[{"data":1,"prerenderedAt":3904},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc62-j":28,"surround-\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc62-j":2328,"sidebar-sei-cert-oracle-coding-standard-for-java":2335},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":41,"extension":2309,"meta":2310,"navigation":7,"path":2324,"seo":2325,"stem":2326,"__hash__":2327},"content\u002F6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F14.msc62-j.md","MSC62-J. Store passwords using a hash function",{"type":32,"value":33,"toc":2300},"minimark",[34,38,42,50,55,66,73,76,84,88,95,636,639,642,665,1084,1094,1108,1112,1115,1976,1979,1985,1995,2002,2008,2011,2015,2018,2021,2025,2149,2153,2272,2275,2296],[35,36,30],"h1",{"id":37},"msc62-j-store-passwords-using-a-hash-function",[39,40,41],"p",{},"Programs that store passwords as cleartext (unencrypted text data) risk exposure of those passwords in a variety of ways. Although programs generally receive passwords from users as cleartext, they should ensure that the passwords are not stored as cleartext.",[39,43,44,45,49],{},"An acceptable technique for limiting the exposure of passwords is the use of ",[46,47,48],"em",{},"hash functions"," , which allow programs to indirectly compare an input password to the original password string without storing a cleartext or decryptable version of the password. This approach minimizes the exposure of the password without presenting any practical disadvantages.",[51,52,54],"h2",{"id":53},"cryptographic-hash-functions","Cryptographic Hash Functions",[39,56,57,58,61,62,65],{},"The value produced by a hash function is the ",[46,59,60],{},"hash value"," or ",[46,63,64],{},"message digest"," . Hash functions are computationally feasible functions whose inverses are computationally infeasible. In practice, a password can be encoded to a hash value, but decoding remains infeasible. The equality of passwords can be tested through the equality of their hash values.",[39,67,68,69,72],{},"A good practice is to always use a ",[46,70,71],{},"salt"," in addition to the password being hashed. A salt is a unique randomly generated piece of data that is stored and used to generate the hash value along with the password. Each password should have its own salt associated with it. If a single salt were used for more than one password an attacker could determine when a user has a commonly used password. Password specific salts are usually stored along with their corresponding hash values. In addition to password-unique salts, system-unique salts that are stored separately from the hash values may also be used to increase the difficulty of deriving passwords if a malicious actor obtains a copy of the hash values and salts.",[39,74,75],{},"The choice of hash function and salt length presents a trade-off between security and performance. Increasing the effort required for effective brute-force attacks by choosing a stronger hash function can also increase the time required to validate a password.  As time passes best practices around password management evolve to keep password derivation computationally infeasible.  The documents NIST 800-63 and OWASP ASVS are good places to consult for the current best practices around cryptographic hashing.",[39,77,78,79,83],{},"Java's ",[80,81,82],"code",{},"javax.crypto"," package provides implementations of various cryptographic hash functions. Avoid functions that have known weaknesses, such as the Message-Digest Algorithm (MD5).",[51,85,87],{"id":86},"noncompliant-code-example","Noncompliant Code Example",[39,89,90,91,94],{},"This noncompliant code example encrypts and decrypts the password stored in ",[80,92,93],{},"password.bin"," using a symmetric key algorithm:",[96,97,99],"code-block",{"quality":98},"bad",[100,101,106],"pre",{"className":102,"code":103,"language":104,"meta":105,"style":105},"language-java shiki shiki-themes github-light github-dark monokai","public final class Password {\n private void setPassword(byte[] pass) throws Exception {\n \u002F\u002F Arbitrary encryption scheme\n byte[] encrypted = encrypt(pass);\n clearArray(pass); \n \u002F\u002F Encrypted password to password.bin\n saveBytes(encrypted,\"password.bin\");\n clearArray(encrypted); \n }\n\n boolean checkPassword(byte[] pass) throws Exception {\n \u002F\u002F Load the encrypted password\n byte[] encrypted = loadBytes(\"password.bin\"); \n byte[] decrypted = decrypt(encrypted);\n clearArray(encrypted);\n boolean arraysEqual = Arrays.equal(decrypted, pass);\n clearArray(decrypted);\n clearArray(pass);\n return arraysEqual;\n }\n\n private void clearArray(byte[] a) {\n for (int i = 0; i \u003C a.length; i++) {\n a[i] = 0;\n }\n }\n\n private byte[] encrypt(byte[] clearValue) {\n \u002F\u002F ... symmetric encryption of clearValue bytes, returning the encrypted value\n }\n\n private byte[] decrypt(byte[] encryptedValue) {\n \u002F\u002F ... symmetric decryption of encryptedValue bytes, returning clear value\n }\n\n private void saveBytes(byte[] bytes, String filename) throws IOException {\n \u002F\u002F ... write bytes to the file\n }\n \n private byte[] loadBytes(String filename) throws IOException { \n \u002F\u002F ... read bytes to the file \n }\n}\n","java","",[80,107,108,131,170,177,195,204,210,226,234,240,246,271,277,296,312,319,339,347,354,363,368,373,395,430,443,449,454,459,483,489,494,499,522,528,533,538,575,581,586,592,619,625,630],{"__ignoreMap":105},[109,110,113,117,120,123,127],"span",{"class":111,"line":112},"line",1,[109,114,116],{"class":115},"sC2Qs","public",[109,118,119],{"class":115}," final",[109,121,122],{"class":115}," class",[109,124,126],{"class":125},"sz2Vg"," Password",[109,128,130],{"class":129},"sMOD_"," {\n",[109,132,134,137,141,145,148,151,154,158,161,164,168],{"class":111,"line":133},2,[109,135,136],{"class":115}," private",[109,138,140],{"class":139},"sq6CD"," void",[109,142,144],{"class":143},"srTi1"," setPassword",[109,146,147],{"class":129},"(",[109,149,150],{"class":139},"byte",[109,152,153],{"class":129},"[] ",[109,155,157],{"class":156},"sTHNf","pass",[109,159,160],{"class":129},") ",[109,162,163],{"class":115},"throws",[109,165,167],{"class":166},"sk8M1"," Exception",[109,169,130],{"class":129},[109,171,173],{"class":111,"line":172},3,[109,174,176],{"class":175},"s8-w5"," \u002F\u002F Arbitrary encryption scheme\n",[109,178,180,183,186,189,192],{"class":111,"line":179},4,[109,181,182],{"class":139}," byte",[109,184,185],{"class":129},"[] encrypted ",[109,187,188],{"class":115},"=",[109,190,191],{"class":143}," encrypt",[109,193,194],{"class":129},"(pass);\n",[109,196,198,201],{"class":111,"line":197},5,[109,199,200],{"class":143}," clearArray",[109,202,203],{"class":129},"(pass); \n",[109,205,207],{"class":111,"line":206},6,[109,208,209],{"class":175}," \u002F\u002F Encrypted password to password.bin\n",[109,211,213,216,219,223],{"class":111,"line":212},7,[109,214,215],{"class":143}," saveBytes",[109,217,218],{"class":129},"(encrypted,",[109,220,222],{"class":221},"sstjo","\"password.bin\"",[109,224,225],{"class":129},");\n",[109,227,229,231],{"class":111,"line":228},8,[109,230,200],{"class":143},[109,232,233],{"class":129},"(encrypted); \n",[109,235,237],{"class":111,"line":236},9,[109,238,239],{"class":129}," }\n",[109,241,243],{"class":111,"line":242},10,[109,244,245],{"emptyLinePlaceholder":7},"\n",[109,247,249,252,255,257,259,261,263,265,267,269],{"class":111,"line":248},11,[109,250,251],{"class":139}," boolean",[109,253,254],{"class":143}," checkPassword",[109,256,147],{"class":129},[109,258,150],{"class":139},[109,260,153],{"class":129},[109,262,157],{"class":156},[109,264,160],{"class":129},[109,266,163],{"class":115},[109,268,167],{"class":166},[109,270,130],{"class":129},[109,272,274],{"class":111,"line":273},12,[109,275,276],{"class":175}," \u002F\u002F Load the encrypted password\n",[109,278,280,282,284,286,289,291,293],{"class":111,"line":279},13,[109,281,182],{"class":139},[109,283,185],{"class":129},[109,285,188],{"class":115},[109,287,288],{"class":143}," loadBytes",[109,290,147],{"class":129},[109,292,222],{"class":221},[109,294,295],{"class":129},"); \n",[109,297,299,301,304,306,309],{"class":111,"line":298},14,[109,300,182],{"class":139},[109,302,303],{"class":129},"[] decrypted ",[109,305,188],{"class":115},[109,307,308],{"class":143}," decrypt",[109,310,311],{"class":129},"(encrypted);\n",[109,313,315,317],{"class":111,"line":314},15,[109,316,200],{"class":143},[109,318,311],{"class":129},[109,320,322,325,328,330,333,336],{"class":111,"line":321},16,[109,323,324],{"class":139}," boolean",[109,326,327],{"class":129}," arraysEqual ",[109,329,188],{"class":115},[109,331,332],{"class":129}," Arrays.",[109,334,335],{"class":143},"equal",[109,337,338],{"class":129},"(decrypted, pass);\n",[109,340,342,344],{"class":111,"line":341},17,[109,343,200],{"class":143},[109,345,346],{"class":129},"(decrypted);\n",[109,348,350,352],{"class":111,"line":349},18,[109,351,200],{"class":143},[109,353,194],{"class":129},[109,355,357,360],{"class":111,"line":356},19,[109,358,359],{"class":115}," return",[109,361,362],{"class":129}," arraysEqual;\n",[109,364,366],{"class":111,"line":365},20,[109,367,239],{"class":129},[109,369,371],{"class":111,"line":370},21,[109,372,245],{"emptyLinePlaceholder":7},[109,374,376,378,380,383,385,387,389,392],{"class":111,"line":375},22,[109,377,136],{"class":115},[109,379,140],{"class":139},[109,381,382],{"class":143}," clearArray",[109,384,147],{"class":129},[109,386,150],{"class":139},[109,388,153],{"class":129},[109,390,391],{"class":156},"a",[109,393,394],{"class":129},") {\n",[109,396,398,401,404,407,410,412,416,419,422,425,428],{"class":111,"line":397},23,[109,399,400],{"class":115}," for",[109,402,403],{"class":129}," (",[109,405,406],{"class":139},"int",[109,408,409],{"class":129}," i ",[109,411,188],{"class":115},[109,413,415],{"class":414},"s7F3e"," 0",[109,417,418],{"class":129},"; i ",[109,420,421],{"class":115},"\u003C",[109,423,424],{"class":129}," a.length; i",[109,426,427],{"class":115},"++",[109,429,394],{"class":129},[109,431,433,436,438,440],{"class":111,"line":432},24,[109,434,435],{"class":129}," a[i] ",[109,437,188],{"class":115},[109,439,415],{"class":414},[109,441,442],{"class":129},";\n",[109,444,446],{"class":111,"line":445},25,[109,447,448],{"class":129}," }\n",[109,450,452],{"class":111,"line":451},26,[109,453,239],{"class":129},[109,455,457],{"class":111,"line":456},27,[109,458,245],{"emptyLinePlaceholder":7},[109,460,462,464,467,469,472,474,476,478,481],{"class":111,"line":461},28,[109,463,136],{"class":115},[109,465,466],{"class":139}," byte",[109,468,153],{"class":129},[109,470,471],{"class":143},"encrypt",[109,473,147],{"class":129},[109,475,150],{"class":139},[109,477,153],{"class":129},[109,479,480],{"class":156},"clearValue",[109,482,394],{"class":129},[109,484,486],{"class":111,"line":485},29,[109,487,488],{"class":175}," \u002F\u002F ... symmetric encryption of clearValue bytes, returning the encrypted value\n",[109,490,492],{"class":111,"line":491},30,[109,493,239],{"class":129},[109,495,497],{"class":111,"line":496},31,[109,498,245],{"emptyLinePlaceholder":7},[109,500,502,504,506,508,511,513,515,517,520],{"class":111,"line":501},32,[109,503,136],{"class":115},[109,505,466],{"class":139},[109,507,153],{"class":129},[109,509,510],{"class":143},"decrypt",[109,512,147],{"class":129},[109,514,150],{"class":139},[109,516,153],{"class":129},[109,518,519],{"class":156},"encryptedValue",[109,521,394],{"class":129},[109,523,525],{"class":111,"line":524},33,[109,526,527],{"class":175}," \u002F\u002F ... symmetric decryption of encryptedValue bytes, returning clear value\n",[109,529,531],{"class":111,"line":530},34,[109,532,239],{"class":129},[109,534,536],{"class":111,"line":535},35,[109,537,245],{"emptyLinePlaceholder":7},[109,539,541,543,545,548,550,552,554,557,560,563,566,568,570,573],{"class":111,"line":540},36,[109,542,136],{"class":115},[109,544,140],{"class":139},[109,546,547],{"class":143}," saveBytes",[109,549,147],{"class":129},[109,551,150],{"class":139},[109,553,153],{"class":129},[109,555,556],{"class":156},"bytes",[109,558,559],{"class":129},", ",[109,561,562],{"class":166},"String",[109,564,565],{"class":156}," filename",[109,567,160],{"class":129},[109,569,163],{"class":115},[109,571,572],{"class":166}," IOException",[109,574,130],{"class":129},[109,576,578],{"class":111,"line":577},37,[109,579,580],{"class":175}," \u002F\u002F ... write bytes to the file\n",[109,582,584],{"class":111,"line":583},38,[109,585,239],{"class":129},[109,587,589],{"class":111,"line":588},39,[109,590,591],{"class":129}," \n",[109,593,595,597,599,601,604,606,608,610,612,614,616],{"class":111,"line":594},40,[109,596,136],{"class":115},[109,598,466],{"class":139},[109,600,153],{"class":129},[109,602,603],{"class":143},"loadBytes",[109,605,147],{"class":129},[109,607,562],{"class":166},[109,609,565],{"class":156},[109,611,160],{"class":129},[109,613,163],{"class":115},[109,615,572],{"class":166},[109,617,618],{"class":129}," { \n",[109,620,622],{"class":111,"line":621},41,[109,623,624],{"class":175}," \u002F\u002F ... read bytes to the file \n",[109,626,628],{"class":111,"line":627},42,[109,629,239],{"class":129},[109,631,633],{"class":111,"line":632},43,[109,634,635],{"class":129},"}\n",[39,637,638],{},"This is a very simple password mechanism that only stores one password for the system.  The flaw in this approach is that the stored password is encrypted in a way that it can be decrypted to compare it to the user's password input. An attacker could potentially decrypt the password file to discover the password, particularly when the attacker has knowledge of the key and encryption scheme used by the program. Passwords should be protected even from system administrators and privileged users. Consequently, using encryption is only partly effective in mitigating password disclosure threats.",[51,640,87],{"id":641},"noncompliant-code-example-1",[39,643,644,645,648,649,652,653,656,657,661,662,664],{},"This noncompliant code example uses the ",[80,646,647],{},"SHA-256"," hash function through the ",[80,650,651],{},"MessageDigest"," class to compare hash values instead of cleartext strings. It uses ",[80,654,655],{},"SecureRandom"," to generate a strong salt, as recommended by ",[391,658,660],{"href":659},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc02-j","MSC02-J. Generate strong random numbers"," .  