,721,723],{"href":722},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F581.html","CWE-581"," , Object Model Violation: Just One of ",[563,726,727],{}," equals "," and ",[563,730,731],{}," hashcode "," Defined",[61,734,736,742],{"className":735},[79],[81,737,738],{},[84,739,741],{"href":740},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet10-j","MET10-J",[81,743,744,748],{},[84,745,747],{"href":746},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F573.html","CWE-573"," , Improper Following of Specification by Caller",[61,750,752,758],{"className":751},[98],[81,753,754],{},[84,755,757],{"href":756},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet12-j","MET12-J",[81,759,760,764,765],{},[84,761,763],{"href":762},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F586.html","CWE-586"," , Explicit call to ",[563,766,767],{}," Finalize() ",[61,769,771,775],{"className":770},[79],[81,772,773],{},[84,774,757],{"href":756},[81,776,777,781,782,785],{},[84,778,780],{"href":779},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F583.html","CWE-583"," , ",[563,783,784],{}," finalize() "," Method Declared Public",[61,787,789,793],{"className":788},[98],[81,790,791],{},[84,792,757],{"href":756},[81,794,795,781,799,801,802],{},[84,796,798],{"href":797},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F568.html","CWE-568",[563,800,784],{}," Method without ",[563,803,804],{}," super.finalize() ",[61,806,808,814],{"className":807},[79],[81,809,810],{},[84,811,813],{"href":812},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr00-j","ERR00-J",[81,815,816,820],{},[84,817,819],{"href":818},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F390.html","CWE-390"," , Detection of Error Condition without Action",[61,822,824,830],{"className":823},[98],[81,825,826],{},[84,827,829],{"href":828},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr01-j","ERR01-J",[81,831,832,836],{},[84,833,835],{"href":834},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F209.html","CWE-209"," , Information Exposure through an Error Message",[61,838,840,844],{"className":839},[79],[81,841,842],{},[84,843,829],{"href":828},[81,845,846,850],{},[84,847,849],{"href":848},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F497.html","CWE-497"," , Exposure of System Data to an Unauthorized Control Sphere",[61,852,854,858],{"className":853},[98],[81,855,856],{},[84,857,829],{"href":828},[81,859,860,864],{},[84,861,863],{"href":862},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F600.html","CWE-600"," , Uncaught Exception in Servlet",[61,866,868,874],{"className":867},[79],[81,869,870],{},[84,871,873],{"href":872},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr03-j","ERR03-J",[81,875,876,880],{},[84,877,879],{"href":878},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F460.html","CWE-460"," , Improper Cleanup on Thrown Exception",[61,882,884,890],{"className":883},[98],[81,885,886],{},[84,887,889],{"href":888},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr04-j","ERR04-J",[81,891,892,896],{},[84,893,895],{"href":894},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F459.html","CWE-459"," , Incomplete Cleanup",[61,898,900,904],{"className":899},[79],[81,901,902],{},[84,903,889],{"href":888},[81,905,906,910,911,914],{},[84,907,909],{"href":908},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F584.html","CWE-584"," , Return Inside ",[563,912,913],{}," finally "," Block",[61,916,918,924],{"className":917},[98],[81,919,920],{},[84,921,923],{"href":922},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr05-j","ERR05-J",[81,925,926,930],{},[84,927,929],{"href":928},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F248.html","CWE-248"," , Uncaught Exception",[61,932,934,938],{"className":933},[79],[81,935,936],{},[84,937,923],{"href":922},[81,939,940,880],{},[84,941,879],{"href":878},[61,943,945,949],{"className":944},[98],[81,946,947],{},[84,948,923],{"href":922},[81,950,951,953,954,914],{},[84,952,909],{"href":908}," , Return inside ",[563,955,913],{},[61,957,959,963],{"className":958},[79],[81,960,961],{},[84,962,923],{"href":922},[81,964,965,969],{},[84,966,968],{"href":967},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F705.html","CWE-705"," , Incorrect Control Flow Scoping",[61,971,973,977],{"className":972},[98],[81,974,975],{},[84,976,923],{"href":922},[81,978,979,983],{},[84,980,982],{"href":981},"https:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F754.html","CWE-754"," , Improper Check for Unusual or Exceptional Conditions",[61,985,987,993],{"className":986},[79],[81,988,989],{},[84,990,992],{"href":991},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr06-j","ERR06-J",[81,994,995,999],{},[84,996,998],{"href":997},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F703.html","CWE-703"," , Improper Check or Handling of Exceptional Conditions",[61,1001,1003,1007],{"className":1002},[98],[81,1004,1005],{},[84,1006,992],{"href":991},[81,1008,1009,930],{},[84,1010,929],{"href":928},[61,1012,1014,1020],{"className":1013},[79],[81,1015,1016],{},[84,1017,1019],{"href":1018},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr07-j","ERR07-J",[81,1021,1022,1026],{},[84,1023,1025],{"href":1024},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F397.html","CWE-397"," , Declaration of Throws for Generic Exception",[61,1028,1030,1036],{"className":1029},[98],[81,1031,1032],{},[84,1033,1035],{"href":1034},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr09-j","ERR09-J",[81,1037,1038,1042,1043],{},[84,1039,1041],{"href":1040},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F382.html","CWE-382"," , J2EE Bad Practices: Use of ",[563,1044,1045],{}," System.exit() ",[61,1047,1049,1055],{"className":1048},[79],[81,1050,1051],{},[84,1052,1054],{"href":1053},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna00-j","VNA00-J",[81,1056,1057,1061],{},[84,1058,1060],{"href":1059},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F413.html","CWE-413"," , Improper Resource Locking",[61,1063,1065,1069],{"className":1064},[98],[81,1066,1067],{},[84,1068,1054],{"href":1053},[81,1070,1071,1075],{},[84,1072,1074],{"href":1073},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F567.html","CWE-567,"," Unsynchronized Access to Shared Data in a Multithreaded Context",[61,1077,1079,1083],{"className":1078},[79],[81,1080,1081],{},[84,1082,1054],{"href":1053},[81,1084,1085,1089],{},[84,1086,1088],{"href":1087},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F667.html","CWE-667"," , Improper Locking",[61,1091,1093,1099],{"className":1092},[98],[81,1094,1095],{},[84,1096,1098],{"href":1097},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna03-j","VNA03-J",[81,1100,1101,1105],{},[84,1102,1104],{"href":1103},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F362.html","CWE-362"," , Concurrent Execution Using Shared Resource with Improper Synchronization (\"Race Condition\")",[61,1107,1109,1113],{"className":1108},[79],[81,1110,1111],{},[84,1112,1098],{"href":1097},[81,1114,1115,1119],{},[84,1116,1118],{"href":1117},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F366.html","CWE-366"," , Race Condition within a Thread",[61,1121,1123,1127],{"className":1122},[98],[81,1124,1125],{},[84,1126,1098],{"href":1097},[81,1128,1129,1133],{},[84,1130,1132],{"href":1131},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F662.html","CWE-662"," , Improper Synchronization",[61,1135,1137,1143],{"className":1136},[79],[81,1138,1139],{},[84,1140,1142],{"href":1141},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna05-j","VNA05-J",[81,1144,1145,1148],{},[84,1146,1147],{"href":1087},"CWE-667,"," Improper Locking",[61,1150,1152,1158],{"className":1151},[98],[81,1153,1154],{},[84,1155,1157],{"href":1156},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck00-j","LCK00-J",[81,1159,1160,1164],{},[84,1161,1163],{"href":1162},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F412.html","CWE-412"," . Unrestricted externally accessible lock",[61,1166,1168,1174],{"className":1167},[79],[81,1169,1170],{},[84,1171,1173],{"href":1172},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck05-j","LCK05-J",[81,1175,1176,1180],{},[84,1177,1179],{"href":1178},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F820.html","CWE-820"," , Missing Synchronization",[61,1182,1184,1190],{"className":1183},[98],[81,1185,1186],{},[84,1187,1189],{"href":1188},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck06-j","LCK06-J",[81,1191,1192,1089],{},[84,1193,1088],{"href":1087},[61,1195,1197,1203],{"className":1196},[79],[81,1198,1199],{},[84,1200,1202],{"href":1201},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck07-j","LCK07-J",[81,1204,1205,1209],{},[84,1206,1208],{"href":1207},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F833.html","CWE-833"," , Deadlock",[61,1211,1213,1219],{"className":1212},[98],[81,1214,1215],{},[84,1216,1218],{"href":1217},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck08-j","LCK08-J",[81,1220,1221,1209],{},[84,1222,1224],{"href":1223},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F883.html","CWE-883",[61,1226,1228,1234],{"className":1227},[79],[81,1229,1230],{},[84,1231,1233],{"href":1232},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck10-j","LCK10-J",[81,1235,1236,1240],{},[84,1237,1239],{"href":1238},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F609.html","CWE-609"," , Double-checked Locking",[61,1242,1244,1250],{"className":1243},[98],[81,1245,1246],{},[84,1247,1249],{"href":1248},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi00-j","THI00-J",[81,1251,1252,1256,1257,1260,1261],{},[84,1253,1255],{"href":1254},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F572.html","CWE-572"," , Call to ",[563,1258,1259],{}," Thread run() "," instead of ",[563,1262,1263],{}," start() ",[61,1265,1267,1273],{"className":1266},[79],[81,1268,1269],{},[84,1270,1272],{"href":1271},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi05-j","THI05-J",[81,1274,1275,969],{},[84,1276,968],{"href":967},[61,1278,1280,1286],{"className":1279},[98],[81,1281,1282],{},[84,1283,1285],{"href":1284},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps00-j","TPS00-J",[81,1287,1288,1292],{},[84,1289,1291],{"href":1290},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F405.html","CWE-405"," , Asymmetric Resource Consumption (Amplification)",[61,1294,1296,1300],{"className":1295},[79],[81,1297,1298],{},[84,1299,1285],{"href":1284},[81,1301,1302,1306],{},[84,1303,1305],{"href":1304},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F410.html","CWE-410"," , Insufficient Resource Pool",[61,1308,1310,1316],{"className":1309},[98],[81,1311,1312],{},[84,1313,1315],{"href":1314},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps03-j","TPS03-J",[81,1317,1318,1322],{},[84,1319,1321],{"href":1320},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F392.html","CWE-392"," , Missing Report of Error Condition",[61,1324,1326,1332],{"className":1325},[79],[81,1327,1328],{},[84,1329,1331],{"href":1330},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio00-j","FIO00-J",[81,1333,1334,1338],{},[84,1335,1337],{"href":1336},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F67.html","CWE-67"," , Improper Handling of Windows Device Names",[61,1340,1342,1348],{"className":1341},[98],[81,1343,1344],{},[84,1345,1347],{"href":1346},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio01-j","FIO01-J",[81,1349,1350,1354],{},[84,1351,1353],{"href":1352},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F279.html","CWE-279"," , Incorrect