[{"data":1,"prerenderedAt":4122},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj57-j":28,"surround-\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj57-j":2540,"sidebar-sei-cert-oracle-coding-standard-for-java":2547},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":2523,"extension":2524,"meta":2525,"navigation":7,"path":2536,"seo":2537,"stem":2538,"__hash__":2539},"content\u002F6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F09.obj57-j.md","OBJ57-J. Do not rely on methods that can be overridden by untrusted code",{"type":32,"value":33,"toc":2509},"minimark",[34,38,55,58,77,86,101,657,677,688,814,817,979,992,999,1009,1071,1082,1120,1123,1254,1261,1267,1292,1296,1307,1702,1715,1817,1820,1916,1927,1942,1947,1951,1978,1984,1999,2225,2228,2262,2278,2282,2291,2363,2366,2429,2433,2481,2484,2505],[35,36,30],"h1",{"id":37},"obj57-j-do-not-rely-on-methods-that-can-be-overridden-by-untrusted-code",[39,40,41,42,46,47,50,51,54],"p",{},"Untrusted code can misuse APIs provided by trusted code to override methods such as ",[43,44,45],"code",{},"Object.equals()"," , ",[43,48,49],{},"Object.hashCode()"," , and ",[43,52,53],{},"Thread.run()"," . These methods are valuable targets because they are commonly used behind the scenes and may interact with components in a way that is not easily discernible.",[39,56,57],{},"By providing overridden implementations, an attacker can use untrusted code to glean sensitive information, run arbitrary code, or launch a denial of service attack.",[39,59,60,61,66,67],{},"See ",[62,63,65],"a",{"href":64},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet52-j","MET52-J. Do not use the clone() method to copy untrusted method parameters"," ",[62,68,72,73,76],{"href":69,"rel":70},"https:\u002F\u002Fwww.securecoding.cert.org\u002Fconfluence\u002Fdisplay\u002Fjg\u002FMET52-JG.+Do+not+use+the+clone+method+to+copy+untrusted+method+parameters",[71],"nofollow","for more specific details regarding overriding the ",[43,74,75],{},"Object.clone()"," method.",[78,79,81,82,85],"h2",{"id":80},"noncompliant-code-example-hashcode","Noncompliant Code Example ( ",[43,83,84],{},"hashCode"," )",[39,87,88,89,92,93,96,97,100],{},"This noncompliant code example shows a ",[43,90,91],{},"LicenseManager"," class that maintains a ",[43,94,95],{},"licenseMap"," . The map stores a ",[43,98,99],{},"LicenseType"," and license value pair.",[102,103,105],"code-block",{"quality":104},"bad",[106,107,112],"pre",{"className":108,"code":109,"language":110,"meta":111,"style":111},"language-java shiki shiki-themes github-light github-dark monokai","public class LicenseManager {\n Map\u003CLicenseType, String> licenseMap = new HashMap\u003CLicenseType, String>();\n \n public LicenseManager() {\n LicenseType type = new LicenseType();\n type.setType(\"demo-license-key\");\n licenseMap.put(type, \"ABC-DEF-PQR-XYZ\");\n }\n public Object getLicenseKey(LicenseType licenseType) {\n return licenseMap.get(licenseType);\n }\n public void setLicenseKey(LicenseType licenseType, String licenseKey) {\n licenseMap.put(licenseType, licenseKey);\n }\n}\n\nclass LicenseType {\n private String type;\n public String getType() {\n return type;\n }\n public void setType(String type) {\n this.type = type;\n }\n @Override\n public int hashCode() {\n int res = 17;\n res = res * 31 + type == null ? 0 : type.hashCode();\n return res;\n }\n @Override\n public boolean equals(Object arg) {\n if (arg == null || !(arg instanceof LicenseType)) {\n return false;\n }\n if (type.equals(((LicenseType) arg).getType())) {\n return true;\n }\n return false;\n }\n}\n","java","",[43,113,114,134,176,182,194,213,232,249,255,277,292,297,323,333,338,344,350,360,372,384,391,396,415,429,434,443,456,474,517,525,530,537,558,586,597,603,623,633,638,647,652],{"__ignoreMap":111},[115,116,119,123,126,130],"span",{"class":117,"line":118},"line",1,[115,120,122],{"class":121},"sC2Qs","public",[115,124,125],{"class":121}," class",[115,127,129],{"class":128},"sz2Vg"," LicenseManager",[115,131,133],{"class":132},"sMOD_"," {\n",[115,135,137,141,144,147,150,153,156,159,162,165,167,169,171,173],{"class":117,"line":136},2,[115,138,140],{"class":139},"sk8M1"," Map",[115,142,143],{"class":132},"\u003C",[115,145,99],{"class":146},"sq6CD",[115,148,149],{"class":132},", ",[115,151,152],{"class":146},"String",[115,154,155],{"class":132},"> licenseMap ",[115,157,158],{"class":121},"=",[115,160,161],{"class":121}," new",[115,163,164],{"class":139}," HashMap",[115,166,143],{"class":132},[115,168,99],{"class":146},[115,170,149],{"class":132},[115,172,152],{"class":146},[115,174,175],{"class":132},">();\n",[115,177,179],{"class":117,"line":178},3,[115,180,181],{"class":132}," \n",[115,183,185,188,191],{"class":117,"line":184},4,[115,186,187],{"class":121}," public",[115,189,129],{"class":190},"srTi1",[115,192,193],{"class":132},"() {\n",[115,195,197,200,203,205,207,210],{"class":117,"line":196},5,[115,198,199],{"class":139}," LicenseType",[115,201,202],{"class":132}," type ",[115,204,158],{"class":121},[115,206,161],{"class":121},[115,208,209],{"class":190}," LicenseType",[115,211,212],{"class":132},"();\n",[115,214,216,219,222,225,229],{"class":117,"line":215},6,[115,217,218],{"class":132}," type.",[115,220,221],{"class":190},"setType",[115,223,224],{"class":132},"(",[115,226,228],{"class":227},"sstjo","\"demo-license-key\"",[115,230,231],{"class":132},");\n",[115,233,235,238,241,244,247],{"class":117,"line":234},7,[115,236,237],{"class":132}," licenseMap.",[115,239,240],{"class":190},"put",[115,242,243],{"class":132},"(type, ",[115,245,246],{"class":227},"\"ABC-DEF-PQR-XYZ\"",[115,248,231],{"class":132},[115,250,252],{"class":117,"line":251},8,[115,253,254],{"class":132}," }\n",[115,256,258,260,263,266,268,270,274],{"class":117,"line":257},9,[115,259,187],{"class":121},[115,261,262],{"class":139}," Object",[115,264,265],{"class":190}," getLicenseKey",[115,267,224],{"class":132},[115,269,99],{"class":139},[115,271,273],{"class":272},"sTHNf"," licenseType",[115,275,276],{"class":132},") {\n",[115,278,280,283,286,289],{"class":117,"line":279},10,[115,281,282],{"class":121}," return",[115,284,285],{"class":132}," licenseMap.",[115,287,288],{"class":190},"get",[115,290,291],{"class":132},"(licenseType);\n",[115,293,295],{"class":117,"line":294},11,[115,296,254],{"class":132},[115,298,300,302,305,308,310,312,314,316,318,321],{"class":117,"line":299},12,[115,301,187],{"class":121},[115,303,304],{"class":146}," void",[115,306,307],{"class":190}," setLicenseKey",[115,309,224],{"class":132},[115,311,99],{"class":139},[115,313,273],{"class":272},[115,315,149],{"class":132},[115,317,152],{"class":139},[115,319,320],{"class":272}," licenseKey",[115,322,276],{"class":132},[115,324,326,328,330],{"class":117,"line":325},13,[115,327,237],{"class":132},[115,329,240],{"class":190},[115,331,332],{"class":132},"(licenseType, licenseKey);\n",[115,334,336],{"class":117,"line":335},14,[115,337,254],{"class":132},[115,339,341],{"class":117,"line":340},15,[115,342,343],{"class":132},"}\n",[115,345,347],{"class":117,"line":346},16,[115,348,349],{"emptyLinePlaceholder":7},"\n",[115,351,353,356,358],{"class":117,"line":352},17,[115,354,355],{"class":121},"class",[115,357,209],{"class":128},[115,359,133],{"class":132},[115,361,363,366,369],{"class":117,"line":362},18,[115,364,365],{"class":121}," private",[115,367,368],{"class":139}," String",[115,370,371],{"class":132}," type;\n",[115,373,375,377,379,382],{"class":117,"line":374},19,[115,376,187],{"class":121},[115,378,368],{"class":139},[115,380,381],{"class":190}," getType",[115,383,193],{"class":132},[115,385,387,389],{"class":117,"line":386},20,[115,388,282],{"class":121},[115,390,371],{"class":132},[115,392,394],{"class":117,"line":393},21,[115,395,254],{"class":132},[115,397,399,401,403,406,408,410,413],{"class":117,"line":398},22,[115,400,187],{"class":121},[115,402,304],{"class":146},[115,404,405],{"class":190}," setType",[115,407,224],{"class":132},[115,409,152],{"class":139},[115,411,412],{"class":272}," type",[115,414,276],{"class":132},[115,416,418,422,425,427],{"class":117,"line":417},23,[115,419,421],{"class":420},"sP7S_"," this",[115,423,424],{"class":132},".type ",[115,426,158],{"class":121},[115,428,371],{"class":132},[115,430,432],{"class":117,"line":431},24,[115,433,254],{"class":132},[115,435,437,440],{"class":117,"line":436},25,[115,438,439],{"class":132}," @",[115,441,442],{"class":146},"Override\n",[115,444,446,448,451,454],{"class":117,"line":445},26,[115,447,187],{"class":121},[115,449,450],{"class":146}," int",[115,452,453],{"class":190}," hashCode",[115,455,193],{"class":132},[115,457,459,462,465,467,471],{"class":117,"line":458},27,[115,460,461],{"class":146}," int",[115,463,464],{"class":132}," res ",[115,466,158],{"class":121},[115,468,470],{"class":469},"s7F3e"," 17",[115,472,473],{"class":132},";\n",[115,475,477,480,482,484,487,490,493,495,498,501,504,507,510,513,515],{"class":117,"line":476},28,[115,478,479],{"class":132}," res ",[115,481,158],{"class":121},[115,483,464],{"class":132},[115,485,486],{"class":121},"*",[115,488,489],{"class":469}," 31",[115,491,492],{"class":121}," +",[115,494,202],{"class":132},[115,496,497],{"class":121},"==",[115,499,500],{"class":469}," null",[115,502,503],{"class":121}," ?",[115,505,506],{"class":469}," 0",[115,508,509],{"class":121}," :",[115,511,512],{"class":132}," type.",[115,514,84],{"class":190},[115,516,212],{"class":132},[115,518,520,522],{"class":117,"line":519},29,[115,521,282],{"class":121},[115,523,524],{"class":132}," res;\n",[115,526,528],{"class":117,"line":527},30,[115,529,254],{"class":132},[115,531,533,535],{"class":117,"line":532},31,[115,534,439],{"class":132},[115,536,442],{"class":146},[115,538,540,542,545,548,550,553,556],{"class":117,"line":539},32,[115,541,187],{"class":121},[115,543,544],{"class":146}," boolean",[115,546,547],{"class":190}," equals",[115,549,224],{"class":132},[115,551,552],{"class":139},"Object",[115,554,555],{"class":272}," arg",[115,557,276],{"class":132},[115,559,561,564,567,569,571,574,577,580,583],{"class":117,"line":560},33,[115,562,563],{"class":121}," if",[115,565,566],{"class":132}," (arg ",[115,568,497],{"class":121},[115,570,500],{"class":469},[115,572,573],{"class":121}," ||",[115,575,576],{"class":121}," !",[115,578,579],{"class":132},"(arg ",[115,581,582],{"class":121},"instanceof",[115,584,585],{"class":132}," LicenseType)) {\n",[115,587,589,592,595],{"class":117,"line":588},34,[115,590,591],{"class":121}," return",[115,593,594],{"class":469}," false",[115,596,473],{"class":132},[115,598,600],{"class":117,"line":599},35,[115,601,602],{"class":132}," }\n",[115,604,606,608,611,614,617,620],{"class":117,"line":605},36,[115,607,563],{"class":121},[115,609,610],{"class":132}," (type.",[115,612,613],{"class":190},"equals",[115,615,616],{"class":132},"(((LicenseType) arg).",[115,618,619],{"class":190},"getType",[115,621,622],{"class":132},"())) {\n",[115,624,626,628,631],{"class":117,"line":625},37,[115,627,591],{"class":121},[115,629,630],{"class":469}," true",[115,632,473],{"class":132},[115,634,636],{"class":117,"line":635},38,[115,637,602],{"class":132},[115,639,641,643,645],{"class":117,"line":640},39,[115,642,282],{"class":121},[115,644,594],{"class":469},[115,646,473],{"class":132},[115,648,650],{"class":117,"line":649},40,[115,651,254],{"class":132},[115,653,655],{"class":117,"line":654},41,[115,656,343],{"class":132},[39,658,659,660,662,663,665,666,668,669,672,673,676],{},"The constructor for ",[43,661,91],{}," initializes ",[43,664,95],{}," with a demo license key that must remain secret. The license key is hard-coded for illustrative purposes; it should ideally be read from an external configuration file that stores an encrypted version of the key. The ",[43,667,99],{}," class provides overridden implementations of ",[43,670,671],{},"equals()"," and ",[43,674,675],{},"hashCode()"," methods.",[39,678,679,680,682,683,672,685,687],{},"This implementation is vulnerable to an attacker who extends the ",[43,681,99],{}," class and overrides the ",[43,684,671],{},[43,686,675],{}," methods:",[106,689,691],{"className":108,"code":690,"language":110,"meta":111,"style":111},"public class CraftedLicenseType extends LicenseType {\n private static int guessedHashCode = 0;\n @Override\n public int hashCode() {\n \u002F\u002F Returns a new hashCode to test every time get() is called\n guessedHashCode++;\n return guessedHashCode;\n }\n @Override\n public boolean equals(Object arg) {\n \u002F\u002F Always returns true\n return true;\n }\n}\n",[43,692,693,710,728,734,744,750,760,767,771,777,793,798,806,810],{"__ignoreMap":111},[115,694,695,697,699,702,705,708],{"class":117,"line":118},[115,696,122],{"class":121},[115,698,125],{"class":121},[115,700,701],{"class":128}," CraftedLicenseType",[115,703,704],{"class":121}," extends",[115,706,209],{"class":707},"s30JN",[115,709,133],{"class":132},[115,711,712,714,717,719,722,724,726],{"class":117,"line":136},[115,713,365],{"class":121},[115,715,716],{"class":121}," static",[115,718,450],{"class":146},[115,720,721],{"class":132}," guessedHashCode ",[115,723,158],{"class":121},[115,725,506],{"class":469},[115,727,473],{"class":132},[115,729,730,732],{"class":117,"line":178},[115,731,439],{"class":132},[115,733,442],{"class":146},[115,735,736,738,740,742],{"class":117,"line":184},[115,737,187],{"class":121},[115,739,450],{"class":146},[115,741,453],{"class":190},[115,743,193],{"class":132},[115,745,746],{"class":117,"line":196},[115,747,749],{"class":748},"s8-w5"," \u002F\u002F Returns a new hashCode to test every time get() is called\n",[115,751,752,755,758],{"class":117,"line":215},[115,753,754],{"class":132}," guessedHashCode",[115,756,757],{"class":121},"++",[115,759,473],{"class":132},[115,761,762,764],{"class":117,"line":234},[115,763,282],{"class":121},[115,765,766],{"class":132}," guessedHashCode;\n",[115,768,769],{"class":117,"line":251},[115,770,254],{"class":132},[115,772,773,775],{"class":117,"line":257},[115,774,439],{"class":132},[115,776,442],{"class":146},[115,778,779,781,783,785,787,789,791],{"class":117,"line":279},[115,780,187],{"class":121},[115,782,544],{"class":146},[115,784,547],{"class":190},[115,786,224],{"class":132},[115,788,552],{"class":139},[115,790,555],{"class":272},[115,792,276],{"class":132},[115,794,795],{"class":117,"line":294},[115,796,797],{"class":748}," \u002F\u002F Always returns true\n",[115,799,800,802,804],{"class":117,"line":299},[115,801,282],{"class":121},[115,803,630],{"class":469},[115,805,473],{"class":132},[115,807,808],{"class":117,"line":325},[115,809,254],{"class":132},[115,811,812],{"class":117,"line":335},[115,813,343],{"class":132},[39,815,816],{},"The following is the malicious client program:",[106,818,820],{"className":108,"code":819,"language":110,"meta":111,"style":111},"public class DemoClient {\n public static void main(String[] args) {\n LicenseManager licenseManager = new LicenseManager();\n for (int i = 0; i \u003C= Integer.MAX_VALUE; i++) {\n Object guessed = licenseManager.getLicenseKey(new CraftedLicenseType());\n if (guessed != null) {\n \u002F\u002F prints ABC-DEF-PQR-XYZ\n System.out.println(guessed);\n }\n }\n }\n}\n",[43,821,822,833,857,873,904,930,945,950,961,966,970,975],{"__ignoreMap":111},[115,823,824,826,828,831],{"class":117,"line":118},[115,825,122],{"class":121},[115,827,125],{"class":121},[115,829,830],{"class":128}," DemoClient",[115,832,133],{"class":132},[115,834,835,838,840,842,845,847,849,852,855],{"class":117,"line":136},[115,836,837],{"class":121}," public",[115,839,716],{"class":121},[115,841,304],{"class":146},[115,843,844],{"class":190}," main",[115,846,224],{"class":132},[115,848,152],{"class":146},[115,850,851],{"class":132},"[] ",[115,853,854],{"class":272},"args",[115,856,276],{"class":132},[115,858,859,862,865,867,869,871],{"class":117,"line":178},[115,860,861],{"class":139}," LicenseManager",[115,863,864],{"class":132}," licenseManager ",[115,866,158],{"class":121},[115,868,161],{"class":121},[115,870,129],{"class":190},[115,872,212],{"class":132},[115,874,875,878,881,884,887,889,891,894,897,900,902],{"class":117,"line":184},[115,876,877],{"class":121}," for",[115,879,880],{"class":132}," (",[115,882,883],{"class":146},"int",[115,885,886],{"class":132}," i ",[115,888,158],{"class":121},[115,890,506],{"class":469},[115,892,893],{"class":132},"; i ",[115,895,896],{"class":121},"\u003C=",[115,898,899],{"class":132}," Integer.MAX_VALUE; i",[115,901,757],{"class":121},[115,903,276],{"class":132},[115,905,906,909,912,914,917,920,922,925,927],{"class":117,"line":196},[115,907,908],{"class":139}," Object",[115,910,911],{"class":132}," guessed ",[115,913,158],{"class":121},[115,915,916],{"class":132}," licenseManager.",[115,918,919],{"class":190},"getLicenseKey",[115,921,224],{"class":132},[115,923,924],{"class":121},"new",[115,926,701],{"class":190},[115,928,929],{"class":132},"());\n",[115,931,932,935,938,941,943],{"class":117,"line":215},[115,933,934],{"class":121}," if",[115,936,937],{"class":132}," (guessed ",[115,939,940],{"class":121},"!