However, it uses a ",[80,663,562],{}," to store the password:",[96,666,667],{"quality":98},[100,668,670],{"className":102,"code":669,"language":104,"meta":105,"style":105},"import java.security.MessageDigest;\nimport java.security.NoSuchAlgorithmException;\n\npublic final class Password {\n private SecureRandom random = new SecureRandom();\n\n private void setPassword(String pass) throws Exception {\n byte[] salt = new byte[12];\n random.nextBytes(salt);\n MessageDigest msgDigest = MessageDigest.getInstance(\"SHA-256\");\n \u002F\u002F Encode the string and salt\n byte[] hashVal = msgDigest.digest((pass+salt).getBytes());\n saveBytes(salt, \"salt.bin\");\n \u002F\u002F Save the hash value to password.bin\n saveBytes(hashVal,\"password.bin\");\n }\n\n boolean checkPassword(String pass) throws Exception {\n byte[] salt = loadBytes(\"salt.bin\");\n MessageDigest msgDigest = MessageDigest.getInstance(\"SHA-256\");\n \u002F\u002F Encode the string and salt\n byte[] hashVal1 = msgDigest.digest((pass+salt).getBytes());\n \u002F\u002F Load the hash value stored in password.bin\n byte[] hashVal2 = loadBytes(\"password.bin\");\n return Arrays.equals(hashVal1, hashVal2);\n }\n\n private void saveBytes(byte[] bytes, String filename) throws IOException {\n \u002F\u002F ... write bytes to the file\n } \n\n private byte[] loadBytes(String filename) throws IOException { \n \u002F\u002F ... read bytes to the file \n }\n}\n",[80,671,672,683,692,696,708,728,732,755,777,788,811,816,846,858,863,874,878,882,902,918,936,940,963,968,985,997,1001,1005,1035,1039,1044,1048,1072,1076,1080],{"__ignoreMap":105},[109,673,674,677,681],{"class":111,"line":112},[109,675,676],{"class":115},"import",[109,678,680],{"class":679},"s-ngx"," java.security.MessageDigest",[109,682,442],{"class":129},[109,684,685,687,690],{"class":111,"line":133},[109,686,676],{"class":115},[109,688,689],{"class":679}," java.security.NoSuchAlgorithmException",[109,691,442],{"class":129},[109,693,694],{"class":111,"line":172},[109,695,245],{"emptyLinePlaceholder":7},[109,697,698,700,702,704,706],{"class":111,"line":179},[109,699,116],{"class":115},[109,701,119],{"class":115},[109,703,122],{"class":115},[109,705,126],{"class":125},[109,707,130],{"class":129},[109,709,710,712,715,718,720,723,725],{"class":111,"line":197},[109,711,136],{"class":115},[109,713,714],{"class":166}," SecureRandom",[109,716,717],{"class":129}," random ",[109,719,188],{"class":115},[109,721,722],{"class":115}," new",[109,724,714],{"class":143},[109,726,727],{"class":129},"();\n",[109,729,730],{"class":111,"line":206},[109,731,245],{"emptyLinePlaceholder":7},[109,733,734,736,738,740,742,744,747,749,751,753],{"class":111,"line":212},[109,735,136],{"class":115},[109,737,140],{"class":139},[109,739,144],{"class":143},[109,741,147],{"class":129},[109,743,562],{"class":166},[109,745,746],{"class":156}," pass",[109,748,160],{"class":129},[109,750,163],{"class":115},[109,752,167],{"class":166},[109,754,130],{"class":129},[109,756,757,759,762,764,766,768,771,774],{"class":111,"line":228},[109,758,182],{"class":139},[109,760,761],{"class":129},"[] salt ",[109,763,188],{"class":115},[109,765,722],{"class":115},[109,767,466],{"class":139},[109,769,770],{"class":129},"[",[109,772,773],{"class":414},"12",[109,775,776],{"class":129},"];\n",[109,778,779,782,785],{"class":111,"line":236},[109,780,781],{"class":129}," random.",[109,783,784],{"class":143},"nextBytes",[109,786,787],{"class":129},"(salt);\n",[109,789,790,793,796,798,801,804,806,809],{"class":111,"line":242},[109,791,792],{"class":166}," MessageDigest",[109,794,795],{"class":129}," msgDigest ",[109,797,188],{"class":115},[109,799,800],{"class":129}," MessageDigest.",[109,802,803],{"class":143},"getInstance",[109,805,147],{"class":129},[109,807,808],{"class":221},"\"SHA-256\"",[109,810,225],{"class":129},[109,812,813],{"class":111,"line":248},[109,814,815],{"class":175}," \u002F\u002F Encode the string and salt\n",[109,817,818,820,823,825,828,831,834,837,840,843],{"class":111,"line":273},[109,819,182],{"class":139},[109,821,822],{"class":129},"[] hashVal ",[109,824,188],{"class":115},[109,826,827],{"class":129}," msgDigest.",[109,829,830],{"class":143},"digest",[109,832,833],{"class":129},"((pass",[109,835,836],{"class":115},"+",[109,838,839],{"class":129},"salt).",[109,841,842],{"class":143},"getBytes",[109,844,845],{"class":129},"());\n",[109,847,848,850,853,856],{"class":111,"line":279},[109,849,215],{"class":143},[109,851,852],{"class":129},"(salt, ",[109,854,855],{"class":221},"\"salt.bin\"",[109,857,225],{"class":129},[109,859,860],{"class":111,"line":298},[109,861,862],{"class":175}," \u002F\u002F Save the hash value to password.bin\n",[109,864,865,867,870,872],{"class":111,"line":314},[109,866,215],{"class":143},[109,868,869],{"class":129},"(hashVal,",[109,871,222],{"class":221},[109,873,225],{"class":129},[109,875,876],{"class":111,"line":321},[109,877,239],{"class":129},[109,879,880],{"class":111,"line":341},[109,881,245],{"emptyLinePlaceholder":7},[109,883,884,886,888,890,892,894,896,898,900],{"class":111,"line":349},[109,885,251],{"class":139},[109,887,254],{"class":143},[109,889,147],{"class":129},[109,891,562],{"class":166},[109,893,746],{"class":156},[109,895,160],{"class":129},[109,897,163],{"class":115},[109,899,167],{"class":166},[109,901,130],{"class":129},[109,903,904,906,908,910,912,914,916],{"class":111,"line":356},[109,905,182],{"class":139},[109,907,761],{"class":129},[109,909,188],{"class":115},[109,911,288],{"class":143},[109,913,147],{"class":129},[109,915,855],{"class":221},[109,917,225],{"class":129},[109,919,920,922,924,926,928,930,932,934],{"class":111,"line":365},[109,921,792],{"class":166},[109,923,795],{"class":129},[109,925,188],{"class":115},[109,927,800],{"class":129},[109,929,803],{"class":143},[109,931,147],{"class":129},[109,933,808],{"class":221},[109,935,225],{"class":129},[109,937,938],{"class":111,"line":370},[109,939,815],{"class":175},[109,941,942,944,947,949,951,953,955,957,959,961],{"class":111,"line":375},[109,943,182],{"class":139},[109,945,946],{"class":129},"[] hashVal1 ",[109,948,188],{"class":115},[109,950,827],{"class":129},[109,952,830],{"class":143},[109,954,833],{"class":129},[109,956,836],{"class":115},[109,958,839],{"class":129},[109,960,842],{"class":143},[109,962,845],{"class":129},[109,964,965],{"class":111,"line":397},[109,966,967],{"class":175}," \u002F\u002F Load the hash value stored in password.bin\n",[109,969,970,972,975,977,979,981,983],{"class":111,"line":432},[109,971,182],{"class":139},[109,973,974],{"class":129},"[] hashVal2 ",[109,976,188],{"class":115},[109,978,288],{"class":143},[109,980,147],{"class":129},[109,982,222],{"class":221},[109,984,225],{"class":129},[109,986,987,989,991,994],{"class":111,"line":445},[109,988,359],{"class":115},[109,990,332],{"class":129},[109,992,993],{"class":143},"equals",[109,995,996],{"class":129},"(hashVal1, hashVal2);\n",[109,998,999],{"class":111,"line":451},[109,1000,239],{"class":129},[109,1002,1003],{"class":111,"line":456},[109,1004,245],{"emptyLinePlaceholder":7},[109,1006,1007,1009,1011,1013,1015,1017,1019,1021,1023,1025,1027,1029,1031,1033],{"class":111,"line":461},[109,1008,136],{"class":115},[109,1010,140],{"class":139},[109,1012,547],{"class":143},[109,1014,147],{"class":129},[109,1016,150],{"class":139},[109,1018,153],{"class":129},[109,1020,556],{"class":156},[109,1022,559],{"class":129},[109,1024,562],{"class":166},[109,1026,565],{"class":156},[109,1028,160],{"class":129},[109,1030,163],{"class":115},[109,1032,572],{"class":166},[109,1034,130],{"class":129},[109,1036,1037],{"class":111,"line":485},[109,1038,580],{"class":175},[109,1040,1041],{"class":111,"line":491},[109,1042,1043],{"class":129}," } \n",[109,1045,1046],{"class":111,"line":496},[109,1047,245],{"emptyLinePlaceholder":7},[109,1049,1050,1052,1054,1056,1058,1060,1062,1064,1066,1068,1070],{"class":111,"line":501},[109,1051,136],{"class":115},[109,1053,466],{"class":139},[109,1055,153],{"class":129},[109,1057,603],{"class":143},[109,1059,147],{"class":129},[109,1061,562],{"class":166},[109,1063,565],{"class":156},[109,1065,160],{"class":129},[109,1067,163],{"class":115},[109,1069,572],{"class":166},[109,1071,618],{"class":129},[109,1073,1074],{"class":111,"line":524},[109,1075,624],{"class":175},[109,1077,1078],{"class":111,"line":530},[109,1079,239],{"class":129},[109,1081,1082],{"class":111,"line":535},[109,1083,635],{"class":129},[39,1085,1086,1087,1089,1090,1093],{},"This is a very simple password mechanism that only stores one password and one salt for the system. Even when an attacker knows that the program stores passwords using SHA-256 and a 12-byte salt, he or she will be unable to retrieve the actual password from ",[80,1088,93],{}," and ",[80,1091,1092],{},"salt.bin"," .",[39,1095,1096,1097,1099,1100,1102,1103,1107],{},"Although this approach solves the decryption problem from the previous noncompliant code example, this program may inadvertently store the passwords as cleartext in memory. Java ",[80,1098,562],{}," objects are immutable and can be copied and internally stored by the Java Virtual Machine. Consequently, Java lacks a mechanism to securely erase a password once it has been stored in a ",[80,1101,562],{}," . See ",[391,1104,1106],{"href":1105},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc59-j","MSC59-J. Limit the lifetime of sensitive data"," for more information.",[51,1109,1111],{"id":1110},"compliant-solution","Compliant Solution",[39,1113,1114],{},"This compliant solution addresses the problems from the previous noncompliant code examples:",[96,1116,1118],{"quality":1117},"good",[100,1119,1121],{"className":102,"code":1120,"language":104,"meta":105,"style":105},"import java.security.GeneralSecurityException;\nimport java.security.SecureRandom;\nimport java.security.spec.KeySpec;\nimport javax.crypto.SecretKeyFactory;\nimport javax.crypto.spec.PBEKeySpec;\n \nfinal class Password {\n private SecureRandom random = new SecureRandom();\n private final int SALT_BYTE_LENGTH = 12;\n private final int ITERATIONS = 100000;\n private final String ALGORITHM = \"PBKDF2WithHmacSHA256\";\n \n \u002F* Set password to new value, zeroing out password *\u002F\n void setPassword(char[] pass)\n throws IOException, GeneralSecurityException {\n byte[] salt = new byte[SALT_BYTE_LENGTH];\n random.nextBytes(salt);\n saveBytes(salt, \"salt.bin\"); \n byte[] hashVal = hashPassword(pass, salt); \n saveBytes(hashVal,\"password.bin\");\n Arrays.fill(hashVal, (byte) 0);\n }\n\n  \u002F* Indicates if given password is correct *\u002F\n boolean checkPassword(char[] pass)\n throws IOException, GeneralSecurityException {\n byte[] salt = loadBytes(\"salt.bin\");\n byte[] hashVal1 = hashPassword(pass, salt);\n \u002F\u002F Load the hash value stored in password.bin\n byte[] hashVal2 = loadBytes(\"password.bin\");\n boolean arraysEqual = timingEquals(hashVal1, hashVal2);\n Arrays.fill(hashVal1, (byte) 0);\n Arrays.fill(hashVal2, (byte) 0);\n return arraysEqual;\n }\n \n \u002F* Encrypts password & salt and zeroes both *\u002F\n private byte[] hashPassword(char[] pass, byte[] salt)\n throws GeneralSecurityException {\n KeySpec spec = new PBEKeySpec(pass, salt, ITERATIONS);\n Arrays.fill(pass, (char) 0);\n Arrays.fill(salt, (byte) 0);\n SecretKeyFactory f = SecretKeyFactory.getInstance(ALGORITHM);\n return f.generateSecret(spec).getEncoded();\n }\n\n  \u002F**\n * Indicates if both byte arrays are equal\n * but uses same amount of time if they are the same or different\n * to prevent timing attacks\n *\u002F\n public static boolean timingEquals(byte b1[], byte b2[]) {\n boolean result = true;\n int len = b1.length;\n if (len != b2.length) {\n result = false;\n }\n if (len > b2.length) {\n len = b2.length;\n }\n for (int i = 0; i \u003C len; i++) {\n result &= (b1[i] == b2[i]);\n }\n return result;\n }\n\n  private void saveBytes(byte[] bytes, String filename) throws IOException {\n \u002F\u002F ... write bytes to the file\n }\n\n private byte[] loadBytes(String filename) throws IOException {\n \u002F\u002F ... read bytes to the file\n }\n}\n",[80,1122,1123,1132,1141,1150,1159,1168,1172,1183,1199,1218,1236,1255,1260,1265,1284,1299,1314,1322,1333,1347,1357,1377,1381,1385,1390,1406,1418,1434,1447,1451,1467,1480,1497,1514,1520,1524,1528,1533,1562,1571,1589,1606,1623,1641,1660,1665,1670,1676,1682,1688,1694,1700,1732,1747,1761,1776,1789,1794,1806,1817,1822,1848,1865,1870,1878,1883,1888,1920,1925,1930,1935,1960,1966,1971],{"__ignoreMap":105},[109,1124,1125,1127,1130],{"class":111,"line":112},[109,1126,676],{"class":115},[109,1128,1129],{"class":679}," java.security.GeneralSecurityException",[109,1131,442],{"class":129},[109,1133,1134,1136,1139],{"class":111,"line":133},[109,1135,676],{"class":115},[109,1137,1138],{"class":679}," java.security.SecureRandom",[109,1140,442],{"class":129},[109,1142,1143,1145,1148],{"class":111,"line":172},[109,1144,676],{"class":115},[109,1146,1147],{"class":679}," java.security.spec.KeySpec",[109,1149,442],{"class":129},[109,1151,1152,1154,1157],{"class":111,"line":179},[109,1153,676],{"class":115},[109,1155,1156],{"class":679}," javax.crypto.SecretKeyFactory",[109,1158,442],{"class":129},[109,1160,1161,1163,1166],{"class":111,"line":197},[109,1162,676],{"class":115},[109,1164,1165],{"class":679}," javax.crypto.spec.PBEKeySpec",[109,1167,442],{"class":129},[109,1169,1170],{"class":111,"line":206},[109,1171,591],{"class":129},[109,1173,1174,1177,1179,1181],{"class":111,"line":212},[109,1175,1176],{"class":115},"final",[109,1178,122],{"class":115},[109,1180,126],{"class":125},[109,1182,130],{"class":129},[109,1184,1185,1187,1189,1191,1193,1195,1197],{"class":111,"line":228},[109,1186,136],{"class":115},[109,1188,714],{"class":166},[109,1190,717],{"class":129},[109,1192,188],{"class":115},[109,1194,722],{"class":115},[109,1196,714],{"class":143},[109,1198,727],{"class":129},[109,1200,1201,1203,1205,1208,1211,1213,1216],{"class":111,"line":236},[109,1202,136],{"class":115},[109,1204,119],{"class":115},[109,1206,1207],{"class":139}," int",[109,1209,1210],{"class":129}," SALT_BYTE_LENGTH ",[109,1212,188],{"class":115},[109,1214,1215],{"class":414}," 