Execution-Assigned Permissions",[61,1356,1358,1362],{"className":1357},[79],[81,1359,1360],{},[84,1361,1347],{"href":1346},[81,1363,1364,1368],{},[84,1365,1367],{"href":1366},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F276.html","CWE-276"," , Incorrect Default Permissions",[61,1370,1372,1376],{"className":1371},[98],[81,1373,1374],{},[84,1375,1347],{"href":1346},[81,1377,1378,1382],{},[84,1379,1381],{"href":1380},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F732.html","CWE-732"," , Incorrect Permission Assignment for Critical Resource",[61,1384,1386,1392],{"className":1385},[79],[81,1387,1388],{},[84,1389,1391],{"href":1390},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio03-j","FIO03-J",[81,1393,1394,1398],{},[84,1395,1397],{"href":1396},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F377.html","CWE-377"," , Insecure Temporary File",[61,1400,1402,1406],{"className":1401},[98],[81,1403,1404],{},[84,1405,1391],{"href":1390},[81,1407,1408,1411],{},[84,1409,1410],{"href":894},"CWE-459,"," Incomplete Cleanup",[61,1413,1415,1421],{"className":1414},[79],[81,1416,1417],{},[84,1418,1420],{"href":1419},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio04-j","FIO04-J",[81,1422,1423,1427],{},[84,1424,1426],{"href":1425},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F404.html","CWE-404"," , Improper Resource Shutdown or Release",[61,1429,1431,1435],{"className":1430},[98],[81,1432,1433],{},[84,1434,1420],{"href":1419},[81,1436,1437,1292],{},[84,1438,1291],{"href":1290},[61,1440,1442,1446],{"className":1441},[79],[81,1443,1444],{},[84,1445,1420],{"href":1419},[81,1447,1448,896],{},[84,1449,895],{"href":894},[61,1451,1453,1457],{"className":1452},[98],[81,1454,1455],{},[84,1456,1420],{"href":1419},[81,1458,1459,1463],{},[84,1460,1462],{"href":1461},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F770.html","CWE-770"," , Allocation of Resources without Limits or Throttling",[61,1465,1467,1473],{"className":1466},[79],[81,1468,1469],{},[84,1470,1472],{"href":1471},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio09-j","FIO09-J",[81,1474,1475,307],{},[84,1476,306],{"href":305},[61,1478,1480,1486],{"className":1479},[98],[81,1481,1482],{},[84,1483,1485],{"href":1484},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio10-j","FIO10-J",[81,1487,1488,1492],{},[84,1489,1491],{"href":1490},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F135.html","CWE-135"," , Incorrect Calculation of Multi-byte String Length",[61,1494,1496,1502],{"className":1495},[79],[81,1497,1498],{},[84,1499,1501],{"href":1500},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio12-j","FIO12-J",[81,1503,1504,1508],{},[84,1505,1507],{"href":1506},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F198.html","CWE-198"," , Use of Incorrect Byte Ordering",[61,1510,1512,1518],{"className":1511},[98],[81,1513,1514],{},[84,1515,1517],{"href":1516},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio13-j","FIO13-J",[81,1519,1520,1524],{},[84,1521,1523],{"href":1522},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F359.html","CWE-359"," , Privacy Violation",[61,1526,1528,1532],{"className":1527},[79],[81,1529,1530],{},[84,1531,1517],{"href":1516},[81,1533,1534,1538],{},[84,1535,1537],{"href":1536},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F532.html","CWE-532"," , Information Exposure through Log Files",[61,1540,1542,1546],{"className":1541},[98],[81,1543,1544],{},[84,1545,1517],{"href":1516},[81,1547,1548,1552],{},[84,1549,1551],{"href":1550},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F533.html","CWE-533"," , Information Exposure through Server Log Files",[61,1554,1556,1560],{"className":1555},[79],[81,1557,1558],{},[84,1559,1517],{"href":1516},[81,1561,1562,1566],{},[84,1563,1565],{"href":1564},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F542.html","CWE-542"," , Information Exposure through Cleanup Log Files",[61,1568,1570,1576],{"className":1569},[98],[81,1571,1572],{},[84,1573,1575],{"href":1574},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio14-j","FIO14-J",[81,1577,1578,969],{},[84,1579,968],{"href":967},[61,1581,1583,1589],{"className":1582},[79],[81,1584,1585],{},[84,1586,1588],{"href":1587},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio16-j","FIO16-J",[81,1590,1591,1595],{},[84,1592,1594],{"href":1593},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F171.html","CWE-171"," , Cleansing, Canonicalization, and Comparison Errors",[61,1597,1599,1603],{"className":1598},[98],[81,1600,1601],{},[84,1602,1588],{"href":1587},[81,1604,1605,1609],{},[84,1606,1608],{"href":1607},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F647.html","CWE-647"," , Use of Non-canonical URL Paths for Authorization Decisions",[61,1611,1613,1619],{"className":1612},[79],[81,1614,1615],{},[84,1616,1618],{"href":1617},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser00-j","SER00-J",[81,1620,1621,676],{},[84,1622,675],{"href":674},[61,1624,1626,1632],{"className":1625},[98],[81,1627,1628],{},[84,1629,1631],{"href":1630},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser01-j","SER01-J",[81,1633,1634,1638],{},[84,1635,1637],{"href":1636},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F502.html","CWE-502"," , Deserialization of Untrusted Data",[61,1640,1642,1648],{"className":1641},[79],[81,1643,1644],{},[84,1645,1647],{"href":1646},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser02-j","SER02-J",[81,1649,1650,1654],{},[84,1651,1653],{"href":1652},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F319.html","CWE-319"," , Cleartext Transmission of Sensitive Information",[61,1656,1658,1664],{"className":1657},[98],[81,1659,1660],{},[84,1661,1663],{"href":1662},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser03-j","SER03-J",[81,1665,1666,1670],{},[84,1667,1669],{"href":1668},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F499.html","CWE-499"," , Serializable Class Containing Sensitive Data",[61,1672,1674,1678],{"className":1673},[79],[81,1675,1676],{},[84,1677,1663],{"href":1662},[81,1679,1680,1638],{},[84,1681,1637],{"href":1636},[61,1683,1685,1691],{"className":1684},[98],[81,1686,1687],{},[84,1688,1690],{"href":1689},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser05-j","SER05-J",[81,1692,1693,1670],{},[84,1694,1669],{"href":1668},[61,1696,1698,1704],{"className":1697},[79],[81,1699,1700],{},[84,1701,1703],{"href":1702},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser06-j","SER06-J",[81,1705,1706,1638],{},[84,1707,1637],{"href":1636},[61,1709,1711,1717],{"className":1710},[98],[81,1712,1713],{},[84,1714,1716],{"href":1715},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser07-j","SER07-J",[81,1718,1719,1721],{},[84,1720,1637],{"href":1636}," , \"Deserialization of Untrusted Data\"",[61,1723,1725,1731],{"className":1724},[79],[81,1726,1727],{},[84,1728,1730],{"href":1729},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser08-j","SER08-J",[81,1732,1733,1737],{},[84,1734,1736],{"href":1735},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F250.html","CWE-250"," , Execution with Unnecessary Privileges",[61,1739,1741,1747],{"className":1740},[98],[81,1742,1743],{},[84,1744,1746],{"href":1745},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser10-j","SER10-J",[81,1748,1749,1753],{},[84,1750,1752],{"href":1751},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F400.html","CWE-400"," , Uncontrolled Resource Consumption (aka \"Resource Exhaustion\")",[61,1755,1757,1761],{"className":1756},[79],[81,1758,1759],{},[84,1760,1746],{"href":1745},[81,1762,1763,1463],{},[84,1764,1462],{"href":1461},[61,1766,1768,1774],{"className":1767},[98],[81,1769,1770],{},[84,1771,1773],{"href":1772},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser12-j","SER12-J",[81,1775,1776,1638],{},[84,1777,1637],{"href":1636},[61,1779,1781,1787],{"className":1780},[79],[81,1782,1783],{},[84,1784,1786],{"href":1785},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec00-j","SEC00-J",[81,1788,1789,1793],{},[84,1790,1792],{"href":1791},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F266.html","CWE-266"," , Incorrect Privilege Assignment",[61,1795,1797,1801],{"className":1796},[98],[81,1798,1799],{},[84,1800,1786],{"href":1785},[81,1802,1803,1807],{},[84,1804,1806],{"href":1805},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F272.html","CWE-272"," , Least Privilege Violation",[61,1809,1811,1817],{"className":1810},[79],[81,1812,1813],{},[84,1814,1816],{"href":1815},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec01-j","SEC01-J",[81,1818,1819,1793],{},[84,1820,1792],{"href":1791},[61,1822,1824,1828],{"className":1823},[98],[81,1825,1826],{},[84,1827,1816],{"href":1815},[81,1829,1830,1807],{},[84,1831,1806],{"href":1805},[61,1833,1835,1839],{"className":1834},[79],[81,1836,1837],{},[84,1838,1816],{"href":1815},[81,1840,1841,1382],{},[84,1842,1381],{"href":1380},[61,1844,1846,1852],{"className":1845},[98],[81,1847,1848],{},[84,1849,1851],{"href":1850},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec02-j","SEC02-J",[81,1853,1854,1858],{},[84,1855,1857],{"href":1856},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F302.html","CWE-302"," , Authentication Bypass by Assumed-Immutable Data",[61,1860,1862,1866],{"className":1861},[79],[81,1863,1864],{},[84,1865,1851],{"href":1850},[81,1867,1868,1872],{},[84,1869,1871],{"href":1870},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F470.html","CWE-470"," , Use of Externally-Controlled Input to Select Classes or Code (\"Unsafe Reflection\")",[61,1874,1876,1882],{"className":1875},[98],[81,1877,1878],{},[84,1879,1881],{"href":1880},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec06-j","SEC06-J",[81,1883,1884,1888],{},[84,1885,1887],{"href":1886},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F300.html","CWE-300"," , Channel Accessible by Non-endpoint (aka \"Man-in-the-Middle\")",[61,1890,1892,1896],{"className":1891},[79],[81,1893,1894],{},[84,1895,1881],{"href":1880},[81,1897,1898,1654],{},[84,1899,1653],{"href":1652},[61,1901,1903,1907],{"className":1902},[98],[81,1904,1905],{},[84,1906,1881],{"href":1880},[81,1908,1909,1913],{},[84,1910,1912],{"href":1911},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F347.html","CWE-347"," , Improper Verification of Cryptographic Signature",[61,1915,1917,1921],{"className":1916},[79],[81,1918,1919],{},[84,1920,1881],{"href":1880},[81,1922,1923,1927],{},[84,1924,1926],{"href":1925},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F494.html","CWE-494"," , Download of Code without Integrity Check",[61,1929,1931,1937],{"className":1930},[98],[81,1932,1933],{},[84,1934,1936],{"href":1935},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv01-j","ENV01-J",[81,1938,1939,1943],{},[84,1940,1942],{"href":1941},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F349.html","CWE-349"," , Acceptance of Extraneous Untrusted Data with Trusted Data",[61,1945,1947,1953],{"className":1946},[79],[81,1948,1949],{},[84,1950,1952],{"href":1951},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j\u002F","ENV03-J",[81,1954,1955,1382],{},[84,1956,1381],{"href":1380},[61,1958,1960,1966],{"className":1959},[98],[81,1961,1962],{},[84,1963,1965],{"href":1964},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni00-j","JNI00-J",[81,1967,1968,1972],{},[84,1969,1971],{"href":1970},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F111.html","CWE-111"," , Direct