=",[115,942,500],{"class":469},[115,944,276],{"class":132},[115,946,947],{"class":117,"line":234},[115,948,949],{"class":748}," \u002F\u002F prints ABC-DEF-PQR-XYZ\n",[115,951,952,955,958],{"class":117,"line":251},[115,953,954],{"class":132}," System.out.",[115,956,957],{"class":190},"println",[115,959,960],{"class":132},"(guessed);\n",[115,962,963],{"class":117,"line":257},[115,964,965],{"class":132}," }\n",[115,967,968],{"class":117,"line":279},[115,969,254],{"class":132},[115,971,972],{"class":117,"line":294},[115,973,974],{"class":132}," }\n",[115,976,977],{"class":117,"line":299},[115,978,343],{"class":132},[39,980,981,982,985,986,988,989,991],{},"The client program runs through the sequence of all possible hash codes using ",[43,983,984],{},"CraftedLicenseType"," until it successfully matches the hash code of the demo license key object stored in the ",[43,987,91],{}," class. Consequently, the attacker can discover the sensitive data present within the ",[43,990,95],{}," in only a few minutes. The attack operates by discovering at least one hash collision with respect to the key of the map.",[78,993,995,996,85],{"id":994},"compliant-solution-identityhashmap","Compliant Solution ( ",[43,997,998],{},"IdentityHashMap",[39,1000,1001,1002,1004,1005,1008],{},"This compliant solution uses an ",[43,1003,998],{}," rather than a ",[43,1006,1007],{},"HashMap"," to store the license information:",[102,1010,1012],{"quality":1011},"good",[106,1013,1015],{"className":108,"code":1014,"language":110,"meta":111,"style":111},"public class LicenseManager {\n Map\u003CLicenseType, String> licenseMap = new IdentityHashMap\u003CLicenseType, String>();\n\n \u002F\u002F ...\n}\n",[43,1016,1017,1027,1058,1062,1067],{"__ignoreMap":111},[115,1018,1019,1021,1023,1025],{"class":117,"line":118},[115,1020,122],{"class":121},[115,1022,125],{"class":121},[115,1024,129],{"class":128},[115,1026,133],{"class":132},[115,1028,1029,1031,1033,1035,1037,1039,1041,1043,1045,1048,1050,1052,1054,1056],{"class":117,"line":136},[115,1030,140],{"class":139},[115,1032,143],{"class":132},[115,1034,99],{"class":146},[115,1036,149],{"class":132},[115,1038,152],{"class":146},[115,1040,155],{"class":132},[115,1042,158],{"class":121},[115,1044,161],{"class":121},[115,1046,1047],{"class":139}," IdentityHashMap",[115,1049,143],{"class":132},[115,1051,99],{"class":146},[115,1053,149],{"class":132},[115,1055,152],{"class":146},[115,1057,175],{"class":132},[115,1059,1060],{"class":117,"line":178},[115,1061,349],{"emptyLinePlaceholder":7},[115,1063,1064],{"class":117,"line":184},[115,1065,1066],{"class":748}," \u002F\u002F ...\n",[115,1068,1069],{"class":117,"line":196},[115,1070,343],{"class":132},[39,1072,1073,1074,1076,1077,1081],{},"According to the Java API class ",[43,1075,998],{}," documentation [ ",[62,1078,1080],{"href":1079},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references#Rec.AA.References-API200","API 2006"," ],",[1083,1084,1085],"blockquote",{},[39,1086,1087,1088,1091,1092,1094,1095,672,1098,1101,1102,1105,1106,1108,1109,1111,1112,672,1114,1101,1116,1119],{},"This class implements the ",[43,1089,1090],{},"Map"," interface with a hash table, using reference-equality in place of object-equality when comparing keys (and values). In other words, in an ",[43,1093,998],{}," , two keys ",[43,1096,1097],{},"k1",[43,1099,1100],{},"k2"," are considered equal if and only if ",[43,1103,1104],{},"(k1==k2)"," . (In normal ",[43,1107,1090],{}," implementations (like ",[43,1110,1007],{}," ) two keys ",[43,1113,1097],{},[43,1115,1100],{},[43,1117,1118],{}," (k1==null ? k2==null : k1.equals(k2)) "," .)",[39,1121,1122],{},"Consequently, the overridden methods cannot expose internal class details. The client program can continue to add license keys and can even retrieve the added key-value pairs, as demonstrated by the following client code.",[106,1124,1126],{"className":108,"code":1125,"language":110,"meta":111,"style":111},"public class DemoClient {\n public static void main(String[] args) {\n LicenseManager licenseManager = new LicenseManager();\n LicenseType type = new LicenseType();\n type.setType(\"custom-license-key\");\n licenseManager.setLicenseKey(type, \"CUS-TOM-LIC-KEY\");\n Object licenseKeyValue = licenseManager.getLicenseKey(type);\n \u002F\u002F Prints CUS-TOM-LIC-KEY\n System.out.println(licenseKeyValue);\n }\n}\n",[43,1127,1128,1138,1158,1173,1187,1200,1215,1232,1237,1246,1250],{"__ignoreMap":111},[115,1129,1130,1132,1134,1136],{"class":117,"line":118},[115,1131,122],{"class":121},[115,1133,125],{"class":121},[115,1135,830],{"class":128},[115,1137,133],{"class":132},[115,1139,1140,1142,1144,1146,1148,1150,1152,1154,1156],{"class":117,"line":136},[115,1141,187],{"class":121},[115,1143,716],{"class":121},[115,1145,304],{"class":146},[115,1147,844],{"class":190},[115,1149,224],{"class":132},[115,1151,152],{"class":146},[115,1153,851],{"class":132},[115,1155,854],{"class":272},[115,1157,276],{"class":132},[115,1159,1160,1163,1165,1167,1169,1171],{"class":117,"line":178},[115,1161,1162],{"class":139}," LicenseManager",[115,1164,864],{"class":132},[115,1166,158],{"class":121},[115,1168,161],{"class":121},[115,1170,129],{"class":190},[115,1172,212],{"class":132},[115,1174,1175,1177,1179,1181,1183,1185],{"class":117,"line":184},[115,1176,199],{"class":139},[115,1178,202],{"class":132},[115,1180,158],{"class":121},[115,1182,161],{"class":121},[115,1184,209],{"class":190},[115,1186,212],{"class":132},[115,1188,1189,1191,1193,1195,1198],{"class":117,"line":196},[115,1190,218],{"class":132},[115,1192,221],{"class":190},[115,1194,224],{"class":132},[115,1196,1197],{"class":227},"\"custom-license-key\"",[115,1199,231],{"class":132},[115,1201,1202,1205,1208,1210,1213],{"class":117,"line":215},[115,1203,1204],{"class":132}," licenseManager.",[115,1206,1207],{"class":190},"setLicenseKey",[115,1209,243],{"class":132},[115,1211,1212],{"class":227},"\"CUS-TOM-LIC-KEY\"",[115,1214,231],{"class":132},[115,1216,1217,1220,1223,1225,1227,1229],{"class":117,"line":234},[115,1218,1219],{"class":139}," Object",[115,1221,1222],{"class":132}," licenseKeyValue ",[115,1224,158],{"class":121},[115,1226,916],{"class":132},[115,1228,919],{"class":190},[115,1230,1231],{"class":132},"(type);\n",[115,1233,1234],{"class":117,"line":251},[115,1235,1236],{"class":748}," \u002F\u002F Prints CUS-TOM-LIC-KEY\n",[115,1238,1239,1241,1243],{"class":117,"line":257},[115,1240,954],{"class":132},[115,1242,957],{"class":190},[115,1244,1245],{"class":132},"(licenseKeyValue);\n",[115,1247,1248],{"class":117,"line":279},[115,1249,254],{"class":132},[115,1251,1252],{"class":117,"line":294},[115,1253,343],{"class":132},[78,1255,995,1257,1260],{"id":1256},"compliant-solution-final-class",[43,1258,1259],{},"final"," Class)",[39,1262,1263,1264,1266],{},"This compliant solution declares the ",[43,1265,99],{}," class final so that its methods cannot be overridden:",[102,1268,1269],{"quality":1011},[106,1270,1272],{"className":108,"code":1271,"language":110,"meta":111,"style":111},"final class LicenseType {\n \u002F\u002F ...\n} \n",[43,1273,1274,1284,1288],{"__ignoreMap":111},[115,1275,1276,1278,1280,1282],{"class":117,"line":118},[115,1277,1259],{"class":121},[115,1279,125],{"class":121},[115,1281,209],{"class":128},[115,1283,133],{"class":132},[115,1285,1286],{"class":117,"line":136},[115,1287,1066],{"class":748},[115,1289,1290],{"class":117,"line":178},[115,1291,343],{"class":132},[78,1293,1295],{"id":1294},"noncompliant-code-example","Noncompliant Code Example",[39,1297,1298,1299,1302,1303,1306],{},"This noncompliant code example consists of a ",[43,1300,1301],{},"Widget"," class and a ",[43,1304,1305],{},"LayoutManager"," class containing a set of widgets:",[102,1308,1309],{"quality":104},[106,1310,1312],{"className":108,"code":1311,"language":110,"meta":111,"style":111},"public class Widget {\n private int noOfComponents;\n \n public Widget(int noOfComponents) {\n this.noOfComponents = noOfComponents;\n }\n public int getNoOfComponents() {\n return noOfComponents;\n }\n public final void setNoOfComponents(int noOfComponents) {\n this.noOfComponents = noOfComponents;\n }\n public boolean equals(Object o) {\n if (o == null || !