12",[109,1217,442],{"class":129},[109,1219,1220,1222,1224,1226,1229,1231,1234],{"class":111,"line":242},[109,1221,136],{"class":115},[109,1223,119],{"class":115},[109,1225,1207],{"class":139},[109,1227,1228],{"class":129}," ITERATIONS ",[109,1230,188],{"class":115},[109,1232,1233],{"class":414}," 100000",[109,1235,442],{"class":129},[109,1237,1238,1240,1242,1245,1248,1250,1253],{"class":111,"line":248},[109,1239,136],{"class":115},[109,1241,119],{"class":115},[109,1243,1244],{"class":166}," String",[109,1246,1247],{"class":129}," ALGORITHM ",[109,1249,188],{"class":115},[109,1251,1252],{"class":221}," \"PBKDF2WithHmacSHA256\"",[109,1254,442],{"class":129},[109,1256,1257],{"class":111,"line":273},[109,1258,1259],{"class":129}," \n",[109,1261,1262],{"class":111,"line":279},[109,1263,1264],{"class":175}," \u002F* Set password to new value, zeroing out password *\u002F\n",[109,1266,1267,1270,1272,1274,1277,1279,1281],{"class":111,"line":298},[109,1268,1269],{"class":139}," void",[109,1271,144],{"class":143},[109,1273,147],{"class":129},[109,1275,1276],{"class":139},"char",[109,1278,153],{"class":129},[109,1280,157],{"class":156},[109,1282,1283],{"class":129},")\n",[109,1285,1286,1289,1291,1293,1296],{"class":111,"line":314},[109,1287,1288],{"class":115}," throws",[109,1290,572],{"class":166},[109,1292,559],{"class":129},[109,1294,1295],{"class":166},"GeneralSecurityException",[109,1297,1298],{"class":129}," {\n",[109,1300,1301,1303,1305,1307,1309,1311],{"class":111,"line":321},[109,1302,182],{"class":139},[109,1304,761],{"class":129},[109,1306,188],{"class":115},[109,1308,722],{"class":115},[109,1310,466],{"class":139},[109,1312,1313],{"class":129},"[SALT_BYTE_LENGTH];\n",[109,1315,1316,1318,1320],{"class":111,"line":341},[109,1317,781],{"class":129},[109,1319,784],{"class":143},[109,1321,787],{"class":129},[109,1323,1324,1326,1328,1330],{"class":111,"line":349},[109,1325,215],{"class":143},[109,1327,852],{"class":129},[109,1329,855],{"class":221},[109,1331,1332],{"class":129},"); \n",[109,1334,1335,1337,1339,1341,1344],{"class":111,"line":356},[109,1336,182],{"class":139},[109,1338,822],{"class":129},[109,1340,188],{"class":115},[109,1342,1343],{"class":143}," hashPassword",[109,1345,1346],{"class":129},"(pass, salt); \n",[109,1348,1349,1351,1353,1355],{"class":111,"line":365},[109,1350,215],{"class":143},[109,1352,869],{"class":129},[109,1354,222],{"class":221},[109,1356,225],{"class":129},[109,1358,1359,1362,1365,1368,1370,1372,1375],{"class":111,"line":370},[109,1360,1361],{"class":129}," Arrays.",[109,1363,1364],{"class":143},"fill",[109,1366,1367],{"class":129},"(hashVal, (",[109,1369,150],{"class":139},[109,1371,160],{"class":129},[109,1373,1374],{"class":414},"0",[109,1376,225],{"class":129},[109,1378,1379],{"class":111,"line":375},[109,1380,239],{"class":129},[109,1382,1383],{"class":111,"line":397},[109,1384,245],{"emptyLinePlaceholder":7},[109,1386,1387],{"class":111,"line":432},[109,1388,1389],{"class":175},"  \u002F* Indicates if given password is correct *\u002F\n",[109,1391,1392,1394,1396,1398,1400,1402,1404],{"class":111,"line":445},[109,1393,251],{"class":139},[109,1395,254],{"class":143},[109,1397,147],{"class":129},[109,1399,1276],{"class":139},[109,1401,153],{"class":129},[109,1403,157],{"class":156},[109,1405,1283],{"class":129},[109,1407,1408,1410,1412,1414,1416],{"class":111,"line":451},[109,1409,1288],{"class":115},[109,1411,572],{"class":166},[109,1413,559],{"class":129},[109,1415,1295],{"class":166},[109,1417,1298],{"class":129},[109,1419,1420,1422,1424,1426,1428,1430,1432],{"class":111,"line":456},[109,1421,182],{"class":139},[109,1423,761],{"class":129},[109,1425,188],{"class":115},[109,1427,288],{"class":143},[109,1429,147],{"class":129},[109,1431,855],{"class":221},[109,1433,225],{"class":129},[109,1435,1436,1438,1440,1442,1444],{"class":111,"line":461},[109,1437,182],{"class":139},[109,1439,946],{"class":129},[109,1441,188],{"class":115},[109,1443,1343],{"class":143},[109,1445,1446],{"class":129},"(pass, salt);\n",[109,1448,1449],{"class":111,"line":485},[109,1450,967],{"class":175},[109,1452,1453,1455,1457,1459,1461,1463,1465],{"class":111,"line":491},[109,1454,182],{"class":139},[109,1456,974],{"class":129},[109,1458,188],{"class":115},[109,1460,288],{"class":143},[109,1462,147],{"class":129},[109,1464,222],{"class":221},[109,1466,225],{"class":129},[109,1468,1469,1471,1473,1475,1478],{"class":111,"line":496},[109,1470,324],{"class":139},[109,1472,327],{"class":129},[109,1474,188],{"class":115},[109,1476,1477],{"class":143}," timingEquals",[109,1479,996],{"class":129},[109,1481,1482,1484,1486,1489,1491,1493,1495],{"class":111,"line":501},[109,1483,1361],{"class":129},[109,1485,1364],{"class":143},[109,1487,1488],{"class":129},"(hashVal1, (",[109,1490,150],{"class":139},[109,1492,160],{"class":129},[109,1494,1374],{"class":414},[109,1496,225],{"class":129},[109,1498,1499,1501,1503,1506,1508,1510,1512],{"class":111,"line":524},[109,1500,1361],{"class":129},[109,1502,1364],{"class":143},[109,1504,1505],{"class":129},"(hashVal2, (",[109,1507,150],{"class":139},[109,1509,160],{"class":129},[109,1511,1374],{"class":414},[109,1513,225],{"class":129},[109,1515,1516,1518],{"class":111,"line":530},[109,1517,359],{"class":115},[109,1519,362],{"class":129},[109,1521,1522],{"class":111,"line":535},[109,1523,239],{"class":129},[109,1525,1526],{"class":111,"line":540},[109,1527,591],{"class":129},[109,1529,1530],{"class":111,"line":577},[109,1531,1532],{"class":175}," \u002F* Encrypts password & salt and zeroes both *\u002F\n",[109,1534,1535,1537,1539,1541,1544,1546,1548,1550,1552,1554,1556,1558,1560],{"class":111,"line":583},[109,1536,136],{"class":115},[109,1538,466],{"class":139},[109,1540,153],{"class":129},[109,1542,1543],{"class":143},"hashPassword",[109,1545,147],{"class":129},[109,1547,1276],{"class":139},[109,1549,153],{"class":129},[109,1551,157],{"class":156},[109,1553,559],{"class":129},[109,1555,150],{"class":139},[109,1557,153],{"class":129},[109,1559,71],{"class":156},[109,1561,1283],{"class":129},[109,1563,1564,1566,1569],{"class":111,"line":588},[109,1565,1288],{"class":115},[109,1567,1568],{"class":166}," GeneralSecurityException",[109,1570,130],{"class":129},[109,1572,1573,1576,1579,1581,1583,1586],{"class":111,"line":594},[109,1574,1575],{"class":166}," KeySpec",[109,1577,1578],{"class":129}," spec ",[109,1580,188],{"class":115},[109,1582,722],{"class":115},[109,1584,1585],{"class":143}," PBEKeySpec",[109,1587,1588],{"class":129},"(pass, salt, ITERATIONS);\n",[109,1590,1591,1593,1595,1598,1600,1602,1604],{"class":111,"line":621},[109,1592,1361],{"class":129},[109,1594,1364],{"class":143},[109,1596,1597],{"class":129},"(pass, (",[109,1599,1276],{"class":139},[109,1601,160],{"class":129},[109,1603,1374],{"class":414},[109,1605,225],{"class":129},[109,1607,1608,1610,1612,1615,1617,1619,1621],{"class":111,"line":627},[109,1609,1361],{"class":129},[109,1611,1364],{"class":143},[109,1613,1614],{"class":129},"(salt, (",[109,1616,150],{"class":139},[109,1618,160],{"class":129},[109,1620,1374],{"class":414},[109,1622,225],{"class":129},[109,1624,1625,1628,1631,1633,1636,1638],{"class":111,"line":632},[109,1626,1627],{"class":166}," SecretKeyFactory",[109,1629,1630],{"class":129}," f ",[109,1632,188],{"class":115},[109,1634,1635],{"class":129}," SecretKeyFactory.",[109,1637,803],{"class":143},[109,1639,1640],{"class":129},"(ALGORITHM);\n",[109,1642,1644,1646,1649,1652,1655,1658],{"class":111,"line":1643},44,[109,1645,359],{"class":115},[109,1647,1648],{"class":129}," f.",[109,1650,1651],{"class":143},"generateSecret",[109,1653,1654],{"class":129},"(spec).",[109,1656,1657],{"class":143},"getEncoded",[109,1659,727],{"class":129},[109,1661,1663],{"class":111,"line":1662},45,[109,1664,239],{"class":129},[109,1666,1668],{"class":111,"line":1667},46,[109,1669,245],{"emptyLinePlaceholder":7},[109,1671,1673],{"class":111,"line":1672},47,[109,1674,1675],{"class":175},"  \u002F**\n",[109,1677,1679],{"class":111,"line":1678},48,[109,1680,1681],{"class":175}," * Indicates if both byte arrays are equal\n",[109,1683,1685],{"class":111,"line":1684},49,[109,1686,1687],{"class":175}," * but uses same amount of time if they are the same or different\n",[109,1689,1691],{"class":111,"line":1690},50,[109,1692,1693],{"class":175}," * to prevent timing attacks\n",[109,1695,1697],{"class":111,"line":1696},51,[109,1698,1699],{"class":175}," *\u002F\n",[109,1701,1703,1706,1709,1712,1714,1716,1718,1721,1724,1726,1729],{"class":111,"line":1702},52,[109,1704,1705],{"class":115}," public",[109,1707,1708],{"class":115}," static",[109,1710,1711],{"class":139}," boolean",[109,1713,1477],{"class":143},[109,1715,147],{"class":129},[109,1717,150],{"class":139},[109,1719,1720],{"class":156}," b1",[109,1722,1723],{"class":129},"[], ",[109,1725,150],{"class":139},[109,1727,1728],{"class":156}," b2",[109,1730,1731],{"class":129},"[]) {\n",[109,1733,1735,1737,1740,1742,1745],{"class":111,"line":1734},53,[109,1736,324],{"class":139},[109,1738,1739],{"class":129}," result ",[109,1741,188],{"class":115},[109,1743,1744],{"class":414}," true",[109,1746,442],{"class":129},[109,1748,1750,1753,1756,1758],{"class":111,"line":1749},54,[109,1751,1752],{"class":139}," int",[109,1754,1755],{"class":129}," len ",[109,1757,188],{"class":115},[109,1759,1760],{"class":129}," b1.length;\n",[109,1762,1764,1767,1770,1773],{"class":111,"line":1763},55,[109,1765,1766],{"class":115}," if",[109,1768,1769],{"class":129}," (len ",[109,1771,1772],{"class":115},"!=",[109,1774,1775],{"class":129}," b2.length) {\n",[109,1777,1779,1782,1784,1787],{"class":111,"line":1778},56,[109,1780,1781],{"class":129}," result ",[109,1783,188],{"class":115},[109,1785,1786],{"class":414}," false",[109,1788,442],{"class":129},[109,1790,1792],{"class":111,"line":1791},57,[109,1793,448],{"class":129},[109,1795,1797,1799,1801,1804],{"class":111,"line":1796},58,[109,1798,1766],{"class":115},[109,1800,1769],{"class":129},[109,1802,1803],{"class":115},">",[109,1805,1775],{"class":129},[109,1807,1809,1812,1814],{"class":111,"line":1808},59,[109,1810,1811],{"class":129}," len ",[109,1813,188],{"class":115},[109,1815,1816],{"class":129}," b2.length;\n",[109,1818,1820],{"class":111,"line":1819},60,[109,1821,448],{"class":129},[109,1823,1825,1827,1829,1831,1833,1835,1837,1839,1841,1844,1846],{"class":111,"line":1824},61,[109,1826,400],{"class":115},[109,1828,403],{"class":129},[109,1830,406],{"class":139},[109,1832,409],{"class":129},[109,1834,188],{"class":115},[109,1836,415],{"class":414},[109,1838,418],{"class":129},[109,1840,421],{"class":115},[109,1842,1843],{"class":129}," len; i",[109,1845,427],{"class":115},[109,1847,394],{"class":129},[109,1849,1851,1853,1856,1859,1862],{"class":111,"line":1850},62,[109,1852,1781],{"class":129},[109,1854,1855],{"class":115},"&=",[109,1857,1858],{"class":129}," (b1[i] ",[109,1860,1861],{"class":115},"==",[109,1863,1864],{"class":129}," b2[i]);\n",[109,1866,1868],{"class":111,"line":1867},63,[109,1869,448],{"class":129},[109,1871,1873,1875],{"class":111,"line":1872},64,[109,1874,359],{"class":115},[109,1876,1877],{"class":129}," result;\n",[109,1879,1881],{"class":111,"line":1880},65,[109,1882,239],{"class":129},[109,1884,1886],{"class":111,"line":1885},66,[109,1887,245],{"emptyLinePlaceholder":7},[109,1889,1891,1894,1896,1898,1900,1902,1904,1906,1908,1910,1912,1914,1916,1918],{"class":111,"line":1890},67,[109,1892,1893],{"class":115},"  private",[109,1895,140],{"class":139},[109,1897,547],{"class":143},[109,1899,147],{"class":129},[109,1901,150],{"class":139},[109,1903,153],{"class":129},[109,1905,556],{"class":156},[109,1907,559],{"class":129},[109,1909,562],{"class":166},[109,1911,565],{"class":156},[109,1913,160],{"class":129},[109,1915,163],{"class":115},[109,1917,572],{"class":166},[109,1919,130],{"class":129},[109,1921,1923],{"class":111,"line":1922},68,[109,1924,580],{"class":175},[109,1926,1928],{"class":111,"line":1927},69,[109,1929,239],{"class":129},[109,1931,1933],{"class":111,"line":1932},70,[109,1934,245],{"emptyLinePlaceholder":7},[109,1936,1938,1940,1942,1944,1946,1948,1950,1952,1954,1956,1958],{"class":111,"line":1937},71,[109,1939,136],{"class":115},[109,1941,466],{"class":139},[109,1943,153],{"class":129},[109,1945,603],{"class":143},[109,1947,147],{"class":129},[109,1949,562],{"class":166},[109,1951,565],{"class":156},[109,1953,160],{"class":129},[109,1955,163],{"class":115},[109,1957,572],{"class":166},[109,1959,130],{"class":129},[109,1961,1963],{"class":111,"line":1962},72,[109,1964,1965],{"class":175}," \u002F\u002F ... read bytes to the file\n",[109,1967,1969],{"class":111,"line":1968},73,[109,1970,239],{"class":129},[109,1972,1974],{"class":111,"line":1973},74,[109,1975,635],{"class":129},[39,1977,1978],{},"This is a very simple password mechanism that only stores one password and one salt for the system.",[39,1980,1981,1982,1984],{},"First, this compliant solution uses ",[80,1983,150],{}," array to store the password.",[39,1986,1987,1988,1089,1991,1994],{},"In both the ",[80,1989,1990],{},"setPassword()",[80,1992,1993],{},"checkPassword()"," methods, the cleartext representation of the password is erased immediately after it is converted into a hash value. Consequently, attackers must work harder to retrieve the cleartext password after the erasure. Providing guaranteed erasure is extremely challenging, is likely to be platform specific, and may even be impossible because of copying garbage collectors, dynamic paging, and other platform features that operate below the level of the Java language.",[39,1996,1997,1998,2001],{},"Furthermore, we use a ",[80,1999,2000],{},"timingEquals()"," method to validate the password. While doing a simple byte comparison, it takes the same time for both successful matches and unsuccessful ones; consequently thwarting timing attacks.",[39,2003,2004,2005,2007],{},"Finally, it uses PBKDF2 which, unlike ",[80,2006,651],{}," , is specifically designed for hashing passwords.",[39,2009,2010],{},"The parametric values (SALT_BYTE_LENGTH, ITERATIONS, ALGORITHM) should be set to values that reflect current best practices.  