Use of Unsafe JNI",[61,1974,1976,1982],{"className":1975},[79],[81,1977,1978],{},[84,1979,1981],{"href":1980},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc00-j","MSC00-J",[81,1983,1984,1988],{},[84,1985,1987],{"href":1986},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F311.html","CWE-311"," , Failure to Encrypt Sensitive Data",[61,1990,1992,1998],{"className":1991},[98],[81,1993,1994],{},[84,1995,1997],{"href":1996},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc02-j","MSC02-J",[81,1999,2000,2004],{},[84,2001,2003],{"href":2002},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F327.html","CWE-327"," , Use of a Broken or Risky Cryptographic Algorithm",[61,2006,2008,2012],{"className":2007},[79],[81,2009,2010],{},[84,2011,1997],{"href":1996},[81,2013,2014,2018],{},[84,2015,2017],{"href":2016},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F330.html","CWE-330"," , Use of Insufficiently Random Values",[61,2020,2022,2026],{"className":2021},[98],[81,2023,2024],{},[84,2025,1997],{"href":1996},[81,2027,2028,2032],{},[84,2029,2031],{"href":2030},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F332.html","CWE-332"," , Insufficient Entropy in PRNG",[61,2034,2036,2040],{"className":2035},[79],[81,2037,2038],{},[84,2039,1997],{"href":1996},[81,2041,2042,2046],{},[84,2043,2045],{"href":2044},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F336.html","CWE-336"," , Same Seed in PRNG",[61,2048,2050,2054],{"className":2049},[98],[81,2051,2052],{},[84,2053,1997],{"href":1996},[81,2055,2056,2060,2061],{},[84,2057,2059],{"href":2058},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F337.html","CWE-337"," , Predictable Seed in PRNG",[2062,2063],"br",{},[61,2065,2067,2073],{"className":2066},[79],[81,2068,2069],{},[84,2070,2072],{"href":2071},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc03-j","MSC03-J",[81,2074,2075,2079],{},[84,2076,2078],{"href":2077},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F259.html","CWE-259"," , Use of Hard-Coded Password",[61,2081,2083,2087],{"className":2082},[98],[81,2084,2085],{},[84,2086,2072],{"href":2071},[81,2088,2089,2093],{},[84,2090,2092],{"href":2091},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F798.html","CWE-798"," , Use of Hard-Coded Credentials",[61,2095,2097,2103],{"className":2096},[79],[81,2098,2099],{},[84,2100,2102],{"href":2101},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc04-j","MSC04-J",[81,2104,2105,2109],{},[84,2106,2108],{"href":2107},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F401.html","CWE-401"," , Improper Release of Memory before Removing Last Reference (\"Memory Leak\")",[61,2111,2113,2119],{"className":2112},[98],[81,2114,2115],{},[84,2116,2118],{"href":2117},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc05-j","MSC05-J",[81,2120,2121,2123],{},[84,2122,1752],{"href":1751}," , Uncontrolled Resource Consumption (\"Resource Exhaustion\")",[61,2125,2127,2131],{"className":2126},[79],[81,2128,2129],{},[84,2130,2118],{"href":2117},[81,2132,2133,1463],{},[84,2134,1462],{"href":1461},[61,2136,2138,2144],{"className":2137},[98],[81,2139,2140],{},[84,2141,2143],{"href":2142},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc07-j","MSC07-J",[81,2145,2146,2150],{},[84,2147,2149],{"href":2148},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F543.html","CWE-543"," , Use of Singleton Pattern without Synchronization in a Multithreaded Context",[61,2152,2154,2160],{"className":2153},[79],[81,2155,2156],{},[84,2157,2159],{"href":2158},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids50-j","IDS50-J",[81,2161,2162,2164],{},[84,2163,93],{"href":92}," , Improper encoding or escaping of output",[61,2166,2168,2174],{"className":2167},[98],[81,2169,2170],{},[84,2171,2173],{"href":2172},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec58-j","SEC58-J",[81,2175,2176,1638],{},[84,2177,1637],{"href":1636},[61,2179,2181,2187],{"className":2180},[79],[81,2182,2183],{},[84,2184,2186],{"href":2185},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr51-j","STR51-J",[81,2188,2189,2191],{},[84,2190,471],{"href":470}," . Inappropriate Encoding for Output Context",{"title":2193,"searchDepth":2194,"depth":2194,"links":2195},"",2,[],"md",{},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-cwe",{"title":30,"description":41},"6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F5.mitre-cwe","uERsE3WtiwORPn652dbyfZeSpR1qNprfoU3KcoByI4M",[2203,2207],{"title":2204,"path":2205,"stem":2206,"children":-1},"MITRE CAPEC","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-capec","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F4.mitre-capec",{"title":2208,"path":2209,"stem":2210,"children":-1},"SECURE CODING GUIDELINES FOR JAVA SE, VERSION 5.0","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fsecure-coding-guidelines-for-java-se-version-50","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F6.secure-coding-guidelines-for-java-se-version-50",[2212],{"title":2213,"path":2214,"stem":2215,"children":2216},"SEI CERT Oracle Coding Standard for Java","\u002Fsei-cert-oracle-coding-standard-for-java","6.sei-cert-oracle-coding-standard-for-java\u002F1.index",[2217,2218,2358,3109,3505,3674],{"title":2213,"path":2214,"stem":2215},{"title":2219,"path":2220,"stem":2221,"children":2222},"Front Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F1.index",[2223,2224,2228,2232,2236,2282,2320],{"title":2219,"path":2220,"stem":2221},{"title":2225,"path":2226,"stem":2227},"Rules versus Recommendations (Java)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frules-versus-recommendations-java","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F2.rules-versus-recommendations-java",{"title":2229,"path":2230,"stem":2231},"Acknowledgments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Facknowledgments","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F3.acknowledgments",{"title":2233,"path":2234,"stem":2235},"Deprecations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Fdeprecations","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.deprecations",{"title":2237,"path":2238,"stem":2239,"children":2240},"Rec. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F01.index",[2241,2242,2246,2250,2254,2258,2262,2266,2270,2274,2278],{"title":2237,"path":2238,"stem":2239},{"title":2243,"path":2244,"stem":2245},"Scope","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F02.scope",{"title":2247,"path":2248,"stem":2249},"Audience","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F03.audience",{"title":2251,"path":2252,"stem":2253},"Contents and Organization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F05.contents-and-organization",{"title":2255,"path":2256,"stem":2257},"Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fguidelines","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F06.guidelines",{"title":2259,"path":2260,"stem":2261},"Usage","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F07.usage",{"title":2263,"path":2264,"stem":2265},"System Qualities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F08.system-qualities",{"title":2267,"path":2268,"stem":2269},"Priority and Levels","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F09.priority-and-levels",{"title":2271,"path":2272,"stem":2273},"Automatically Generated Code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F10.automatically-generated-code",{"title":2275,"path":2276,"stem":2277},"Source Code Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsource-code-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F11.source-code-validation",{"title":2279,"path":2280,"stem":2281},"Tool Selection and Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F12.tool-selection-and-validation",{"title":2283,"path":2284,"stem":2285,"children":2286},"Rule. Introduction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F01.index",[2287,2288,2292,2296,2300,2304,2308,2312,2316],{"title":2283,"path":2284,"stem":2285},{"title":2289,"path":2290,"stem":2291},"Input Validation and Data Sanitization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Finput-validation-and-data-sanitization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F02.input-validation-and-data-sanitization",{"title":2293,"path":2294,"stem":2295},"Leaking Sensitive Data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-sensitive-data","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F03.leaking-sensitive-data",{"title":2297,"path":2298,"stem":2299},"Type Safety","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Ftype-safety","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F04.type-safety",{"title":2301,"path":2302,"stem":2303},"Leaking Capabilities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-capabilities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F05.leaking-capabilities",{"title":2305,"path":2306,"stem":2307},"Denial of Service","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fdenial-of-service","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F06.denial-of-service",{"title":2309,"path":2310,"stem":2311},"Libraries","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Flibraries","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F07.libraries",{"title":2313,"path":2314,"stem":2315},"Concurrency, Visibility, and Memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fconcurrency-visibility-and-memory","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F08.concurrency-visibility-and-memory",{"title":2317,"path":2318,"stem":2319},"Privilege Escalation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fprivilege-escalation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F09.privilege-escalation",{"title":2321,"path":2322,"stem":2323,"children":2324},"Rule. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F01.index",[2325,2326,2329,2332,2335,2339,2342,2345,2348,2351,2355],{"title":2321,"path":2322,"stem":2323},{"title":2243,"path":2327,"stem":2328},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F02.scope",{"title":2247,"path":2330,"stem":2331},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F03.audience",{"title":2251,"path":2333,"stem":2334},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F04.contents-and-organization",{"title":2336,"path":2337,"stem":2338},"Identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fidentifiers","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F05.identifiers",{"title":2259,"path":2340,"stem":2341},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F06.usage",{"title":2263,"path":2343,"stem":2344},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F07.system-qualities",{"title":2267,"path":2346,"stem":2347},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F08.priority-and-levels",{"title":2271,"path":2349,"stem":2350},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F09.automatically-generated-code",{"title":2352,"path":2353,"stem":2354},"Conformance Testing","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fconformance-testing","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F10.conformance-testing",{"title":2279,"path":2356,"stem":2357},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F11.tool-selection-and-validation",{"title":2359,"path":2360,"stem":2361,"children":2362},"Rules","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F01.index",[2363,2364,2368,2393,2410,2448,2482,2546,2590,2615,2663,2718,2766,2821,2875,2921,2960,3008,3036,3060,3082],{"title":2359,"path":2360,"stem":2361},{"title":2365,"path":2366,"stem":2367},"Android (DRD)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fandroid-drd","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F02.android-drd",{"title":2369,"path":2370,"stem":2371,"children":2372},"Characters and Strings (STR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F1.index",[2373,2374,2378,2382,2386,2389],{"title":2369,"path":2370,"stem":2371},{"title":2375,"path":2376,"stem":2377},"STR00-J. Don't form strings containing partial characters from variable-width encodings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F2.str00-j",{"title":2379,"path":2380,"stem":2381},"STR01-J. Do not assume that a Java char fully represents a Unicode code point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F3.str01-j",{"title":2383,"path":2384,"stem":2385},"STR02-J. Specify an appropriate locale when comparing locale-dependent data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F4.str02-j",{"title":2387,"path":464,"stem":2388},"STR03-J. Do not encode noncharacter data as a string","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F5.str03-j",{"title":2390,"path":2391,"stem":2392},"STR04-J. Use compatible character encodings when communicating string data between JVMs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F6.str04-j",{"title":2394,"path":2395,"stem":2396,"children":2397},"Declarations and Initialization (DCL)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F1.index",[2398,2399,2402,2406],{"title":2394,"path":2395,"stem":2396},{"title":2400,"path":283,"stem":2401},"DCL00-J. Prevent class initialization cycles","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F2.dcl00-j",{"title":2403,"path":2404,"stem":2405},"DCL01-J. Do not reuse public identifiers from the Java Standard Library","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F3.dcl01-j",{"title":2407,"path":2408,"stem":2409},"DCL02-J. Do not modify the collection's elements during an enhanced for statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F4.dcl02-j",{"title":2411,"path":2412,"stem":2413,"children":2414},"Exceptional Behavior (ERR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F01.index",[2415,2416,2419,2422,2426,2429,2432,2435,2438,2441,2445],{"title":2411,"path":2412,"stem":2413},{"title":2417,"path":812,"stem":2418},"ERR00-J. Do not suppress or ignore checked exceptions","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F02.err00-j",{"title":2420,"path":828,"stem":2421},"ERR01-J. Do not allow exceptions to expose sensitive information","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F03.err01-j",{"title":2423,"path":2424,"stem":2425},"ERR02-J. Prevent exceptions while logging data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F04.err02-j",{"title":2427,"path":872,"stem":2428},"ERR03-J. Restore prior object state on method failure","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F05.err03-j",{"title":2430,"path":888,"stem":2431},"ERR04-J. Do not complete abruptly from a finally block","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F06.err04-j",{"title":2433,"path":922,"stem":2434},"ERR05-J. Do not let checked exceptions escape from a finally block","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F07.err05-j",{"title":2436,"path":991,"stem":2437},"ERR06-J. Do not throw undeclared checked exceptions","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F08.err06-j",{"title":2439,"path":1018,"stem":2440},"ERR07-J. Do not throw RuntimeException, Exception, or Throwable","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F09.err07-j",{"title":2442,"path":2443,"stem":2444},"ERR08-J. Do not catch NullPointerException or any of its ancestors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F10.err08-j",{"title":2446,"path":1034,"stem":2447},"ERR09-J. Do not allow untrusted code to terminate the JVM","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F11.err09-j",{"title":2449,"path":2450,"stem":2451,"children":2452},"Expressions (EXP)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F1.index",[2453,2454,2457,2460,2463,2466,2470,2474,2478],{"title":2449,"path":2450,"stem":2451},{"title":2455,"path":299,"stem":2456},"EXP00-J. Do not ignore values returned by methods","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F2.exp00-j",{"title":2458,"path":315,"stem":2459},"EXP01-J. Do not use a null in a case where an object is required","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F3.exp01-j",{"title":2461,"path":331,"stem":2462},"EXP02-J. Do not use the Object.equals() method to compare two arrays","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F4.exp02-j",{"title":2464,"path":347,"stem":2465},"EXP03-J. Do not use the equality operators when comparing values of boxed primitives","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F5.exp03-j",{"title":2467,"path":2468,"stem":2469},"EXP04-J. Do not pass arguments to certain Java Collections Framework methods that are a different type than the collection parameter type","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F6.exp04-j",{"title":2471,"path":2472,"stem":2473},"EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F7.exp05-j",{"title":2475,"path":2476,"stem":2477},"EXP06-J. Expressions used in assertions must not produce side effects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F8.exp06-j",{"title":2479,"path":2480,"stem":2481},"EXP07-J. Prevent loss of useful data due to weak references","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F9.exp07-j",{"title":2483,"path":2484,"stem":2485,"children":2486},"Input Output (FIO)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F01.index",[2487,2488,2491,2494,2498,2501,2504,2508,2512,2516,2520,2523,2526,2530,2533,2536,2539,2543],{"title":2483,"path":2484,"stem":2485},{"title":2489,"path":1330,"stem":2490},"FIO00-J. Do not operate on files in shared directories","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F02.fio00-j",{"title":2492,"path":1346,"stem":2493},"FIO01-J. Create files with appropriate access permissions","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F03.fio01-j",{"title":2495,"path":2496,"stem":2497},"FIO02-J. Detect and handle file-related errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F04.fio02-j",{"title":2499,"path":1390,"stem":2500},"FIO03-J. Remove temporary files before termination","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F05.fio03-j",{"title":2502,"path":1419,"stem":2503},"FIO04-J. Release resources when they are no longer needed","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F06.fio04-j",{"title":2505,"path":2506,"stem":2507},"FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F07.fio05-j",{"title":2509,"path":2510,"stem":2511},"FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F08.fio06-j",{"title":2513,"path":2514,"stem":2515},"FIO07-J. Do not let external processes block on IO buffers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F09.fio07-j",{"title":2517,"path":2518,"stem":2519},"FIO08-J. Distinguish between characters or bytes read from a stream and -1","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F10.fio08-j",{"title":2521,"path":1471,"stem":2522},"FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F11.fio09-j",{"title":2524,"path":1484,"stem":2525},"FIO10-J. Ensure the array is filled when using read() to fill an array","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F12.fio10-j",{"title":2527,"path":2528,"stem":2529},"FIO11-J. Do not convert between strings and bytes without specifying a valid character encoding","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F13.fio11-j",{"title":2531,"path":1500,"stem":2532},"FIO12-J. Provide methods to read and write little-endian data","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F14.fio12-j",{"title":2534,"path":1516,"stem":2535},"FIO13-J. Do not log sensitive information outside a trust boundary","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F15.fio13-j",{"title":2537,"path":1574,"stem":2538},"FIO14-J. Perform proper cleanup at program termination","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F16.fio14-j",{"title":2540,"path":2541,"stem":2542},"FIO15-J. Do not reset a servlet's output stream after committing it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F17.fio15-j",{"title":2544,"path":1587,"stem":2545},"FIO16-J. Canonicalize path names before validating them","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F18.fio16-j",{"title":2547,"path":2548,"stem":2549,"children":2550},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F01.index",[2551,2552,2555,2558,2561,2564,2567,2570,2573,2576,2580,2584,2587],{"title":2547,"path":2548,"stem":2549},{"title":2553,"path":86,"stem":2554},"IDS00-J. Prevent SQL injection","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F02.ids00-j",{"title":2556,"path":103,"stem":2557},"IDS01-J. Normalize strings before validating them","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F03.ids01-j",{"title":2559,"path":133,"stem":2560},"IDS03-J. Do not log unsanitized user input","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F04.ids03-j",{"title":2562,"path":177,"stem":2563},"IDS04-J. Safely extract files from ZipInputStream","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F05.ids04-j",{"title":2565,"path":193,"stem":2566},"IDS06-J. Exclude unsanitized user input from format strings","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F06.ids06-j",{"title":2568,"path":209,"stem":2569},"IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F07.ids07-j",{"title":2571,"path":225,"stem":2572},"IDS08-J. Sanitize untrusted data included in a regular expression","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F08.ids08-j",{"title":2574,"path":241,"stem":2575},"IDS11-J. Perform any string modifications before validation","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F09.ids11-j",{"title":2577,"path":2578,"stem":2579},"IDS14-J. Do not trust the contents of hidden form fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F10.ids14-j",{"title":2581,"path":2582,"stem":2583},"IDS15-J. Do not allow sensitive information to leak outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F11.ids15-j",{"title":2585,"path":257,"stem":2586},"IDS16-J. Prevent XML Injection","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F12.ids16-j",{"title":2588,"path":270,"stem":2589},"IDS17-J. Prevent XML External Entity Attacks","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F13.ids17-j",{"title":2591,"path":2592,"stem":2593,"children":2594},"Java Native Interface (JNI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F1.index",[2595,2596,2599,2603,2607,2611],{"title":2591,"path":2592,"stem":2593},{"title":2597,"path":1964,"stem":2598},"JNI00-J. Define wrappers around native methods","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F2.jni00-j",{"title":2600,"path":2601,"stem":2602},"JNI01-J. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance (loadLibrary)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F3.jni01-j",{"title":2604,"path":2605,"stem":2606},"JNI02-J. Do not assume object references are constant or unique","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F4.jni02-j",{"title":2608,"path":2609,"stem":2610},"JNI03-J. Do not use direct pointers to Java objects in JNI code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F5.jni03-j",{"title":2612,"path":2613,"stem":2614},"JNI04-J. Do not assume that Java strings are null-terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F6.jni04-j",{"title":2616,"path":2617,"stem":2618,"children":2619},"Locking (LCK)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F01.index",[2620,2621,2624,2628,2632,2636,2640,2643,2646,2649,2652,2656,2659],{"title":2616,"path":2617,"stem":2618},{"title":2622,"path":1156,"stem":2623},"LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F02.lck00-j",{"title":2625,"path":2626,"stem":2627},"LCK01-J. Do not synchronize on objects that may be reused","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F03.lck01-j",{"title":2629,"path":2630,"stem":2631},"LCK02-J. Do not synchronize on the class object returned by getClass()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F04.lck02-j",{"title":2633,"path":2634,"stem":2635},"LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F05.lck03-j",{"title":2637,"path":2638,"stem":2639},"LCK04-J. Do not synchronize on a collection view if the backing collection is accessible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F06.lck04-j",{"title":2641,"path":1172,"stem":2642},"LCK05-J. Synchronize access to static fields that can be modified by untrusted code","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F07.lck05-j",{"title":2644,"path":1188,"stem":2645},"LCK06-J. Do not use an instance lock to protect shared static data","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F08.lck06-j",{"title":2647,"path":1201,"stem":2648},"LCK07-J. Avoid deadlock by requesting and releasing locks in the same order","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F09.lck07-j",{"title":2650,"path":1217,"stem":2651},"LCK08-J. Ensure actively held locks are released on exceptional conditions","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F10.lck08-j",{"title":2653,"path":2654,"stem":2655},"LCK09-J. Do not perform operations that can block while holding a lock","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F11.lck09-j",{"title":2657,"path":1232,"stem":2658},"LCK10-J. Use a correct form of the double-checked locking idiom","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F12.lck10-j",{"title":2660,"path":2661,"stem":2662},"LCK11-J. Avoid client-side locking when using classes that do not commit to their locking strategy","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F13.lck11-j",{"title":2664,"path":2665,"stem":2666,"children":2667},"Methods (MET)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F01.index",[2668,2669,2673,2676,2679,2683,2686,2690,2694,2698,2701,2704,2707,2711,2714],{"title":2664,"path":2665,"stem":2666},{"title":2670,"path":2671,"stem":2672},"MET00-J. Validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F02.met00-j",{"title":2674,"path":652,"stem":2675},"MET01-J. Never use assertions to validate method arguments","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F03.met01-j",{"title":2677,"path":668,"stem":2678},"MET02-J. Do not use deprecated or obsolete classes or methods","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F04.met02-j",{"title":2680,"path":2681,"stem":2682},"MET03-J. Methods that perform a security check must be declared private or final","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F05.met03-j",{"title":2684,"path":684,"stem":2685},"MET04-J. Do not increase the accessibility of overridden or hidden methods","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F06.met04-j",{"title":2687,"path":2688,"stem":2689},"MET05-J. Ensure that constructors do not call overridable methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F07.met05-j",{"title":2691,"path":2692,"stem":2693},"MET06-J. Do not invoke overridable methods in clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F08.met06-j",{"title":2695,"path":2696,"stem":2697},"MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F09.met07-j",{"title":2699,"path":700,"stem":2700},"MET08-J. Preserve the equality contract when overriding the equals() method","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F10.met08-j",{"title":2702,"path":716,"stem":2703},"MET09-J. Classes that define an equals() method must also define a hashCode() method","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F11.met09-j",{"title":2705,"path":740,"stem":2706},"MET10-J. Follow the general contract when implementing the compareTo() method","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F12.met10-j",{"title":2708,"path":2709,"stem":2710},"MET11-J. Ensure that keys used in comparison operations are immutable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F13.met11-j",{"title":2712,"path":756,"stem":2713},"MET12-J. Do not use finalizers","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F14.met12-j",{"title":2715,"path":2716,"stem":2717},"MET13-J. Do not assume that reassigning method arguments modifies the calling environment","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F15.met13-j",{"title":2719,"path":2720,"stem":2721,"children":2722},"Miscellaneous (MSC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F01.index",[2723,2724,2727,2731,2734,2737,2740,2743,2747,2750,2754,2758,2762],{"title":2719,"path":2720,"stem":2721},{"title":2725,"path":1980,"stem":2726},"MSC00-J. Use SSLSocket rather than Socket for secure data exchange","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F02.msc00-j",{"title":2728,"path":2729,"stem":2730},"MSC01-J. Do not use an empty infinite loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F03.msc01-j",{"title":2732,"path":1996,"stem":2733},"MSC02-J. Generate strong random numbers","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F04.msc02-j",{"title":2735,"path":2071,"stem":2736},"MSC03-J. Never hard code sensitive information","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F05.msc03-j",{"title":2738,"path":2101,"stem":2739},"MSC04-J. Do not leak memory","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F06.msc04-j",{"title":2741,"path":2117,"stem":2742},"MSC05-J. Do not exhaust heap space","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F07.msc05-j",{"title":2744,"path":2745,"stem":2746},"MSC06-J. Do not modify the underlying collection when an iteration is in progress","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F08.msc06-j",{"title":2748,"path":2142,"stem":2749},"MSC07-J. Prevent multiple instantiations of singleton objects","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F09.msc07-j",{"title":2751,"path":2752,"stem":2753},"MSC08-J. Do not store nonserializable objects as attributes in an HTTP session","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F10.msc08-j",{"title":2755,"path":2756,"stem":2757},"MSC09-J. For OAuth, ensure (a) [relying party receiving user's ID in last step] is same as (b) [relying party the access token was granted to].","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F11.msc09-j",{"title":2759,"path":2760,"stem":2761},"MSC10-J. Do not use OAuth 2.0 implicit grant (unmodified) for authentication","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F12.msc10-j",{"title":2763,"path":2764,"stem":2765},"MSC11-J. Do not let session information leak within a servlet","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F13.msc11-j",{"title":2767,"path":2768,"stem":2769,"children":2770},"Numeric Types and Operations (NUM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F01.index",[2771,2772,2775,2779,2782,2786,2790,2794,2798,2802,2806,2810,2813,2817],{"title":2767,"path":2768,"stem":2769},{"title":2773,"path":374,"stem":2774},"NUM00-J. Detect or prevent integer overflow","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F02.num00-j",{"title":2776,"path":2777,"stem":2778},"NUM01-J. Do not perform bitwise and arithmetic operations on the same data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F03.num01-j",{"title":2780,"path":418,"stem":2781},"NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F04.num02-j",{"title":2783,"path":2784,"stem":2785},"NUM03-J. Use integer types that can fully represent the possible range of unsigned data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F05.num03-j",{"title":2787,"path":2788,"stem":2789},"NUM04-J. Do not use floating-point numbers if precise computation is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F06.num04-j",{"title":2791,"path":2792,"stem":2793},"NUM07-J. Do not attempt comparisons with NaN","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F07.num07-j",{"title":2795,"path":2796,"stem":2797},"NUM08-J. Check floating-point inputs for exceptional values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F08.num08-j",{"title":2799,"path":2800,"stem":2801},"NUM09-J. Do not use floating-point variables as loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F09.num09-j",{"title":2803,"path":2804,"stem":2805},"NUM10-J. Do not construct BigDecimal objects from floating-point literals","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F10.num10-j",{"title":2807,"path":2808,"stem":2809},"NUM11-J. Do not compare or inspect the string representation of floating-point values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F11.num11-j",{"title":2811,"path":434,"stem":2812},"NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F12.num12-j",{"title":2814,"path":2815,"stem":2816},"NUM13-J. Avoid loss of precision when converting primitive integers to floating-point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F13.num13-j",{"title":2818,"path":2819,"stem":2820},"NUM14-J. Use shift operators correctly","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F14.num14-j",{"title":2822,"path":2823,"stem":2824,"children":2825},"Object Orientation (OBJ)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F01.index",[2826,2827,2830,2834,2838,2841,2844,2848,2851,2854,2857,2860,2864,2868,2872],{"title":2822,"path":2823,"stem":2824},{"title":2828,"path":480,"stem":2829},"OBJ01-J. Limit accessibility of fields","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F02.obj01-j",{"title":2831,"path":2832,"stem":2833},"OBJ02-J. Preserve dependencies in subclasses when changing superclasses","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F03.obj02-j",{"title":2835,"path":2836,"stem":2837},"OBJ03-J. Prevent heap pollution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F04.obj03-j",{"title":2839,"path":496,"stem":2840},"OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F05.obj04-j",{"title":2842,"path":526,"stem":2843},"OBJ05-J. Do not return references to private mutable class members","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F06.obj05-j",{"title":2845,"path":2846,"stem":2847},"OBJ06-J. Defensively copy mutable inputs and mutable internal components","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F07.obj06-j",{"title":2849,"path":539,"stem":2850},"OBJ07-J. Sensitive classes must not let themselves be copied","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F08.obj07-j",{"title":2852,"path":574,"stem":2853},"OBJ08-J. Do not expose private members of an outer class from within a nested class","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F09.obj08-j",{"title":2855,"path":590,"stem":2856},"OBJ09-J. Compare classes and not class names","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F10.obj09-j",{"title":2858,"path":606,"stem":2859},"OBJ10-J. Do not use public static nonfinal