Recommendations

Sections

Rec. 00. Input Validation and Data Sanitization (IDS)
Rec. 01. Declarations and Initialization (DCL)
Rec. 02. Expressions (EXP)
Rec. 03. Numeric Types and Operations (NUM)
Rec. 04. Characters and Strings (STR)
Rec. 05. Object Orientation (OBJ)
Rec. 06. Methods (MET)
Rec. 07. Exceptional Behavior (ERR)
Rec. 13. Input Output (FIO)
Rec. 15. Platform Security (SEC)
Rec. 18. Concurrency (CON)
Rec. 49. Miscellaneous (MSC)

Recommendation Listing

CON50-J. Do not assume that declaring a reference volatile guarantees safe publication of the members of the referenced object
CON51-J. Do not assume that the sleep(), yield(), or getState() methods provide synchronization semantics
CON52-J. Document thread-safety and use annotations where applicable
DCL50-J. Use visually distinct identifiers
DCL51-J. Do not shadow or obscure identifiers in subscopes
DCL52-J. Do not declare more than one variable per declaration
DCL53-J. Minimize the scope of variables
DCL54-J. Use meaningful symbolic constants to represent literal values in program logic
DCL55-J. Properly encode relationships in constant definitions
DCL56-J. Do not attach significance to the ordinal associated with an enum
DCL57-J. Avoid ambiguous overloading of variable arity methods
DCL58-J. Enable compile-time type checking of variable arity parameter types
DCL59-J. Do not apply public final to constants whose value might change in later releases
DCL60-J. Avoid cyclic dependencies between packages
DCL61-J. Do not use raw types
ERR50-J. Use exceptions only for exceptional conditions
ERR51-J. Prefer user-defined exceptions over more general exception types
ERR52-J. Avoid in-band error indicators
ERR53-J. Try to gracefully recover from system errors
ERR54-J. Use a try-with-resources statement to safely handle closeable resources
EXP50-J. Do not confuse abstract object equality with reference equality
EXP51-J. Do not perform assignments in conditional expressions
EXP52-J. Use braces for the body of an if, for, or while statement
EXP53-J. Use parentheses for precedence of operation
EXP54-J. Understand the differences between bitwise and logical operators
EXP55-J. Use the same type for the second and third operands in conditional expressions
FIO50-J. Do not make assumptions about file creation
FIO51-J. Identify files using multiple file attributes
FIO52-J. Do not store unencrypted sensitive information on the client side
FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care
IDS50-J. Use conservative file naming conventions
IDS51-J. Properly encode or escape output
IDS52-J. Prevent code injection
IDS53-J. Prevent XPath Injection
IDS54-J. Prevent LDAP injection
IDS55-J. Understand how escape characters are interpreted when strings are loaded
IDS56-J. Prevent arbitrary file upload
MET50-J. Avoid ambiguous or confusing uses of overloading
MET51-J. Do not use overloaded methods to differentiate between runtime types
MET52-J. Do not use the clone() method to copy untrusted method parameters
MET53-J. Ensure that the clone() method calls super.clone()
MET54-J. Always provide feedback about the resulting value of a method
MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection
MET56-J. Do not use Object.equals() to compare cryptographic keys
MSC50-J. Minimize the scope of the @SuppressWarnings annotation
MSC51-J. Do not place a semicolon immediately following an if, for, or while condition
MSC52-J. Finish every set of statements associated with a case label with a break statement
MSC53-J. Carefully design interfaces before releasing them
MSC54-J. Avoid inadvertent wrapping of loop counters
MSC55-J. Use comments consistently and in a readable fashion
MSC56-J. Detect and remove superfluous code and values
MSC57-J. Strive for logical completeness
MSC58-J. Prefer using iterators over enumerations
MSC59-J. Limit the lifetime of sensitive data
MSC60-J. Do not use assertions to verify the absence of runtime errors
MSC61-J. Do not use insecure or weak cryptographic algorithms
MSC62-J. Store passwords using a hash function
MSC63-J. Ensure that SecureRandom is properly seeded
NUM50-J. Convert integers to floating point for floating-point operations
NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands
NUM52-J. Be aware of numeric promotion behavior
NUM53-J. Use the strictfp modifier for floating-point calculation consistency across platforms
NUM54-J. Do not use denormalized numbers
OBJ50-J. Never confuse the immutability of a reference with that of the referenced object
OBJ51-J. Minimize the accessibility of classes and their members
OBJ52-J. Write garbage-collection-friendly code
OBJ53-J. Do not use direct buffers for short-lived, infrequently used objects
OBJ54-J. Do not attempt to help the garbage collector by setting local reference variables to null
OBJ55-J. Remove short-lived objects from long-lived container objects
OBJ56-J. Provide sensitive mutable classes with unmodifiable wrappers
OBJ57-J. Do not rely on methods that can be overridden by untrusted code
OBJ58-J. Limit the extensibility of classes and methods with invariants
Rec. AA. References
Rec. BB. Definitions
Rule or Rec. CC. Analyzers
Rule or Rec. DD. Related Guidelines
Rule or Rec. EE. Risk Assessments
SEC50-J. Avoid granting excess privileges
SEC51-J. Minimize privileged code
SEC52-J. Do not expose methods that use reduced-security checks to untrusted code
SEC53-J. Define custom security permissions for fine-grained security
SEC54-J. Create a secure sandbox using a security manager
SEC55-J. Ensure that security-sensitive methods are called with validated arguments
SEC56-J. Do not serialize direct handles to system resources
SEC57-J. Do not let untrusted code misuse privileges of callback methods
SEC58-J. Deserialization methods should not perform potentially dangerous operations
STR50-J. Use the appropriate method for counting characters in a string
STR51-J. Use the charset encoder and decoder classes when more control over the encoding process is required