It should also be noted that once these parametric values are set they can not be changed without having to re-hash all passwords with the new parametric values.",[51,2012,2014],{"id":2013},"applicability","Applicability",[39,2016,2017],{},"Passwords stored without a secure hash are exposed to malicious users. Violations of this guideline generally have a clear exploit associated with them.",[39,2019,2020],{},"Applications such as password managers may need to retrieve the original password to enter it into a third-party application. This is permitted even though it violates this guideline. The password manager is accessed by a single user and always has the user's permission to store his or her passwords and to display those passwords on command. Consequently, the limiting factor to safety and security is the user's competence rather than the program's operation.",[51,2022,2024],{"id":2023},"automated-detection","Automated Detection",[2026,2027,2030],"table",{"className":2028},[2029],"wrapped",[2031,2032,2033,2051,2123],"tbody",{},[2034,2035,2038,2042,2045,2048],"tr",{"className":2036},[2037],"header",[2039,2040,2041],"th",{},"Tool",[2039,2043,2044],{},"Version",[2039,2046,2047],{},"Checker",[2039,2049,2050],{},"Description",[2034,2052,2055,2062,2070,2100],{"className":2053},[2054],"odd",[2056,2057,2058],"td",{},[391,2059,2061],{"href":2060},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft","Parasoft Jtest",[2056,2063,2064],{},[2065,2066,2069],"div",{"className":2067},[2068],"content-wrapper","2025.2",[2056,2071,2072],{},[2073,2074,2075,2076,2079,2080,2082,2083,2085,2086,2088,2089,2091,2092,2094,2095,2097,2098],"strong",{},"CERT.MSC62.PCCF",[2077,2078],"br",{},"\nCERT.MSC62.PWDPROP",[2077,2081],{},"\nCERT.MSC62.PWDXML",[2077,2084],{},"\nCERT.MSC62.WCPWD",[2077,2087],{},"\nCERT.MSC62.WPWD",[2077,2090],{},"\nCERT.MSC62.PLAIN",[2077,2093],{},"\nCERT.MSC62.PTPT",[2077,2096],{},"\nCERT.MSC62.UTAX",[2077,2099],{},[2056,2101,2102,2103,2105,2106,2105,2108,2110,2111,2113,2114,2116,2117,2119,2120,2122],{},"Avoid storing usernames and passwords in plain text in Castor 'jdo-conf.xml' files",[2077,2104],{},"\nEnsure that passwords are not stored as plaintext and are sufficiently long",[2077,2107],{},[2077,2109],{},"\nAvoid unencrypted passwords in WebSphere 'ibm-webservicesclient-ext.xmi' files",[2077,2112],{},"\nAvoid unencrypted passwords in WebSphere 'ibm-webservices-ext.xmi' files",[2077,2115],{},"\nPassword information should not be included in properties file in plaintext",[2077,2118],{},"\nAvoid using plain text passwords in Axis 'wsdd' files",[2077,2121],{},"\nAvoid using plain text passwords in Axis2 configuration files",[2034,2124,2127,2133,2141,2146],{"className":2125},[2126],"even",[2056,2128,2129],{},[391,2130,2132],{"href":2131},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer","Security Reviewer - Static Reviewer",[2056,2134,2135],{},[2065,2136,2138],{"className":2137},[2068],[39,2139,2140],{},"6.02",[2056,2142,2143],{},[2073,2144,2145],{},"JAVA_23",[2056,2147,2148],{},"Full Implementation",[51,2150,2152],{"id":2151},"bibliography","Bibliography",[2026,2154,2156],{"className":2155},[2029],[2031,2157,2158,2185,2200,2215,2231,2258],{},[2034,2159,2161,2169],{"className":2160},[2054],[2056,2162,2163,2164,2168],{},"[ ",[391,2165,2167],{"href":2166},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references#Rec.AA.References-API13","API 2013"," ]",[2056,2170,2171],{},[39,2172,2173,2180,2181],{},[391,2174,2176,2177],{"href":2175},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F7\u002Fdocs\u002Fapi\u002Fjava\u002Flang\u002FString.html","Class ",[80,2178,2179],{}," String "," ",[391,2182,2184],{"href":2183},"https:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F7\u002Fdocs\u002Fapi\u002Fjavax\u002Fcrypto\u002Fpackage-summary.html","Package javax.crypto",[2034,2186,2188,2194],{"className":2187},[2126],[2056,2189,2163,2190,2168],{},[391,2191,2193],{"href":2192},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references#Rec.AA.References-Hirondelle13","Hirondelle 2013",[2056,2195,2196],{},[391,2197,2199],{"href":2198},"http:\u002F\u002Fwww.javapractices.com\u002Ftopic\u002FTopicAction.do?Id=216","Passwords Never Clear in Text",[2034,2201,2203,2209],{"className":2202},[2054],[2056,2204,2163,2205,2168],{},[391,2206,2208],{"href":2207},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references#Rec.AA.References-OWASP12","OWASP 2012",[2056,2210,2211],{},[391,2212,2214],{"href":2213},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FHashing_Java#Why_add_salt_.3F","\"Why Add Salt?\"",[2034,2216,2218,2224],{"className":2217},[2126],[2056,2219,2163,2220,2168],{},[391,2221,2223],{"href":2222},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references#Rec.AA.References-Paar10","Paar 2010",[2056,2225,2226,2227],{},"Chapter 11, ",[391,2228,2230],{"href":2229},"http:\u002F\u002Fwiki.crypto.rub.de\u002FBuch\u002Fmovies.php","\"Hash Functions\"",[2034,2232,2234,2252],{"className":2233},[2054],[2056,2235,2236],{},[2065,2237,2239,2248],{"className":2238},[2068],[39,2240,2163,2241,2180,2244,2168],{},[391,2242,2243],{"href":2222},"A",[391,2245,2247],{"href":2246},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references","SVS 2019",[39,2249,2250],{},[2077,2251],{},[2056,2253,2254],{},[391,2255,2257],{"href":2256},"https:\u002F\u002Fwww.owasp.org\u002Findex.php\u002FCategory:OWASP_Application_Security_Verification_Standard_Project","OWASP ASVS",[2034,2259,2261,2266],{"className":2260},[2126],[2056,2262,2163,2263,2168],{},[391,2264,2265],{"href":2246},"NIST 2017",[2056,2267,2268],{},[391,2269,2271],{"href":2270},"https:\u002F\u002Fwww.nist.gov\u002Fitl\u002Ftig\u002Fprojects\u002Fspecial-publication-800-63","NIST 800-63",[2273,2274],"hr",{},[39,2276,2277,2180,2284,2180,2290],{},[391,2278,2280],{"href":2279},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc61-j",[2281,2282],"img",{"src":2283},"\u002Fattachments\u002F88487545\u002F88873873.png",[391,2285,2287],{"href":2286},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002F",[2281,2288],{"src":2289},"\u002Fattachments\u002F88487545\u002F88873874.png",[391,2291,2293],{"href":2292},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc63-j",[2281,2294],{"src":2295},"\u002Fattachments\u002F88487545\u002F88873875.png",[2297,2298,2299],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sz2Vg, html code.shiki .sz2Vg{--shiki-default:#6F42C1;--shiki-default-text-decoration:inherit;--shiki-dark:#B392F0;--shiki-dark-text-decoration:inherit;--shiki-sepia:#A6E22E;--shiki-sepia-text-decoration:underline}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .sTHNf, html code.shiki .sTHNf{--shiki-default:#E36209;--shiki-default-font-style:inherit;--shiki-dark:#FFAB70;--shiki-dark-font-style:inherit;--shiki-sepia:#FD971F;--shiki-sepia-font-style:italic}html pre.shiki code .sk8M1, html code.shiki .sk8M1{--shiki-default:#24292E;--shiki-default-font-style:inherit;--shiki-dark:#E1E4E8;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .s7F3e, html code.shiki .s7F3e{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#AE81FF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .s-ngx, html code.shiki .s-ngx{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F92672}",{"title":105,"searchDepth":133,"depth":133,"links":2301},[2302,2303,2304,2305,2306,2307,2308],{"id":53,"depth":133,"text":54},{"id":86,"depth":133,"text":87},{"id":641,"depth":133,"text":87},{"id":1110,"depth":133,"text":1111},{"id":2013,"depth":133,"text":2014},{"id":2023,"depth":133,"text":2024},{"id":2151,"depth":133,"text":2152},"md",{"tags":2311},[2312,2313,2314,2315,2316,2317,2318,2319,2320,2321,2322,2323],"sensitive","review-dms","android-applicable","review-dfs","msc","1security","review-dm","nonnormative","recommendation","reviewed-fwl","security","crypto","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc62-j",{"title":30,"description":41},"6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F14.msc62-j","gwZE46hJKzc0P-1kblZsZqQTfZjKFQBEFOnToHk--v4",[2329,2332],{"title":2330,"path":2279,"stem":2331,"children":-1},"MSC61-J. Do not use insecure or weak cryptographic algorithms","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F13.msc61-j",{"title":2333,"path":2292,"stem":2334,"children":-1},"MSC63-J. Ensure that SecureRandom is properly seeded","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F15.msc63-j",[2336],{"title":2337,"path":2338,"stem":2339,"children":2340},"SEI CERT Oracle Coding Standard for Java","\u002Fsei-cert-oracle-coding-standard-for-java","6.sei-cert-oracle-coding-standard-for-java\u002F1.index",[2341,2342,2482,3318,3706,3880],{"title":2337,"path":2338,"stem":2339},{"title":2343,"path":2344,"stem":2345,"children":2346},"Front Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F1.index",[2347,2348,2352,2356,2360,2406,2444],{"title":2343,"path":2344,"stem":2345},{"title":2349,"path":2350,"stem":2351},"Rules versus Recommendations (Java)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frules-versus-recommendations-java","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F2.rules-versus-recommendations-java",{"title":2353,"path":2354,"stem":2355},"Acknowledgments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Facknowledgments","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F3.acknowledgments",{"title":2357,"path":2358,"stem":2359},"Deprecations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Fdeprecations","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.deprecations",{"title":2361,"path":2362,"stem":2363,"children":2364},"Rec. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F01.index",[2365,2366,2370,2374,2378,2382,2386,2390,2394,2398,2402],{"title":2361,"path":2362,"stem":2363},{"title":2367,"path":2368,"stem":2369},"Scope","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F02.scope",{"title":2371,"path":2372,"stem":2373},"Audience","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F03.audience",{"title":2375,"path":2376,"stem":2377},"Contents and Organization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F05.contents-and-organization",{"title":2379,"path":2380,"stem":2381},"Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fguidelines","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F06.guidelines",{"title":2383,"path":2384,"stem":2385},"Usage","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F07.usage",{"title":2387,"path":2388,"stem":2389},"System Qualities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F08.system-qualities",{"title":2391,"path":2392,"stem":2393},"Priority and Levels","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F09.priority-and-levels",{"title":2395,"path":2396,"stem":2397},"Automatically Generated Code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F10.automatically-generated-code",{"title":2399,"path":2400,"stem":2401},"Source Code Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsource-code-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F11.source-code-validation",{"title":2403,"path":2404,"stem":2405},"Tool Selection and Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F12.tool-selection-and-validation",{"title":2407,"path":2408,"stem":2409,"children":2410},"Rule. Introduction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F01.index",[2411,2412,2416,2420,2424,2428,2432,2436,2440],{"title":2407,"path":2408,"stem":2409},{"title":2413,"path":2414,"stem":2415},"Input Validation and Data Sanitization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Finput-validation-and-data-sanitization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F02.input-validation-and-data-sanitization",{"title":2417,"path":2418,"stem":2419},"Leaking Sensitive Data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-sensitive-data","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F03.leaking-sensitive-data",{"title":2421,"path":2422,"stem":2423},"Type Safety","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Ftype-safety","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F04.type-safety",{"title":2425,"path":2426,"stem":2427},"Leaking Capabilities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-capabilities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F05.leaking-capabilities",{"title":2429,"path":2430,"stem":2431},"Denial of Service","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fdenial-of-service","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F06.denial-of-service",{"title":2433,"path":2434,"stem":2435},"Libraries","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Flibraries","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F07.libraries",{"title":2437,"path":2438,"stem":2439},"Concurrency, Visibility, and Memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fconcurrency-visibility-and-memory","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F08.concurrency-visibility-and-memory",{"title":2441,"path":2442,"stem":2443},"Privilege Escalation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fprivilege-escalation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F09.privilege-escalation",{"title":2445,"path":2446,"stem":2447,"children":2448},"Rule. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F01.index",[2449,2450,2453,2456,2459,2463,2466,2469,2472,2475,2479],{"title":2445,"path":2446,"stem":2447},{"title":2367,"path":2451,"stem":2452},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F02.scope",{"title":2371,"path":2454,"stem":2455},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F03.audience",{"title":2375,"path":2457,"stem":2458},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F04.contents-and-organization",{"title":2460,"path":2461,"stem":2462},"Identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fidentifiers","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F05.identifiers",{"title":2383,"path":2464,"stem":2465},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F06.usage",{"title":2387,"path":2467,"stem":2468},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F07.system-qualities",{"title":2391,"path":2470,"stem":2471},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F08.priority-and-levels",{"title":2395,"path":2473,"stem":2474},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F09.automatically-generated-code",{"title":2476,"path":2477,"stem":2478},"Conformance Testing","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fconformance-testing","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F10.conformance-testing",{"title":2403,"path":2480,"stem":2481},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F11.tool-selection-and-validation",{"title":2483,"path":2484,"stem":2485,"children":2486},"Rules","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F01.index",[2487,2488,2492,2518,2536,2582,2620,2694,2748,2774,2828,2890,2942,3000,3062,3112,3152,3210,3240,3266,3288],{"title":2483,"path":2484,"stem":2485},{"title":2489,"path":2490,"stem":2491},"Android (DRD)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fandroid-drd","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F02.android-drd",{"title":2493,"path":2494,"stem":2495,"children":2496},"Characters and Strings (STR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F1.index",[2497,2498,2502,2506,2510,2514],{"title":2493,"path":2494,"stem":2495},{"title":2499,"path":2500,"stem":2501},"STR00-J. Don't form strings containing partial characters from variable-width encodings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F2.str00-j",{"title":2503,"path":2504,"stem":2505},"STR01-J. Do not assume that a Java char fully represents a Unicode code point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F3.str01-j",{"title":2507,"path":2508,"stem":2509},"STR02-J. Specify an appropriate locale when comparing locale-dependent data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F4.str02-j",{"title":2511,"path":2512,"stem":2513},"STR03-J. Do not encode noncharacter data as a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F5.str03-j",{"title":2515,"path":2516,"stem":2517},"STR04-J. Use compatible character encodings when communicating string data between JVMs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F6.str04-j",{"title":2519,"path":2520,"stem":2521,"children":2522},"Declarations and Initialization (DCL)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F1.index",[2523,2524,2528,2532],{"title":2519,"path":2520,"stem":2521},{"title":2525,"path":2526,"stem":2527},"DCL00-J. Prevent class initialization cycles","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F2.dcl00-j",{"title":2529,"path":2530,"stem":2531},"DCL01-J. Do not reuse public identifiers from the Java Standard Library","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F3.dcl01-j",{"title":2533,"path":2534,"stem":2535},"DCL02-J. Do not modify the collection's elements during an enhanced for statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F4.dcl02-j",{"title":2537,"path":2538,"stem":2539,"children":2540},"Exceptional Behavior (ERR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F01.index",[2541,2542,2546,2550,2554,2558,2562,2566,2570,2574,2578],{"title":2537,"path":2538,"stem":2539},{"title":2543,"path":2544,"stem":2545},"ERR00-J. Do not suppress or ignore checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F02.err00-j",{"title":2547,"path":2548,"stem":2549},"ERR01-J. Do not allow exceptions to expose sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F03.err01-j",{"title":2551,"path":2552,"stem":2553},"ERR02-J. Prevent exceptions while logging data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F04.err02-j",{"title":2555,"path":2556,"stem":2557},"ERR03-J. Restore prior object state on method failure","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F05.err03-j",{"title":2559,"path":2560,"stem":2561},"ERR04-J. Do not complete abruptly from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F06.err04-j",{"title":2563,"path":2564,"stem":2565},"ERR05-J. Do not let checked exceptions escape from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F07.err05-j",{"title":2567,"path":2568,"stem":2569},"ERR06-J. Do not throw undeclared checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F08.err06-j",{"title":2571,"path":2572,"stem":2573},"ERR07-J. Do not throw RuntimeException, Exception, or Throwable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F09.err07-j",{"title":2575,"path":2576,"stem":2577},"ERR08-J. Do not catch NullPointerException or any of its ancestors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F10.err08-j",{"title":2579,"path":2580,"stem":2581},"ERR09-J. Do not allow untrusted code to terminate the JVM","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F11.err09-j",{"title":2583,"path":2584,"stem":2585,"children":2586},"Expressions (EXP)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F1.index",[2587,2588,2592,2596,2600,2604,2608,2612,2616],{"title":2583,"path":2584,"stem":2585},{"title":2589,"path":2590,"stem":2591},"EXP00-J. Do not ignore values returned by methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F2.exp00-j",{"title":2593,"path":2594,"stem":2595},"EXP01-J. Do not use a null in a case where an object is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F3.exp01-j",{"title":2597,"path":2598,"stem":2599},"EXP02-J. Do not use the Object.equals() method to compare two arrays","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F4.exp02-j",{"title":2601,"path":2602,"stem":2603},"EXP03-J. Do not use the equality operators when comparing values of boxed primitives","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F5.exp03-j",{"title":2605,"path":2606,"stem":2607},"EXP04-J. Do not pass arguments to certain Java Collections Framework methods that are a different type than the collection parameter type","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F6.exp04-j",{"title":2609,"path":2610,"stem":2611},"EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F7.exp05-j",{"title":2613,"path":2614,"stem":2615},"EXP06-J. Expressions used in assertions must not produce side effects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F8.exp06-j",{"title":2617,"path":2618,"stem":2619},"EXP07-J. Prevent loss of useful data due to weak references","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F9.exp07-j",{"title":2621,"path":2622,"stem":2623,"children":2624},"Input Output (FIO)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F01.index",[2625,2626,2630,2634,2638,2642,2646,2650,2654,2658,2662,2666,2670,2674,2678,2682,2686,2690],{"title":2621,"path":2622,"stem":2623},{"title":2627,"path":2628,"stem":2629},"FIO00-J. Do not operate on files in shared directories","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F02.fio00-j",{"title":2631,"path":2632,"stem":2633},"FIO01-J. Create files with appropriate access permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F03.fio01-j",{"title":2635,"path":2636,"stem":2637},"FIO02-J. Detect and handle file-related errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F04.fio02-j",{"title":2639,"path":2640,"stem":2641},"FIO03-J. Remove temporary files before termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F05.fio03-j",{"title":2643,"path":2644,"stem":2645},"FIO04-J. Release resources when they are no longer needed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F06.fio04-j",{"title":2647,"path":2648,"stem":2649},"FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F07.fio05-j",{"title":2651,"path":2652,"stem":2653},"FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F08.fio06-j",{"title":2655,"path":2656,"stem":2657},"FIO07-J. Do not let external processes block on IO buffers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F09.fio07-j",{"title":2659,"path":2660,"stem":2661},"FIO08-J. Distinguish between characters or bytes read from a stream and -1","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F10.fio08-j",{"title":2663,"path":2664,"stem":2665},"FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F11.fio09-j",{"title":2667,"path":2668,"stem":2669},"FIO10-J. Ensure the array is filled when using read() to fill an array","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F12.fio10-j",{"title":2671,"path":2672,"stem":2673},"FIO11-J. Do not convert between strings and bytes without specifying a valid character encoding","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F13.fio11-j",{"title":2675,"path":2676,"stem":2677},"FIO12-J. Provide methods to read and write little-endian data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F14.fio12-j",{"title":2679,"path":2680,"stem":2681},"FIO13-J. Do not log sensitive information outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F15.fio13-j",{"title":2683,"path":2684,"stem":2685},"FIO14-J. Perform proper cleanup at program termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F16.fio14-j",{"title":2687,"path":2688,"stem":2689},"FIO15-J. Do not reset a servlet's output stream after committing it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F17.fio15-j",{"title":2691,"path":2692,"stem":2693},"FIO16-J. Canonicalize path names before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F18.fio16-j",{"title":2695,"path":2696,"stem":2697,"children":2698},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F01.index",[2699,2700,2704,2708,2712,2716,2720,2724,2728,2732,2736,2740,2744],{"title":2695,"path":2696,"stem":2697},{"title":2701,"path":2702,"stem":2703},"IDS00-J. Prevent SQL injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F02.ids00-j",{"title":2705,"path":2706,"stem":2707},"IDS01-J. Normalize strings before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F03.ids01-j",{"title":2709,"path":2710,"stem":2711},"IDS03-J. Do not log unsanitized user input","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F04.ids03-j",{"title":2713,"path":2714,"stem":2715},"IDS04-J. Safely extract files from ZipInputStream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F05.ids04-j",{"title":2717,"path":2718,"stem":2719},"IDS06-J. Exclude unsanitized user input from format strings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F06.ids06-j",{"title":2721,"path":2722,"stem":2723},"IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F07.ids07-j",{"title":2725,"path":2726,"stem":2727},"IDS08-J. Sanitize untrusted data included in a regular expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F08.ids08-j",{"title":2729,"path":2730,"stem":2731},"IDS11-J. Perform any string modifications before validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F09.ids11-j",{"title":2733,"path":2734,"stem":2735},"IDS14-J. Do not trust the contents of hidden form fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F10.ids14-j",{"title":2737,"path":2738,"stem":2739},"IDS15-J. Do not allow sensitive information to leak outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F11.ids15-j",{"title":2741,"path":2742,"stem":2743},"IDS16-J. Prevent XML Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F12.ids16-j",{"title":2745,"path":2746,"stem":2747},"IDS17-J. Prevent XML External Entity Attacks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids17-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F13.ids17-j",{"title":2749,"path":2750,"stem":2751,"children":2752},"Java Native Interface (JNI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F1.index",[2753,2754,2758,2762,2766,2770],{"title":2749,"path":2750,"stem":2751},{"title":2755,"path":2756,"stem":2757},"JNI00-J. Define wrappers around native methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F2.jni00-j",{"title":2759,"path":2760,"stem":2761},"JNI01-J. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance (loadLibrary)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F3.jni01-j",{"title":2763,"path":2764,"stem":2765},"JNI02-J. Do not assume object references are constant or unique","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F4.jni02-j",{"title":2767,"path":2768,"stem":2769},"JNI03-J. Do not use direct pointers to Java objects in JNI code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F5.jni03-j",{"title":2771,"path":2772,"stem":2773},"JNI04-J. Do not assume that Java strings are null-terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F6.jni04-j",{"title":2775,"path":2776,"stem":2777,"children":2778},"Locking (LCK)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F01.index",[2779,2780,2784,2788,2792,2796,2800,2804,2808,2812,2816,2820,2824],{"title":2775,"path":2776,"stem":2777},{"title":2781,"path":2782,"stem":2783},"LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F02.lck00-j",{"title":2785,"path":2786,"stem":2787},"LCK01-J. Do not synchronize on objects that may be reused","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F03.lck01-j",{"title":2789,"path":2790,"stem":2791},"LCK02-J. Do not synchronize on the class object returned by getClass()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F04.lck02-j",{"title":2793,"path":2794,"stem":2795},"LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F05.lck03-j",{"title":2797,"path":2798,"stem":2799},"LCK04-J. Do not synchronize on a collection view if the backing collection is accessible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F06.lck04-j",{"title":2801,"path":2802,"stem":2803},"LCK05-J. Synchronize access to static fields that can be modified by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F07.lck05-j",{"title":2805,"path":2806,"stem":2807},"LCK06-J. Do not use an instance lock to protect shared static data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F08.lck06-j",{"title":2809,"path":2810,"stem":2811},"LCK07-J. Avoid deadlock by requesting and releasing locks in the same order","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F09.lck07-j",{"title":2813,"path":2814,"stem":2815},"LCK08-J. Ensure actively held locks are released on exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F10.lck08-j",{"title":2817,"path":2818,"stem":2819},"LCK09-J. Do not perform operations that can block while holding a lock","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F11.lck09-j",{"title":2821,"path":2822,"stem":2823},"LCK10-J. Use a correct form of the double-checked locking idiom","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F12.lck10-j",{"title":2825,"path":2826,"stem":2827},"LCK11-J. Avoid client-side locking when using classes that do not commit to their locking strategy","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F13.lck11-j",{"title":2829,"path":2830,"stem":2831,"children":2832},"Methods (MET)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F01.index",[2833,2834,2838,2842,2846,2850,2854,2858,2862,2866,2870,2874,2878,2882,2886],{"title":2829,"path":2830,"stem":2831},{"title":2835,"path":2836,"stem":2837},"MET00-J. Validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F02.met00-j",{"title":2839,"path":2840,"stem":2841},"MET01-J. Never