fields","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F11.obj10-j",{"title":2861,"path":2862,"stem":2863},"OBJ11-J. Be wary of letting constructors throw exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F12.obj11-j",{"title":2865,"path":2866,"stem":2867},"OBJ12-J. Respect object-based annotations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F13.obj12-j",{"title":2869,"path":2870,"stem":2871},"OBJ13-J. Ensure that references to mutable objects are not exposed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F14.obj13-j",{"title":2873,"path":636,"stem":2874},"OBJ14-J. Do not use an object that has been freed.","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F15.obj14-j",{"title":2876,"path":2877,"stem":2878,"children":2879},"Platform Security (SEC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F01.index",[2880,2881,2884,2887,2890,2894,2898,2902,2905,2909,2913,2917],{"title":2876,"path":2877,"stem":2878},{"title":2882,"path":1785,"stem":2883},"SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F02.sec00-j",{"title":2885,"path":1815,"stem":2886},"SEC01-J. Do not allow tainted variables in privileged blocks","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F03.sec01-j",{"title":2888,"path":1850,"stem":2889},"SEC02-J. Do not base security checks on untrusted sources","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F04.sec02-j",{"title":2891,"path":2892,"stem":2893},"SEC03-J. Do not load trusted classes after allowing untrusted code to load arbitrary classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F05.sec03-j",{"title":2895,"path":2896,"stem":2897},"SEC04-J. Protect sensitive operations with security manager checks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F06.sec04-j",{"title":2899,"path":2900,"stem":2901},"SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F07.sec05-j",{"title":2903,"path":1880,"stem":2904},"SEC06-J. Do not rely on the default automatic signature verification provided by URLClassLoader and java.util.jar","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F08.sec06-j",{"title":2906,"path":2907,"stem":2908},"SEC07-J. Call the superclass's getPermissions() method when writing a custom class loader","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F09.sec07-j",{"title":2910,"path":2911,"stem":2912},"SEC08-J Trusted code must discard or clean any arguments provided by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F10.sec08-j",{"title":2914,"path":2915,"stem":2916},"SEC09-J Never leak the results of certain standard API methods from trusted code to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F11.sec09-j",{"title":2918,"path":2919,"stem":2920},"SEC10-J Never permit untrusted code to invoke any API that may (possibly transitively) invoke the reflection APIs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F12.sec10-j",{"title":2922,"path":2923,"stem":2924,"children":2925},"Runtime Environment (ENV)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F1.index",[2926,2927,2931,2934,2938,2948,2952,2956],{"title":2922,"path":2923,"stem":2924},{"title":2928,"path":2929,"stem":2930},"ENV00-J. Do not sign code that performs only unprivileged operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F2.env00-j",{"title":2932,"path":1935,"stem":2933},"ENV01-J. Place all security-sensitive code in a single JAR and sign and seal it","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F3.env01-j",{"title":2935,"path":2936,"stem":2937},"ENV02-J. Do not trust the values of environment variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F4.env02-j",{"title":2939,"path":2940,"stem":2941,"children":2942},"ENV03-J. Do not grant dangerous combinations of permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F1.index",[2943,2944],{"title":2939,"path":2940,"stem":2941},{"title":2945,"path":2946,"stem":2947},"DUMMY ENV03-J","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j\u002Fdummy-env03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F2.dummy-env03-j",{"title":2949,"path":2950,"stem":2951},"ENV04-J. Do not disable bytecode verification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F6.env04-j",{"title":2953,"path":2954,"stem":2955},"ENV05-J. Do not deploy an application that can be remotely monitored","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F7.env05-j",{"title":2957,"path":2958,"stem":2959},"ENV06-J. Production code must not contain debugging entry points","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F8.env06-j",{"title":2961,"path":2962,"stem":2963,"children":2964},"Serialization (SER)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F01.index",[2965,2966,2969,2972,2975,2978,2982,2985,2988,2991,2994,2998,3001,3005],{"title":2961,"path":2962,"stem":2963},{"title":2967,"path":1617,"stem":2968},"SER00-J. Enable serialization compatibility during class evolution","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F02.ser00-j",{"title":2970,"path":1630,"stem":2971},"SER01-J. Do not deviate from the proper signatures of serialization methods","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F03.ser01-j",{"title":2973,"path":1646,"stem":2974},"SER02-J. Sign then seal objects before sending them outside a trust boundary","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F04.ser02-j",{"title":2976,"path":1662,"stem":2977},"SER03-J. Do not serialize unencrypted sensitive data","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F05.ser03-j",{"title":2979,"path":2980,"stem":2981},"SER04-J. Do not allow serialization and deserialization to bypass the security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F06.ser04-j",{"title":2983,"path":1689,"stem":2984},"SER05-J. Do not serialize instances of inner classes","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F07.ser05-j",{"title":2986,"path":1702,"stem":2987},"SER06-J. Make defensive copies of private mutable components during deserialization","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F08.ser06-j",{"title":2989,"path":1715,"stem":2990},"SER07-J. Do not use the default serialized form for classes with implementation-defined invariants","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F09.ser07-j",{"title":2992,"path":1729,"stem":2993},"SER08-J. Minimize privileges before deserializing from a privileged context","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F10.ser08-j",{"title":2995,"path":2996,"stem":2997},"SER09-J. Do not invoke overridable methods from the readObject() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F11.ser09-j",{"title":2999,"path":1745,"stem":3000},"SER10-J. Avoid memory and resource leaks during serialization","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F12.ser10-j",{"title":3002,"path":3003,"stem":3004},"SER11-J. Prevent overwriting of externalizable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F13.ser11-j",{"title":3006,"path":1772,"stem":3007},"SER12-J. Prevent deserialization of untrusted data","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F14.ser12-j",{"title":3009,"path":3010,"stem":3011,"children":3012},"Thread APIs (THI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F1.index",[3013,3014,3017,3021,3025,3029,3033],{"title":3009,"path":3010,"stem":3011},{"title":3015,"path":1248,"stem":3016},"THI00-J. Do not invoke Thread.run()","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F2.thi00-j",{"title":3018,"path":3019,"stem":3020},"THI01-J. Do not invoke ThreadGroup methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F3.thi01-j",{"title":3022,"path":3023,"stem":3024},"THI02-J. Notify all waiting threads rather than a single thread","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F4.thi02-j",{"title":3026,"path":3027,"stem":3028},"THI03-J. Always invoke wait() and await() methods inside a loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F5.thi03-j",{"title":3030,"path":3031,"stem":3032},"THI04-J. Ensure that threads performing blocking operations can be terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F6.thi04-j",{"title":3034,"path":1271,"stem":3035},"THI05-J. Do not use Thread.stop() to terminate threads","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F7.thi05-j",{"title":3037,"path":3038,"stem":3039,"children":3040},"Thread Pools (TPS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F1.index",[3041,3042,3045,3049,3053,3056],{"title":3037,"path":3038,"stem":3039},{"title":3043,"path":1284,"stem":3044},"TPS00-J. Use thread pools to enable graceful degradation of service during traffic bursts","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F2.tps00-j",{"title":3046,"path":3047,"stem":3048},"TPS01-J. Do not execute interdependent tasks in a bounded thread pool","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F3.tps01-j",{"title":3050,"path":3051,"stem":3052},"TPS02-J. Ensure that tasks submitted to a thread pool are interruptible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F4.tps02-j",{"title":3054,"path":1314,"stem":3055},"TPS03-J. Ensure that tasks executing in a thread pool do not fail silently","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F5.tps03-j",{"title":3057,"path":3058,"stem":3059},"TPS04-J. Ensure ThreadLocal variables are reinitialized when using thread pools","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F6.tps04-j",{"title":3061,"path":3062,"stem":3063,"children":3064},"Thread-Safety Miscellaneous (TSM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F1.index",[3065,3066,3070,3074,3078],{"title":3061,"path":3062,"stem":3063},{"title":3067,"path":3068,"stem":3069},"TSM00-J. Do not override thread-safe methods with methods that are not thread-safe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F2.tsm00-j",{"title":3071,"path":3072,"stem":3073},"TSM01-J. Do not let the this reference escape during object construction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F3.tsm01-j",{"title":3075,"path":3076,"stem":3077},"TSM02-J. Do not use background threads during class initialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F4.tsm02-j",{"title":3079,"path":3080,"stem":3081},"TSM03-J. Do not publish partially initialized objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F5.tsm03-j",{"title":3083,"path":3084,"stem":3085,"children":3086},"Visibility and Atomicity (VNA)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F1.index",[3087,3088,3091,3095,3099,3102,3106],{"title":3083,"path":3084,"stem":3085},{"title":3089,"path":1053,"stem":3090},"VNA00-J. Ensure visibility when accessing shared primitive variables","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F2.vna00-j",{"title":3092,"path":3093,"stem":3094},"VNA01-J. Ensure visibility of shared references to immutable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F3.vna01-j",{"title":3096,"path":3097,"stem":3098},"VNA02-J. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F4.vna02-j",{"title":3100,"path":1097,"stem":3101},"VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F5.vna03-j",{"title":3103,"path":3104,"stem":3105},"VNA04-J. Ensure that calls to chained methods are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F6.vna04-j",{"title":3107,"path":1141,"stem":3108},"VNA05-J. Ensure atomicity when reading and writing 64-bit values","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F7.vna05-j",{"title":3110,"path":3111,"stem":3112,"children":3113},"Recommendations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F01.index",[3114,3115,3127,3145,3198,3223,3252,3273,3305,3338,3399,3424,3465],{"title":3110,"path":3111,"stem":3112},{"title":2369,"path":3116,"stem":3117,"children":3118},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F1.index",[3119,3120,3124],{"title":2369,"path":3116,"stem":3117},{"title":3121,"path":3122,"stem":3123},"STR50-J. Use the appropriate method for counting characters in a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F2.str50-j",{"title":3125,"path":2185,"stem":3126},"STR51-J. Use the charset encoder and decoder classes when more control over the encoding process is required","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F3.str51-j",{"title":3128,"path":3129,"stem":3130,"children":3131},"Concurrency (CON)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F1.index",[3132,3133,3137,3141],{"title":3128,"path":3129,"stem":3130},{"title":3134,"path":3135,"stem":3136},"CON50-J. Do not assume that declaring a reference volatile guarantees safe publication of the members of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F2.con50-j",{"title":3138,"path":3139,"stem":3140},"CON51-J. Do not assume that the sleep(), yield(), or getState() methods provide synchronization semantics","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F3.con51-j",{"title":3142,"path":3143,"stem":3144},"CON52-J. Document thread-safety and use annotations where applicable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F4.con52-j",{"title":2394,"path":3146,"stem":3147,"children":3148},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F01.index",[3149,3150,3154,3158,3162,3166,3170,3174,3178,3182,3186,3190,3194],{"title":2394,"path":3146,"stem":3147},{"title":3151,"path":3152,"stem":3153},"DCL50-J. Use visually distinct identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F02.dcl50-j",{"title":3155,"path":3156,"stem":3157},"DCL51-J. Do not shadow or obscure identifiers in subscopes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F03.dcl51-j",{"title":3159,"path":3160,"stem":3161},"DCL52-J. Do not declare more than one variable per declaration","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F04.dcl52-j",{"title":3163,"path":3164,"stem":3165},"DCL53-J. Minimize the scope of variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F05.dcl53-j",{"title":3167,"path":3168,"stem":3169},"DCL54-J. Use meaningful symbolic constants to represent literal values in program logic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F06.dcl54-j",{"title":3171,"path":3172,"stem":3173},"DCL55-J. Properly encode relationships in constant definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F07.dcl55-j",{"title":3175,"path":3176,"stem":3177},"DCL56-J. Do not attach significance to the ordinal associated with an enum","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F08.dcl56-j",{"title":3179,"path":3180,"stem":3181},"DCL57-J. Avoid ambiguous overloading of variable arity methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F09.dcl57-j",{"title":3183,"path":3184,"stem":3185},"DCL58-J. Enable compile-time type checking of variable arity parameter types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F10.dcl58-j",{"title":3187,"path":3188,"stem":3189},"DCL59-J. Do not apply public final to constants whose value might change in later releases","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F11.dcl59-j",{"title":3191,"path":3192,"stem":3193},"DCL60-J. Avoid cyclic dependencies between packages","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F12.dcl60-j",{"title":3195,"path":3196,"stem":3197},"DCL61-J. Do not use raw types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F13.dcl61-j",{"title":2411,"path":3199,"stem":3200,"children":3201},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F1.index",[3202,3203,3207,3211,3215,3219],{"title":2411,"path":3199,"stem":3200},{"title":3204,"path":3205,"stem":3206},"ERR50-J. Use exceptions only for exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F2.err50-j",{"title":3208,"path":3209,"stem":3210},"ERR51-J. Prefer user-defined exceptions over more general exception types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F3.err51-j",{"title":3212,"path":3213,"stem":3214},"ERR52-J. Avoid in-band error indicators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F4.err52-j",{"title":3216,"path":3217,"stem":3218},"ERR53-J. Try to gracefully recover from system errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F5.err53-j",{"title":3220,"path":3221,"stem":3222},"ERR54-J. Use a try-with-resources statement to safely handle closeable resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F6.err54-j",{"title":2449,"path":3224,"stem":3225,"children":3226},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F1.index",[3227,3228,3232,3236,3240,3244,3248],{"title":2449,"path":3224,"stem":3225},{"title":3229,"path":3230,"stem":3231},"EXP50-J. Do not confuse abstract object equality with reference equality","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F2.exp50-j",{"title":3233,"path":3234,"stem":3235},"EXP51-J. Do not perform assignments in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F3.exp51-j",{"title":3237,"path":3238,"stem":3239},"EXP52-J. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F4.exp52-j",{"title":3241,"path":3242,"stem":3243},"EXP53-J. Use parentheses for precedence of operation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F5.exp53-j",{"title":3245,"path":3246,"stem":3247},"EXP54-J. Understand the differences between bitwise and logical operators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F6.exp54-j",{"title":3249,"path":3250,"stem":3251},"EXP55-J. Use the same type for the second and third operands in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F7.exp55-j",{"title":2483,"path":3253,"stem":3254,"children":3255},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F1.index",[3256,3257,3261,3265,3269],{"title":2483,"path":3253,"stem":3254},{"title":3258,"path":3259,"stem":3260},"FIO50-J. Do not make assumptions about file creation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F2.fio50-j",{"title":3262,"path":3263,"stem":3264},"FIO51-J. Identify files using multiple file attributes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F3.fio51-j",{"title":3266,"path":3267,"stem":3268},"FIO52-J. Do not store unencrypted sensitive information on the client side","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F4.fio52-j",{"title":3270,"path":3271,"stem":3272},"FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F5.fio53-j",{"title":2547,"path":3274,"stem":3275,"children":3276},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F1.index",[3277,3278,3281,3285,3289,3293,3297,3301],{"title":2547,"path":3274,"stem":3275},{"title":3279,"path":2158,"stem":3280},"IDS50-J. Use conservative file naming conventions","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F2.ids50-j",{"title":3282,"path":3283,"stem":3284},"IDS51-J. Properly encode or escape output","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F3.ids51-j",{"title":3286,"path":3287,"stem":3288},"IDS52-J. Prevent code injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F4.ids52-j",{"title":3290,"path":3291,"stem":3292},"IDS53-J. Prevent XPath Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F5.ids53-j",{"title":3294,"path":3295,"stem":3296},"IDS54-J. Prevent LDAP injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F6.ids54-j",{"title":3298,"path":3299,"stem":3300},"IDS55-J. Understand how escape characters are interpreted when strings are loaded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F7.ids55-j",{"title":3302,"path":3303,"stem":3304},"IDS56-J. Prevent arbitrary file upload","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F8.ids56-j",{"title":2664,"path":3306,"stem":3307,"children":3308},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F1.index",[3309,3310,3314,3318,3322,3326,3330,3334],{"title":2664,"path":3306,"stem":3307},{"title":3311,"path":3312,"stem":3313},"MET50-J. Avoid ambiguous or confusing uses of overloading","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F2.met50-j",{"title":3315,"path":3316,"stem":3317},"MET51-J. Do not use overloaded methods to differentiate between runtime types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F3.met51-j",{"title":3319,"path":3320,"stem":3321},"MET52-J. Do not use the clone() method to copy untrusted method parameters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F4.met52-j",{"title":3323,"path":3324,"stem":3325},"MET53-J. Ensure that the clone() method calls super.clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F5.met53-j",{"title":3327,"path":3328,"stem":3329},"MET54-J. Always provide feedback about the resulting value of a method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F6.met54-j",{"title":3331,"path":3332,"stem":3333},"MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F7.met55-j",{"title":3335,"path":3336,"stem":3337},"MET56-J. Do not use Object.equals() to compare cryptographic keys","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F8.met56-j",{"title":2719,"path":3339,"stem":3340,"children":3341},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F01.index",[3342,3343,3347,3351,3355,3359,3363,3367,3371,3375,3379,3383,3387,3391,3395],{"title":2719,"path":3339,"stem":3340},{"title":3344,"path":3345,"stem":3346},"MSC50-J. Minimize the scope of the @SuppressWarnings annotation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F02.msc50-j",{"title":3348,"path":3349,"stem":3350},"MSC51-J. Do not place a semicolon immediately following an if, for, or while condition","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F03.msc51-j",{"title":3352,"path":3353,"stem":3354},"MSC52-J. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F04.msc52-j",{"title":3356,"path":3357,"stem":3358},"MSC53-J. Carefully design interfaces before releasing them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F05.msc53-j",{"title":3360,"path":3361,"stem":3362},"MSC54-J. Avoid inadvertent wrapping of loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F06.msc54-j",{"title":3364,"path":3365,"stem":3366},"MSC55-J. Use comments consistently and in a readable fashion","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F07.msc55-j",{"title":3368,"path":3369,"stem":3370},"MSC56-J. Detect and remove superfluous code and values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F08.msc56-j",{"title":3372,"path":3373,"stem":3374},"MSC57-J. Strive for logical completeness","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F09.msc57-j",{"title":3376,"path":3377,"stem":3378},"MSC58-J. Prefer using iterators over enumerations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F10.msc58-j",{"title":3380,"path":3381,"stem":3382},"MSC59-J. Limit the lifetime of sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F11.msc59-j",{"title":3384,"path":3385,"stem":3386},"MSC60-J. Do not use assertions to verify the absence of runtime errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F12.msc60-j",{"title":3388,"path":3389,"stem":3390},"MSC61-J. Do not use insecure or weak cryptographic algorithms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F13.msc61-j",{"title":3392,"path":3393,"stem":3394},"MSC62-J. Store passwords using a hash function","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc62-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F14.msc62-j",{"title":3396,"path":3397,"stem":3398},"MSC63-J. Ensure