use assertions to validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F03.met01-j",{"title":2843,"path":2844,"stem":2845},"MET02-J. Do not use deprecated or obsolete classes or methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F04.met02-j",{"title":2847,"path":2848,"stem":2849},"MET03-J. Methods that perform a security check must be declared private or final","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F05.met03-j",{"title":2851,"path":2852,"stem":2853},"MET04-J. Do not increase the accessibility of overridden or hidden methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F06.met04-j",{"title":2855,"path":2856,"stem":2857},"MET05-J. Ensure that constructors do not call overridable methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F07.met05-j",{"title":2859,"path":2860,"stem":2861},"MET06-J. Do not invoke overridable methods in clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F08.met06-j",{"title":2863,"path":2864,"stem":2865},"MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F09.met07-j",{"title":2867,"path":2868,"stem":2869},"MET08-J. Preserve the equality contract when overriding the equals() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F10.met08-j",{"title":2871,"path":2872,"stem":2873},"MET09-J. Classes that define an equals() method must also define a hashCode() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F11.met09-j",{"title":2875,"path":2876,"stem":2877},"MET10-J. Follow the general contract when implementing the compareTo() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F12.met10-j",{"title":2879,"path":2880,"stem":2881},"MET11-J. Ensure that keys used in comparison operations are immutable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F13.met11-j",{"title":2883,"path":2884,"stem":2885},"MET12-J. Do not use finalizers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F14.met12-j",{"title":2887,"path":2888,"stem":2889},"MET13-J. Do not assume that reassigning method arguments modifies the calling environment","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F15.met13-j",{"title":2891,"path":2892,"stem":2893,"children":2894},"Miscellaneous (MSC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F01.index",[2895,2896,2900,2904,2906,2910,2914,2918,2922,2926,2930,2934,2938],{"title":2891,"path":2892,"stem":2893},{"title":2897,"path":2898,"stem":2899},"MSC00-J. Use SSLSocket rather than Socket for secure data exchange","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F02.msc00-j",{"title":2901,"path":2902,"stem":2903},"MSC01-J. Do not use an empty infinite loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F03.msc01-j",{"title":660,"path":659,"stem":2905},"6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F04.msc02-j",{"title":2907,"path":2908,"stem":2909},"MSC03-J. Never hard code sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F05.msc03-j",{"title":2911,"path":2912,"stem":2913},"MSC04-J. Do not leak memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F06.msc04-j",{"title":2915,"path":2916,"stem":2917},"MSC05-J. Do not exhaust heap space","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F07.msc05-j",{"title":2919,"path":2920,"stem":2921},"MSC06-J. Do not modify the underlying collection when an iteration is in progress","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F08.msc06-j",{"title":2923,"path":2924,"stem":2925},"MSC07-J. Prevent multiple instantiations of singleton objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F09.msc07-j",{"title":2927,"path":2928,"stem":2929},"MSC08-J. Do not store nonserializable objects as attributes in an HTTP session","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F10.msc08-j",{"title":2931,"path":2932,"stem":2933},"MSC09-J. For OAuth, ensure (a) [relying party receiving user's ID in last step] is same as (b) [relying party the access token was granted to].","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F11.msc09-j",{"title":2935,"path":2936,"stem":2937},"MSC10-J. Do not use OAuth 2.0 implicit grant (unmodified) for authentication","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F12.msc10-j",{"title":2939,"path":2940,"stem":2941},"MSC11-J. Do not let session information leak within a servlet","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F13.msc11-j",{"title":2943,"path":2944,"stem":2945,"children":2946},"Numeric Types and Operations (NUM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F01.index",[2947,2948,2952,2956,2960,2964,2968,2972,2976,2980,2984,2988,2992,2996],{"title":2943,"path":2944,"stem":2945},{"title":2949,"path":2950,"stem":2951},"NUM00-J. Detect or prevent integer overflow","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F02.num00-j",{"title":2953,"path":2954,"stem":2955},"NUM01-J. Do not perform bitwise and arithmetic operations on the same data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F03.num01-j",{"title":2957,"path":2958,"stem":2959},"NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F04.num02-j",{"title":2961,"path":2962,"stem":2963},"NUM03-J. Use integer types that can fully represent the possible range of unsigned data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F05.num03-j",{"title":2965,"path":2966,"stem":2967},"NUM04-J. Do not use floating-point numbers if precise computation is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F06.num04-j",{"title":2969,"path":2970,"stem":2971},"NUM07-J. Do not attempt comparisons with NaN","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F07.num07-j",{"title":2973,"path":2974,"stem":2975},"NUM08-J. Check floating-point inputs for exceptional values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F08.num08-j",{"title":2977,"path":2978,"stem":2979},"NUM09-J. Do not use floating-point variables as loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F09.num09-j",{"title":2981,"path":2982,"stem":2983},"NUM10-J. Do not construct BigDecimal objects from floating-point literals","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F10.num10-j",{"title":2985,"path":2986,"stem":2987},"NUM11-J. Do not compare or inspect the string representation of floating-point values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F11.num11-j",{"title":2989,"path":2990,"stem":2991},"NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F12.num12-j",{"title":2993,"path":2994,"stem":2995},"NUM13-J. Avoid loss of precision when converting primitive integers to floating-point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F13.num13-j",{"title":2997,"path":2998,"stem":2999},"NUM14-J. Use shift operators correctly","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F14.num14-j",{"title":3001,"path":3002,"stem":3003,"children":3004},"Object Orientation (OBJ)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F01.index",[3005,3006,3010,3014,3018,3022,3026,3030,3034,3038,3042,3046,3050,3054,3058],{"title":3001,"path":3002,"stem":3003},{"title":3007,"path":3008,"stem":3009},"OBJ01-J. Limit accessibility of fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F02.obj01-j",{"title":3011,"path":3012,"stem":3013},"OBJ02-J. Preserve dependencies in subclasses when changing superclasses","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F03.obj02-j",{"title":3015,"path":3016,"stem":3017},"OBJ03-J. Prevent heap pollution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F04.obj03-j",{"title":3019,"path":3020,"stem":3021},"OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F05.obj04-j",{"title":3023,"path":3024,"stem":3025},"OBJ05-J. Do not return references to private mutable class members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F06.obj05-j",{"title":3027,"path":3028,"stem":3029},"OBJ06-J. Defensively copy mutable inputs and mutable internal components","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F07.obj06-j",{"title":3031,"path":3032,"stem":3033},"OBJ07-J. Sensitive classes must not let themselves be copied","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F08.obj07-j",{"title":3035,"path":3036,"stem":3037},"OBJ08-J. Do not expose private members of an outer class from within a nested class","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F09.obj08-j",{"title":3039,"path":3040,"stem":3041},"OBJ09-J. Compare classes and not class names","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F10.obj09-j",{"title":3043,"path":3044,"stem":3045},"OBJ10-J. Do not use public static nonfinal fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F11.obj10-j",{"title":3047,"path":3048,"stem":3049},"OBJ11-J. Be wary of letting constructors throw exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F12.obj11-j",{"title":3051,"path":3052,"stem":3053},"OBJ12-J. Respect object-based annotations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F13.obj12-j",{"title":3055,"path":3056,"stem":3057},"OBJ13-J. Ensure that references to mutable objects are not exposed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F14.obj13-j",{"title":3059,"path":3060,"stem":3061},"OBJ14-J. Do not use an object that has been freed.","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F15.obj14-j",{"title":3063,"path":3064,"stem":3065,"children":3066},"Platform Security (SEC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F01.index",[3067,3068,3072,3076,3080,3084,3088,3092,3096,3100,3104,3108],{"title":3063,"path":3064,"stem":3065},{"title":3069,"path":3070,"stem":3071},"SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F02.sec00-j",{"title":3073,"path":3074,"stem":3075},"SEC01-J. Do not allow tainted variables in privileged blocks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F03.sec01-j",{"title":3077,"path":3078,"stem":3079},"SEC02-J. Do not base security checks on untrusted sources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F04.sec02-j",{"title":3081,"path":3082,"stem":3083},"SEC03-J. Do not load trusted classes after allowing untrusted code to load arbitrary classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F05.sec03-j",{"title":3085,"path":3086,"stem":3087},"SEC04-J. Protect sensitive operations with security manager checks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F06.sec04-j",{"title":3089,"path":3090,"stem":3091},"SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F07.sec05-j",{"title":3093,"path":3094,"stem":3095},"SEC06-J. Do not rely on the default automatic signature verification provided by URLClassLoader and java.util.jar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F08.sec06-j",{"title":3097,"path":3098,"stem":3099},"SEC07-J. Call the superclass's getPermissions() method when writing a custom class loader","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F09.sec07-j",{"title":3101,"path":3102,"stem":3103},"SEC08-J Trusted code must discard or clean any arguments provided by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F10.sec08-j",{"title":3105,"path":3106,"stem":3107},"SEC09-J Never leak the results of certain standard API methods from trusted code to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F11.sec09-j",{"title":3109,"path":3110,"stem":3111},"SEC10-J Never permit untrusted code to invoke any API that may (possibly transitively) invoke the reflection APIs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F12.sec10-j",{"title":3113,"path":3114,"stem":3115,"children":3116},"Runtime Environment (ENV)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F1.index",[3117,3118,3122,3126,3130,3140,3144,3148],{"title":3113,"path":3114,"stem":3115},{"title":3119,"path":3120,"stem":3121},"ENV00-J. Do not sign code that performs only unprivileged operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F2.env00-j",{"title":3123,"path":3124,"stem":3125},"ENV01-J. Place all security-sensitive code in a single JAR and sign and seal it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F3.env01-j",{"title":3127,"path":3128,"stem":3129},"ENV02-J. Do not trust the values of environment variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F4.env02-j",{"title":3131,"path":3132,"stem":3133,"children":3134},"ENV03-J. Do not grant dangerous combinations of permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F1.index",[3135,3136],{"title":3131,"path":3132,"stem":3133},{"title":3137,"path":3138,"stem":3139},"DUMMY ENV03-J","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j\u002Fdummy-env03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F2.dummy-env03-j",{"title":3141,"path":3142,"stem":3143},"ENV04-J. Do not disable bytecode verification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F6.env04-j",{"title":3145,"path":3146,"stem":3147},"ENV05-J. Do not deploy an application that can be remotely monitored","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F7.env05-j",{"title":3149,"path":3150,"stem":3151},"ENV06-J. Production code must not contain debugging entry points","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F8.env06-j",{"title":3153,"path":3154,"stem":3155,"children":3156},"Serialization (SER)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F01.index",[3157,3158,3162,3166,3170,3174,3178,3182,3186,3190,3194,3198,3202,3206],{"title":3153,"path":3154,"stem":3155},{"title":3159,"path":3160,"stem":3161},"SER00-J. Enable serialization compatibility during class evolution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F02.ser00-j",{"title":3163,"path":3164,"stem":3165},"SER01-J. Do not deviate from the proper signatures of serialization methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F03.ser01-j",{"title":3167,"path":3168,"stem":3169},"SER02-J. Sign then seal objects before sending them outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F04.ser02-j",{"title":3171,"path":3172,"stem":3173},"SER03-J. Do not serialize unencrypted sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F05.ser03-j",{"title":3175,"path":3176,"stem":3177},"SER04-J. Do not allow serialization and deserialization to bypass the security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F06.ser04-j",{"title":3179,"path":3180,"stem":3181},"SER05-J. Do not serialize instances of inner classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F07.ser05-j",{"title":3183,"path":3184,"stem":3185},"SER06-J. Make defensive copies of private mutable components during deserialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F08.ser06-j",{"title":3187,"path":3188,"stem":3189},"SER07-J. Do not use the default serialized form for classes with implementation-defined invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F09.ser07-j",{"title":3191,"path":3192,"stem":3193},"SER08-J. Minimize privileges before deserializing from a privileged context","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F10.ser08-j",{"title":3195,"path":3196,"stem":3197},"SER09-J. Do not invoke overridable methods from the readObject() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F11.ser09-j",{"title":3199,"path":3200,"stem":3201},"SER10-J. Avoid memory and resource leaks during serialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F12.ser10-j",{"title":3203,"path":3204,"stem":3205},"SER11-J. Prevent overwriting of externalizable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F13.ser11-j",{"title":3207,"path":3208,"stem":3209},"SER12-J. Prevent deserialization of untrusted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F14.ser12-j",{"title":3211,"path":3212,"stem":3213,"children":3214},"Thread APIs (THI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F1.index",[3215,3216,3220,3224,3228,3232,3236],{"title":3211,"path":3212,"stem":3213},{"title":3217,"path":3218,"stem":3219},"THI00-J. Do not invoke Thread.run()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F2.thi00-j",{"title":3221,"path":3222,"stem":3223},"THI01-J. Do not invoke ThreadGroup methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F3.thi01-j",{"title":3225,"path":3226,"stem":3227},"THI02-J. Notify all waiting threads rather than a single thread","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F4.thi02-j",{"title":3229,"path":3230,"stem":3231},"THI03-J. Always invoke wait() and await() methods inside a loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F5.thi03-j",{"title":3233,"path":3234,"stem":3235},"THI04-J. Ensure that threads performing blocking operations can be terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F6.thi04-j",{"title":3237,"path":3238,"stem":3239},"THI05-J. Do not use Thread.stop() to terminate threads","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F7.thi05-j",{"title":3241,"path":3242,"stem":3243,"children":3244},"Thread Pools (TPS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F1.index",[3245,3246,3250,3254,3258,3262],{"title":3241,"path":3242,"stem":3243},{"title":3247,"path":3248,"stem":3249},"TPS00-J. Use thread pools to enable graceful degradation of service during traffic bursts","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F2.tps00-j",{"title":3251,"path":3252,"stem":3253},"TPS01-J. Do not execute interdependent tasks in a bounded thread pool","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F3.tps01-j",{"title":3255,"path":3256,"stem":3257},"TPS02-J. Ensure that tasks submitted to a thread pool are interruptible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F4.tps02-j",{"title":3259,"path":3260,"stem":3261},"TPS03-J. Ensure that tasks executing in a thread pool do not fail silently","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F5.tps03-j",{"title":3263,"path":3264,"stem":3265},"TPS04-J. Ensure ThreadLocal variables are reinitialized when using thread pools","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F6.tps04-j",{"title":3267,"path":3268,"stem":3269,"children":3270},"Thread-Safety Miscellaneous (TSM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F1.index",[3271,3272,3276,3280,3284],{"title":3267,"path":3268,"stem":3269},{"title":3273,"path":3274,"stem":3275},"TSM00-J. Do not override thread-safe methods with methods that are not thread-safe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F2.tsm00-j",{"title":3277,"path":3278,"stem":3279},"TSM01-J. Do not let the this reference escape during object construction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F3.tsm01-j",{"title":3281,"path":3282,"stem":3283},"TSM02-J. Do not use background threads during class initialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F4.tsm02-j",{"title":3285,"path":3286,"stem":3287},"TSM03-J. Do not publish partially initialized objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F5.tsm03-j",{"title":3289,"path":3290,"stem":3291,"children":3292},"Visibility and Atomicity (VNA)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F1.index",[3293,3294,3298,3302,3306,3310,3314],{"title":3289,"path":3290,"stem":3291},{"title":3295,"path":3296,"stem":3297},"VNA00-J. Ensure visibility when accessing shared primitive variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F2.vna00-j",{"title":3299,"path":3300,"stem":3301},"VNA01-J. Ensure visibility of shared references to immutable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F3.vna01-j",{"title":3303,"path":3304,"stem":3305},"VNA02-J. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F4.vna02-j",{"title":3307,"path":3308,"stem":3309},"VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F5.vna03-j",{"title":3311,"path":3312,"stem":3313},"VNA04-J. Ensure that calls to chained methods are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F6.vna04-j",{"title":3315,"path":3316,"stem":3317},"VNA05-J. Ensure atomicity when reading and writing 64-bit values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F7.vna05-j",{"title":3319,"path":3320,"stem":3321,"children":3322},"Recommendations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F01.index",[3323,3324,3337,3355,3408,3433,3462,3483,3516,3549,3599,3624,3665],{"title":3319,"path":3320,"stem":3321},{"title":2493,"path":3325,"stem":3326,"children":3327},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F1.index",[3328,3329,3333],{"title":2493,"path":3325,"stem":3326},{"title":3330,"path":3331,"stem":3332},"STR50-J. Use the appropriate method for counting characters in a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F2.str50-j",{"title":3334,"path":3335,"stem":3336},"STR51-J. Use the charset encoder and decoder classes when more control over the encoding process is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F3.str51-j",{"title":3338,"path":3339,"stem":3340,"children":3341},"Concurrency (CON)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F1.index",[3342,3343,3347,3351],{"title":3338,"path":3339,"stem":3340},{"title":3344,"path":3345,"stem":3346},"CON50-J. Do not assume that declaring a reference volatile guarantees safe publication of the members of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F2.con50-j",{"title":3348,"path":3349,"stem":3350},"CON51-J. Do not assume that the sleep(), yield(), or getState() methods provide synchronization semantics","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F3.con51-j",{"title":3352,"path":3353,"stem":3354},"CON52-J. Document thread-safety and use annotations where applicable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F4.con52-j",{"title":2519,"path":3356,"stem":3357,"children":3358},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F01.index",[3359,3360,3364,3368,3372,3376,3380,3384,3388,3392,3396,3400,3404],{"title":2519,"path":3356,"stem":3357},{"title":3361,"path":3362,"stem":3363},"DCL50-J. Use visually distinct identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F02.dcl50-j",{"title":3365,"path":3366,"stem":3367},"DCL51-J. Do not shadow or obscure identifiers in subscopes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F03.dcl51-j",{"title":3369,"path":3370,"stem":3371},"DCL52-J. Do not declare more than one variable per declaration","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F04.dcl52-j",{"title":3373,"path":3374,"stem":3375},"DCL53-J. Minimize the scope of variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F05.dcl53-j",{"title":3377,"path":3378,"stem":3379},"DCL54-J. Use meaningful symbolic constants to represent literal values in program logic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F06.dcl54-j",{"title":3381,"path":3382,"stem":3383},"DCL55-J. Properly encode relationships in constant definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F07.dcl55-j",{"title":3385,"path":3386,"stem":3387},"DCL56-J. Do not attach significance to the ordinal associated with an enum","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F08.dcl56-j",{"title":3389,"path":3390,"stem":3391},"DCL57-J. Avoid ambiguous overloading of variable arity methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F09.dcl57-j",{"title":3393,"path":3394,"stem":3395},"DCL58-J. Enable compile-time type checking of variable arity parameter types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F10.dcl58-j",{"title":3397,"path":3398,"stem":3399},"DCL59-J. Do not apply public final to constants whose value might change in later releases","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F11.dcl59-j",{"title":3401,"path":3402,"stem":3403},"DCL60-J. Avoid cyclic dependencies between packages","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F12.dcl60-j",{"title":3405,"path":3406,"stem":3407},"DCL61-J. Do not use raw types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F13.dcl61-j",{"title":2537,"path":3409,"stem":3410,"children":3411},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F1.index",[3412,3413,3417,3421,3425,3429],{"title":2537,"path":3409,"stem":3410},{"title":3414,"path":3415,"stem":3416},"ERR50-J. Use exceptions only for exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F2.err50-j",{"title":3418,"path":3419,"stem":3420},"ERR51-J. Prefer user-defined exceptions over more general exception types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F3.err51-j",{"title":3422,"path":3423,"stem":3424},"ERR52-J. Avoid in-band error indicators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F4.err52-j",{"title":3426,"path":3427,"stem":3428},"ERR53-J. Try to gracefully recover from system errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F5.err53-j",{"title":3430,"path":3431,"stem":3432},"ERR54-J. Use a try-with-resources statement to safely handle closeable resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F6.err54-j",{"title":2583,"path":3434,"stem":3435,"children":3436},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F1.index",[3437,3438,3442,3446,3450,3454,3458],{"title":2583,"path":3434,"stem":3435},{"title":3439,"path":3440,"stem":3441},"EXP50-J. Do not confuse abstract object equality with reference equality","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F2.exp50-j",{"title":3443,"path":3444,"stem":3445},"EXP51-J. Do not perform assignments in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F3.exp51-j",{"title":3447,"path":3448,"stem":3449},"EXP52-J. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F4.exp52-j",{"title":3451,"path":3452,"stem":3453},"EXP53-J. Use parentheses for precedence of operation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F5.exp53-j",{"title":3455,"path":3456,"stem":3457},"EXP54-J. Understand the differences between bitwise and logical operators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F6.exp54-j",{"title":3459,"path":3460,"stem":3461},"EXP55-J. Use the same type for the second and third operands in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F7.exp55-j",{"title":2621,"path":3463,"stem":3464,"children":3465},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F1.index",[3466,3467,3471,3475,3479],{"title":2621,"path":3463,"stem":3464},{"title":3468,"path":3469,"stem":3470},"FIO50-J. Do not make assumptions about file creation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F2.fio50-j",{"title":3472,"path":3473,"stem":3474},"FIO51-J. Identify files using multiple file attributes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F3.fio51-j",{"title":3476,"path":3477,"stem":3478},"FIO52-J. Do not store unencrypted sensitive information on the client side","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F4.fio52-j",{"title":3480,"path":3481,"stem":3482},"FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F5.fio53-j",{"title":2695,"path":3484,"stem":3485,"children":3486},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F1.index",[3487,3488,3492,3496,3500,3504,3508,3512],{"title":2695,"path":3484,"stem":3485},{"title":3489,"path":3490,"stem":3491},"IDS50-J. Use conservative file naming conventions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F2.ids50-j",{"title":3493,"path":3494,"stem":3495},"IDS51-J. Properly encode or escape output","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F3.ids51-j",{"title":3497,"path":3498,"stem":3499},"IDS52-J. Prevent code injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F4.ids52-j",{"title":3501,"path":3502,"stem":3503},"IDS53-J. Prevent XPath Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F5.ids53-j",{"title":3505,"path":3506,"stem":3507},"IDS54-J. Prevent LDAP injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F6.ids54-j",{"title":3509,"path":3510,"stem":3511},"IDS55-J. Understand how escape characters are interpreted when strings are loaded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F7.ids55-j",{"title":3513,"path":3514,"stem":3515},"IDS56-J. Prevent arbitrary file upload","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F8.ids56-j",{"title":2829,"path":3517,"stem":3518,"children":3519},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F1.index",[3520,3521,3525,3529,3533,3537,3541,3545],{"title":2829,"path":3517,"stem":3518},{"title":3522,"path":3523,"stem":3524},"MET50-J. Avoid ambiguous or confusing uses of overloading","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F2.met50-j",{"title":3526,"path":3527,"stem":3528},"MET51-J. Do not use overloaded methods to differentiate between runtime types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F3.met51-j",{"title":3530,"path":3531,"stem":3532},"MET52-J. Do not use the clone() method to copy untrusted method parameters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F4.met52-j",{"title":3534,"path":3535,"stem":3536},"MET53-J. Ensure that the clone() method calls super.clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F5.met53-j",{"title":3538,"path":3539,"stem":3540},"MET54-J. Always provide feedback about the resulting value of a method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F6.met54-j",{"title":3542,"path":3543,"stem":3544},"MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F7.met55-j",{"title":3546,"path":3547,"stem":3548},"MET56-J. Do not use Object.equals() to compare cryptographic keys","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F8.met56-j",{"title":2891,"path":3550,"stem":3551,"children":3552},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F01.index",[3553,3554,3558,3562,3566,3570,3574,3578,3582,3586,3590,3592,3596,3597,3598],{"title":2891,"path":3550,"stem":3551},{"title":3555,"path":3556,"stem":3557},"MSC50-J. Minimize the scope of the @SuppressWarnings annotation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F02.msc50-j",{"title":3559,"path":3560,"stem":3561},"MSC51-J. Do not place a semicolon immediately following an if, for, or while condition","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F03.msc51-j",{"title":3563,"path":3564,"stem":3565},"MSC52-J. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F04.msc52-j",{"title":3567,"path":3568,"stem":3569},"MSC53-J. Carefully design interfaces before releasing them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F05.msc53-j",{"title":3571,"path":3572,"stem":3573},"MSC54-J. Avoid inadvertent wrapping of loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F06.msc54-j",{"title":3575,"path":3576,"stem":3577},"MSC55-J. Use comments consistently and in a readable fashion","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F07.msc55-j",{"title":3579,"path":3580,"stem":3581},"MSC56-J. Detect and remove superfluous code and values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F08.msc56-j",{"title":3583,"path":3584,"stem":3585},"MSC57-J. Strive for logical completeness","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F09.msc57-j",{"title":3587,"path":3588,"stem":3589},"MSC58-J. Prefer using iterators over enumerations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F10.msc58-j",{"title":1106,"path":1105,"stem":3591},"6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F11.msc59-j",{"title":3593,"path":3594,"stem":3595},"MSC60-J. Do not use assertions to verify the absence of runtime errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F12.msc60-j",{"title":2330,"path":2279,"stem":2331},{"title":30,"path":2324,"stem":2326},{"title":2333,"path":2292,"stem":2334},{"title":2943,"path":3600,"stem":3601,"children":3602},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F1.index",[3603,3604,3608,3612,3616,3620],{"title":2943,"path":3600,"stem":3601},{"title":3605,"path":3606,"stem":3607},"NUM50-J. Convert integers to floating point for floating-point operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F2.num50-j",{"title":3609,"path":3610,"stem":3611},"NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F3.num51-j",{"title":3613,"path":3614,"stem":3615},"NUM52-J. Be aware of numeric promotion behavior","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F4.num52-j",{"title":3617,"path":3618,"stem":3619},"NUM53-J. Use the strictfp modifier for floating-point calculation consistency across platforms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F5.num53-j",{"title":3621,"path":3622,"stem":3623},"NUM54-J. Do not use denormalized numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F6.num54-j",{"title":3001,"path":3625,"stem":3626,"children":3627},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F01.index",[3628,3629,3633,3637,3641,3645,3649,3653,3657,3661],{"title":3001,"path":3625,"stem":3626},{"title":3630,"path":3631,"stem":3632},"OBJ50-J. Never confuse the immutability of a reference with that of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F02.obj50-j",{"title":3634,"path":3635,"stem":3636},"OBJ51-J. Minimize the accessibility of classes and their members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F03.obj51-j",{"title":3638,"path":3639,"stem":3640},"OBJ52-J. Write garbage-collection-friendly code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F04.obj52-j",{"title":3642,"path":3643,"stem":3644},"OBJ53-J. Do not use direct buffers for short-lived, infrequently used objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F05.obj53-j",{"title":3646,"path":3647,"stem":3648},"OBJ54-J. Do not attempt to help the garbage collector by setting local reference variables to null","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F06.obj54-j",{"title":3650,"path":3651,"stem":3652},"OBJ55-J. Remove short-lived objects from long-lived container objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F07.obj55-j",{"title":3654,"path":3655,"stem":3656},"OBJ56-J. Provide sensitive mutable classes with unmodifiable wrappers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F08.obj56-j",{"title":3658,"path":3659,"stem":3660},"OBJ57-J. Do not rely on methods that can be overridden by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F09.obj57-j",{"title":3662,"path":3663,"stem":3664},"OBJ58-J. Limit the extensibility of classes and methods with invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F10.obj58-j",{"title":3063,"path":3666,"stem":3667,"children":3668},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F01.index",[3669,3670,3674,3678,3682,3686,3690,3694,3698,3702],{"title":3063,"path":3666,"stem":3667},{"title":3671,"path":3672,"stem":3673},"SEC50-J. Avoid granting excess privileges","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F02.sec50-j",{"title":3675,"path":3676,"stem":3677},"SEC51-J. Minimize privileged code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F03.sec51-j",{"title":3679,"path":3680,"stem":3681},"SEC52-J. Do not expose methods that use reduced-security checks to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F04.sec52-j",{"title":3683,"path":3684,"stem":3685},"SEC53-J. Define custom security permissions for fine-grained security","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F05.sec53-j",{"title":3687,"path":3688,"stem":3689},"SEC54-J. Create a secure sandbox using a security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F06.sec54-j",{"title":3691,"path":3692,"stem":3693},"SEC55-J. Ensure that security-sensitive methods are called with validated arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F07.sec55-j",{"title":3695,"path":3696,"stem":3697},"SEC56-J. Do not serialize direct handles to system resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F08.sec56-j",{"title":3699,"path":3700,"stem":3701},"SEC57-J. Do not let untrusted code misuse privileges of callback methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F09.sec57-j",{"title":3703,"path":3704,"stem":3705},"SEC58-J. Deserialization methods should not perform potentially dangerous operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F10.sec58-j",{"title":3707,"path":3708,"stem":3709,"children":3710},"Back Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F1.index",[3711,3712,3715,3719,3723,3727,3850,3876],{"title":3707,"path":3708,"stem":3709},{"title":3713,"path":2246,"stem":3714},"Rec. AA. References","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F2.rec-aa-references",{"title":3716,"path":3717,"stem":3718},"Rec. BB. Definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-bb-definitions","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F3.rec-bb-definitions",{"title":3720,"path":3721,"stem":3722},"Rule AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F4.rule-aa-references",{"title":3724,"path":3725,"stem":3726},"Rule BB. Glossary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-bb-glossary","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F5.rule-bb-glossary",{"title":3728,"path":3729,"stem":3730,"children":3731},"Rule or Rec. CC. Analyzers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F01.index",[3732,3733,3737,3741,3745,3749,3753,3757,3761,3765,3769,3773,3777,3781,3785,3789,3792,3796,3800,3804,3808,3812,3814,3818,3822,3826,3830,3834,3838,3842,3846],{"title":3728,"path":3729,"stem":3730},{"title":3734,"path":3735,"stem":3736},"CodeSonar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F02.codesonar",{"title":3738,"path":3739,"stem":3740},"CodeSonar_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F03.codesonar_v",{"title":3742,"path":3743,"stem":3744},"Coverity","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F04.coverity",{"title":3746,"path":3747,"stem":3748},"Coverity_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F05.coverity_v",{"title":3750,"path":3751,"stem":3752},"Eclipse","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F06.eclipse",{"title":3754,"path":3755,"stem":3756},"Eclipse_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F07.eclipse_v",{"title":3758,"path":3759,"stem":3760},"Error Prone","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F08.error-prone",{"title":3762,"path":3763,"stem":3764},"Error Prone_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F09.error-prone_v",{"title":3766,"path":3767,"stem":3768},"Findbugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F10.findbugs",{"title":3770,"path":3771,"stem":3772},"Findbugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F11.findbugs_v",{"title":3774,"path":3775,"stem":3776},"Fortify","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F12.fortify",{"title":3778,"path":3779,"stem":3780},"Fortify_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F13.fortify_v",{"title":3782,"path":3783,"stem":3784},"Klocwork","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F14.klocwork",{"title":3786,"path":3787,"stem":3788},"Klocwork_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F15.klocwork_v",{"title":3790,"path":2060,"stem":3791},"Parasoft","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F16.parasoft",{"title":3793,"path":3794,"stem":3795},"Parasoft_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F17.parasoft_v",{"title":3797,"path":3798,"stem":3799},"Pmd","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F18.pmd",{"title":3801,"path":3802,"stem":3803},"Pmd_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F19.pmd_v",{"title":3805,"path":3806,"stem":3807},"PVS-Studio","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F20.pvs-studio",{"title":3809,"path":3810,"stem":3811},"PVS-Studio_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F21.pvs-studio_v",{"title":2132,"path":2131,"stem":3813},"6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F22.security-reviewer-static-reviewer",{"title":3815,"path":3816,"stem":3817},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F23.security-reviewer-static-reviewer_v",{"title":3819,"path":3820,"stem":3821},"SonarQube","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F24.sonarqube",{"title":3823,"path":3824,"stem":3825},"SonarQube_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F25.sonarqube_v",{"title":3827,"path":3828,"stem":3829},"SpotBugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F26.spotbugs",{"title":3831,"path":3832,"stem":3833},"SpotBugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F27.spotbugs_v",{"title":3835,"path":3836,"stem":3837},"The Checker Framework","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F28.the-checker-framework",{"title":3839,"path":3840,"stem":3841},"The Checker Framework_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F29.the-checker-framework_v",{"title":3843,"path":3844,"stem":3845},"ThreadSafe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F30.threadsafe",{"title":3847,"path":3848,"stem":3849},"ThreadSafe_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F31.threadsafe_v",{"title":3851,"path":3852,"stem":3853,"children":3854},"Rule or Rec. DD. Related Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F1.index",[3855,3856,3860,3864,3868,3872],{"title":3851,"path":3852,"stem":3853},{"title":3857,"path":3858,"stem":3859},"2010","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F2.2010","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F2.2010",{"title":3861,"path":3862,"stem":3863},"2013","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F3.2013","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F3.2013",{"title":3865,"path":3866,"stem":3867},"MITRE CAPEC","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-capec","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F4.mitre-capec",{"title":3869,"path":3870,"stem":3871},"MITRE CWE","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-cwe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F5.mitre-cwe",{"title":3873,"path":3874,"stem":3875},"SECURE CODING GUIDELINES FOR JAVA SE, VERSION 5.0","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fsecure-coding-guidelines-for-java-se-version-50","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F6.secure-coding-guidelines-for-java-se-version-50",{"title":3877,"path":3878,"stem":3879},"Rule or Rec. EE. Risk Assessments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-ee-risk-assessments","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F8.rule-or-rec-ee-risk-assessments",{"title":3881,"path":3882,"stem":3883,"children":3884},"Admin","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F1.index",[3885,3886,3890,3894,3898,3902],{"title":3881,"path":3882,"stem":3883},{"title":3887,"path":3888,"stem":3889},"All Guidelines with Classification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fall-guidelines-with-classification","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F2.all-guidelines-with-classification",{"title":3891,"path":3892,"stem":3893},"Normative Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fnormative-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F3.normative-guidelines",{"title":3895,"path":3896,"stem":3897},"Tech-edit","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftech-edit","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F4.tech-edit",{"title":3899,"path":3900,"stem":3901},"TODO List","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftodo-list","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F5.todo-list",{"title":3899,"path":3900,"stem":3903},"6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F6.todo-list",1775657811023]