that SecureRandom is properly seeded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc63-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F15.msc63-j",{"title":2767,"path":3400,"stem":3401,"children":3402},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F1.index",[3403,3404,3408,3412,3416,3420],{"title":2767,"path":3400,"stem":3401},{"title":3405,"path":3406,"stem":3407},"NUM50-J. Convert integers to floating point for floating-point operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F2.num50-j",{"title":3409,"path":3410,"stem":3411},"NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F3.num51-j",{"title":3413,"path":3414,"stem":3415},"NUM52-J. Be aware of numeric promotion behavior","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F4.num52-j",{"title":3417,"path":3418,"stem":3419},"NUM53-J. Use the strictfp modifier for floating-point calculation consistency across platforms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F5.num53-j",{"title":3421,"path":3422,"stem":3423},"NUM54-J. Do not use denormalized numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F6.num54-j",{"title":2822,"path":3425,"stem":3426,"children":3427},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F01.index",[3428,3429,3433,3437,3441,3445,3449,3453,3457,3461],{"title":2822,"path":3425,"stem":3426},{"title":3430,"path":3431,"stem":3432},"OBJ50-J. Never confuse the immutability of a reference with that of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F02.obj50-j",{"title":3434,"path":3435,"stem":3436},"OBJ51-J. Minimize the accessibility of classes and their members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F03.obj51-j",{"title":3438,"path":3439,"stem":3440},"OBJ52-J. Write garbage-collection-friendly code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F04.obj52-j",{"title":3442,"path":3443,"stem":3444},"OBJ53-J. Do not use direct buffers for short-lived, infrequently used objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F05.obj53-j",{"title":3446,"path":3447,"stem":3448},"OBJ54-J. Do not attempt to help the garbage collector by setting local reference variables to null","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F06.obj54-j",{"title":3450,"path":3451,"stem":3452},"OBJ55-J. Remove short-lived objects from long-lived container objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F07.obj55-j",{"title":3454,"path":3455,"stem":3456},"OBJ56-J. Provide sensitive mutable classes with unmodifiable wrappers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F08.obj56-j",{"title":3458,"path":3459,"stem":3460},"OBJ57-J. Do not rely on methods that can be overridden by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F09.obj57-j",{"title":3462,"path":3463,"stem":3464},"OBJ58-J. Limit the extensibility of classes and methods with invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F10.obj58-j",{"title":2876,"path":3466,"stem":3467,"children":3468},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F01.index",[3469,3470,3474,3478,3482,3486,3490,3494,3498,3502],{"title":2876,"path":3466,"stem":3467},{"title":3471,"path":3472,"stem":3473},"SEC50-J. Avoid granting excess privileges","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F02.sec50-j",{"title":3475,"path":3476,"stem":3477},"SEC51-J. Minimize privileged code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F03.sec51-j",{"title":3479,"path":3480,"stem":3481},"SEC52-J. Do not expose methods that use reduced-security checks to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F04.sec52-j",{"title":3483,"path":3484,"stem":3485},"SEC53-J. Define custom security permissions for fine-grained security","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F05.sec53-j",{"title":3487,"path":3488,"stem":3489},"SEC54-J. Create a secure sandbox using a security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F06.sec54-j",{"title":3491,"path":3492,"stem":3493},"SEC55-J. Ensure that security-sensitive methods are called with validated arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F07.sec55-j",{"title":3495,"path":3496,"stem":3497},"SEC56-J. Do not serialize direct handles to system resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F08.sec56-j",{"title":3499,"path":3500,"stem":3501},"SEC57-J. Do not let untrusted code misuse privileges of callback methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F09.sec57-j",{"title":3503,"path":2172,"stem":3504},"SEC58-J. Deserialization methods should not perform potentially dangerous operations","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F10.sec58-j",{"title":3506,"path":3507,"stem":3508,"children":3509},"Back Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F1.index",[3510,3511,3515,3519,3523,3527,3653,3670],{"title":3506,"path":3507,"stem":3508},{"title":3512,"path":3513,"stem":3514},"Rec. AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F2.rec-aa-references",{"title":3516,"path":3517,"stem":3518},"Rec. BB. Definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-bb-definitions","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F3.rec-bb-definitions",{"title":3520,"path":3521,"stem":3522},"Rule AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F4.rule-aa-references",{"title":3524,"path":3525,"stem":3526},"Rule BB. Glossary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-bb-glossary","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F5.rule-bb-glossary",{"title":3528,"path":3529,"stem":3530,"children":3531},"Rule or Rec. CC. Analyzers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F01.index",[3532,3533,3537,3541,3545,3549,3553,3557,3561,3565,3569,3573,3577,3581,3585,3589,3593,3597,3601,3605,3609,3613,3617,3621,3625,3629,3633,3637,3641,3645,3649],{"title":3528,"path":3529,"stem":3530},{"title":3534,"path":3535,"stem":3536},"CodeSonar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F02.codesonar",{"title":3538,"path":3539,"stem":3540},"CodeSonar_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F03.codesonar_v",{"title":3542,"path":3543,"stem":3544},"Coverity","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F04.coverity",{"title":3546,"path":3547,"stem":3548},"Coverity_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F05.coverity_v",{"title":3550,"path":3551,"stem":3552},"Eclipse","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F06.eclipse",{"title":3554,"path":3555,"stem":3556},"Eclipse_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F07.eclipse_v",{"title":3558,"path":3559,"stem":3560},"Error Prone","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F08.error-prone",{"title":3562,"path":3563,"stem":3564},"Error Prone_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F09.error-prone_v",{"title":3566,"path":3567,"stem":3568},"Findbugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F10.findbugs",{"title":3570,"path":3571,"stem":3572},"Findbugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F11.findbugs_v",{"title":3574,"path":3575,"stem":3576},"Fortify","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F12.fortify",{"title":3578,"path":3579,"stem":3580},"Fortify_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F13.fortify_v",{"title":3582,"path":3583,"stem":3584},"Klocwork","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F14.klocwork",{"title":3586,"path":3587,"stem":3588},"Klocwork_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F15.klocwork_v",{"title":3590,"path":3591,"stem":3592},"Parasoft","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F16.parasoft",{"title":3594,"path":3595,"stem":3596},"Parasoft_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F17.parasoft_v",{"title":3598,"path":3599,"stem":3600},"Pmd","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F18.pmd",{"title":3602,"path":3603,"stem":3604},"Pmd_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F19.pmd_v",{"title":3606,"path":3607,"stem":3608},"PVS-Studio","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F20.pvs-studio",{"title":3610,"path":3611,"stem":3612},"PVS-Studio_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F21.pvs-studio_v",{"title":3614,"path":3615,"stem":3616},"Security Reviewer - Static Reviewer","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F22.security-reviewer-static-reviewer",{"title":3618,"path":3619,"stem":3620},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F23.security-reviewer-static-reviewer_v",{"title":3622,"path":3623,"stem":3624},"SonarQube","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F24.sonarqube",{"title":3626,"path":3627,"stem":3628},"SonarQube_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F25.sonarqube_v",{"title":3630,"path":3631,"stem":3632},"SpotBugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F26.spotbugs",{"title":3634,"path":3635,"stem":3636},"SpotBugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F27.spotbugs_v",{"title":3638,"path":3639,"stem":3640},"The Checker Framework","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F28.the-checker-framework",{"title":3642,"path":3643,"stem":3644},"The Checker Framework_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F29.the-checker-framework_v",{"title":3646,"path":3647,"stem":3648},"ThreadSafe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F30.threadsafe",{"title":3650,"path":3651,"stem":3652},"ThreadSafe_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F31.threadsafe_v",{"title":3654,"path":3655,"stem":3656,"children":3657},"Rule or Rec. DD. Related Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F1.index",[3658,3659,3663,3667,3668,3669],{"title":3654,"path":3655,"stem":3656},{"title":3660,"path":3661,"stem":3662},"2010","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F2.2010","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F2.2010",{"title":3664,"path":3665,"stem":3666},"2013","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F3.2013","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F3.2013",{"title":2204,"path":2205,"stem":2206},{"title":30,"path":2198,"stem":2200},{"title":2208,"path":2209,"stem":2210},{"title":3671,"path":3672,"stem":3673},"Rule or Rec. EE. Risk Assessments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-ee-risk-assessments","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F8.rule-or-rec-ee-risk-assessments",{"title":3675,"path":3676,"stem":3677,"children":3678},"Admin","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F1.index",[3679,3680,3684,3688,3692,3696],{"title":3675,"path":3676,"stem":3677},{"title":3681,"path":3682,"stem":3683},"All Guidelines with Classification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fall-guidelines-with-classification","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F2.all-guidelines-with-classification",{"title":3685,"path":3686,"stem":3687},"Normative Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fnormative-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F3.normative-guidelines",{"title":3689,"path":3690,"stem":3691},"Tech-edit","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftech-edit","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F4.tech-edit",{"title":3693,"path":3694,"stem":3695},"TODO List","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftodo-list","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F5.todo-list",{"title":3693,"path":3694,"stem":3697},"6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F6.todo-list",1775657792707]