(o instanceof Widget)) {\n return false;\n }\n Widget widget = (Widget) o;\n return this.noOfComponents == widget.getNoOfComponents();\n }\n @Override\n public int hashCode() {\n int res = 31;\n res = res * 17 + noOfComponents;\n return res;\n }\n} \npublic class LayoutManager {\n private Set\u003CWidget> layouts = new HashSet\u003CWidget>();\n public void addWidget(Widget widget) {\n if (!layouts.contains(widget)) {\n layouts.add(widget);\n }\n }\n public int getLayoutSize() {\n return layouts.size();\n }\n}\n",[43,1313,1314,1325,1335,1339,1354,1366,1370,1381,1388,1392,1412,1422,1426,1443,1467,1476,1480,1493,1512,1516,1523,1533,1546,1563,1569,1573,1578,1589,1616,1634,1652,1663,1667,1671,1682,1694,1698],{"__ignoreMap":111},[115,1315,1316,1318,1320,1323],{"class":117,"line":118},[115,1317,122],{"class":121},[115,1319,125],{"class":121},[115,1321,1322],{"class":128}," Widget",[115,1324,133],{"class":132},[115,1326,1327,1330,1332],{"class":117,"line":136},[115,1328,1329],{"class":121}," private",[115,1331,450],{"class":146},[115,1333,1334],{"class":132}," noOfComponents;\n",[115,1336,1337],{"class":117,"line":178},[115,1338,181],{"class":132},[115,1340,1341,1343,1345,1347,1349,1352],{"class":117,"line":184},[115,1342,837],{"class":121},[115,1344,1322],{"class":190},[115,1346,224],{"class":132},[115,1348,883],{"class":146},[115,1350,1351],{"class":272}," noOfComponents",[115,1353,276],{"class":132},[115,1355,1356,1359,1362,1364],{"class":117,"line":196},[115,1357,1358],{"class":420}," this",[115,1360,1361],{"class":132},".noOfComponents ",[115,1363,158],{"class":121},[115,1365,1334],{"class":132},[115,1367,1368],{"class":117,"line":215},[115,1369,974],{"class":132},[115,1371,1372,1374,1376,1379],{"class":117,"line":234},[115,1373,837],{"class":121},[115,1375,450],{"class":146},[115,1377,1378],{"class":190}," getNoOfComponents",[115,1380,193],{"class":132},[115,1382,1383,1386],{"class":117,"line":251},[115,1384,1385],{"class":121}," return",[115,1387,1334],{"class":132},[115,1389,1390],{"class":117,"line":257},[115,1391,974],{"class":132},[115,1393,1394,1396,1399,1401,1404,1406,1408,1410],{"class":117,"line":279},[115,1395,837],{"class":121},[115,1397,1398],{"class":121}," final",[115,1400,304],{"class":146},[115,1402,1403],{"class":190}," setNoOfComponents",[115,1405,224],{"class":132},[115,1407,883],{"class":146},[115,1409,1351],{"class":272},[115,1411,276],{"class":132},[115,1413,1414,1416,1418,1420],{"class":117,"line":294},[115,1415,1358],{"class":420},[115,1417,1361],{"class":132},[115,1419,158],{"class":121},[115,1421,1334],{"class":132},[115,1423,1424],{"class":117,"line":299},[115,1425,974],{"class":132},[115,1427,1428,1430,1432,1434,1436,1438,1441],{"class":117,"line":325},[115,1429,837],{"class":121},[115,1431,544],{"class":146},[115,1433,547],{"class":190},[115,1435,224],{"class":132},[115,1437,552],{"class":139},[115,1439,1440],{"class":272}," o",[115,1442,276],{"class":132},[115,1444,1445,1448,1451,1453,1455,1457,1459,1462,1464],{"class":117,"line":335},[115,1446,1447],{"class":121}," if",[115,1449,1450],{"class":132}," (o ",[115,1452,497],{"class":121},[115,1454,500],{"class":469},[115,1456,573],{"class":121},[115,1458,576],{"class":121},[115,1460,1461],{"class":132},"(o ",[115,1463,582],{"class":121},[115,1465,1466],{"class":132}," Widget)) {\n",[115,1468,1469,1472,1474],{"class":117,"line":340},[115,1470,1471],{"class":121}," return",[115,1473,594],{"class":469},[115,1475,473],{"class":132},[115,1477,1478],{"class":117,"line":346},[115,1479,254],{"class":132},[115,1481,1482,1485,1488,1490],{"class":117,"line":352},[115,1483,1484],{"class":139}," Widget",[115,1486,1487],{"class":132}," widget ",[115,1489,158],{"class":121},[115,1491,1492],{"class":132}," (Widget) o;\n",[115,1494,1495,1497,1500,1502,1504,1507,1510],{"class":117,"line":362},[115,1496,1385],{"class":121},[115,1498,1499],{"class":420}," this",[115,1501,1361],{"class":132},[115,1503,497],{"class":121},[115,1505,1506],{"class":132}," widget.",[115,1508,1509],{"class":190},"getNoOfComponents",[115,1511,212],{"class":132},[115,1513,1514],{"class":117,"line":374},[115,1515,974],{"class":132},[115,1517,1518,1521],{"class":117,"line":386},[115,1519,1520],{"class":132}," @",[115,1522,442],{"class":146},[115,1524,1525,1527,1529,1531],{"class":117,"line":393},[115,1526,837],{"class":121},[115,1528,450],{"class":146},[115,1530,453],{"class":190},[115,1532,193],{"class":132},[115,1534,1535,1538,1540,1542,1544],{"class":117,"line":398},[115,1536,1537],{"class":146}," int",[115,1539,464],{"class":132},[115,1541,158],{"class":121},[115,1543,489],{"class":469},[115,1545,473],{"class":132},[115,1547,1548,1551,1553,1555,1557,1559,1561],{"class":117,"line":417},[115,1549,1550],{"class":132}," res ",[115,1552,158],{"class":121},[115,1554,464],{"class":132},[115,1556,486],{"class":121},[115,1558,470],{"class":469},[115,1560,492],{"class":121},[115,1562,1334],{"class":132},[115,1564,1565,1567],{"class":117,"line":431},[115,1566,1385],{"class":121},[115,1568,524],{"class":132},[115,1570,1571],{"class":117,"line":436},[115,1572,974],{"class":132},[115,1574,1575],{"class":117,"line":445},[115,1576,1577],{"class":132},"} \n",[115,1579,1580,1582,1584,1587],{"class":117,"line":458},[115,1581,122],{"class":121},[115,1583,125],{"class":121},[115,1585,1586],{"class":128}," LayoutManager",[115,1588,133],{"class":132},[115,1590,1591,1593,1596,1598,1600,1603,1605,1607,1610,1612,1614],{"class":117,"line":476},[115,1592,1329],{"class":121},[115,1594,1595],{"class":139}," Set",[115,1597,143],{"class":132},[115,1599,1301],{"class":146},[115,1601,1602],{"class":132},"> layouts ",[115,1604,158],{"class":121},[115,1606,161],{"class":121},[115,1608,1609],{"class":139}," HashSet",[115,1611,143],{"class":132},[115,1613,1301],{"class":146},[115,1615,175],{"class":132},[115,1617,1618,1620,1622,1625,1627,1629,1632],{"class":117,"line":519},[115,1619,837],{"class":121},[115,1621,304],{"class":146},[115,1623,1624],{"class":190}," addWidget",[115,1626,224],{"class":132},[115,1628,1301],{"class":139},[115,1630,1631],{"class":272}," widget",[115,1633,276],{"class":132},[115,1635,1636,1638,1640,1643,1646,1649],{"class":117,"line":527},[115,1637,1447],{"class":121},[115,1639,880],{"class":132},[115,1641,1642],{"class":121},"!",[115,1644,1645],{"class":132},"layouts.",[115,1647,1648],{"class":190},"contains",[115,1650,1651],{"class":132},"(widget)) {\n",[115,1653,1654,1657,1660],{"class":117,"line":532},[115,1655,1656],{"class":132}," layouts.",[115,1658,1659],{"class":190},"add",[115,1661,1662],{"class":132},"(widget);\n",[115,1664,1665],{"class":117,"line":539},[115,1666,254],{"class":132},[115,1668,1669],{"class":117,"line":560},[115,1670,974],{"class":132},[115,1672,1673,1675,1677,1680],{"class":117,"line":588},[115,1674,837],{"class":121},[115,1676,450],{"class":146},[115,1678,1679],{"class":190}," getLayoutSize",[115,1681,193],{"class":132},[115,1683,1684,1686,1689,1692],{"class":117,"line":599},[115,1685,1385],{"class":121},[115,1687,1688],{"class":132}," layouts.",[115,1690,1691],{"class":190},"size",[115,1693,212],{"class":132},[115,1695,1696],{"class":117,"line":605},[115,1697,974],{"class":132},[115,1699,1700],{"class":117,"line":625},[115,1701,343],{"class":132},[39,1703,1704,1705,1707,1708,1711,1712,1714],{},"An attacker can extend the ",[43,1706,1301],{}," class as a ",[43,1709,1710],{},"Navigator"," widget and override the ",[43,1713,675],{}," method:",[106,1716,1718],{"className":108,"code":1717,"language":110,"meta":111,"style":111},"public class Navigator extends Widget {\n public Navigator(int noOfComponents) {\n super(noOfComponents);\n }\n @Override\n public int hashCode() {\n int res = 31;\n res = res * 17;\n return res;\n }\n}\n",[43,1719,1720,1735,1749,1757,1761,1767,1777,1789,1803,1809,1813],{"__ignoreMap":111},[115,1721,1722,1724,1726,1729,1731,1733],{"class":117,"line":118},[115,1723,122],{"class":121},[115,1725,125],{"class":121},[115,1727,1728],{"class":128}," Navigator",[115,1730,704],{"class":121},[115,1732,1322],{"class":707},[115,1734,133],{"class":132},[115,1736,1737,1739,1741,1743,1745,1747],{"class":117,"line":136},[115,1738,837],{"class":121},[115,1740,1728],{"class":190},[115,1742,224],{"class":132},[115,1744,883],{"class":146},[115,1746,1351],{"class":272},[115,1748,276],{"class":132},[115,1750,1751,1754],{"class":117,"line":178},[115,1752,1753],{"class":420}," super",[115,1755,1756],{"class":132},"(noOfComponents);\n",[115,1758,1759],{"class":117,"line":184},[115,1760,974],{"class":132},[115,1762,1763,1765],{"class":117,"line":196},[115,1764,1520],{"class":132},[115,1766,442],{"class":146},[115,1768,1769,1771,1773,1775],{"class":117,"line":215},[115,1770,837],{"class":121},[115,1772,450],{"class":146},[115,1774,453],{"class":190},[115,1776,193],{"class":132},[115,1778,1779,1781,1783,1785,1787],{"class":117,"line":234},[115,1780,1537],{"class":146},[115,1782,464],{"class":132},[115,1784,158],{"class":121},[115,1786,489],{"class":469},[115,1788,473],{"class":132},[115,1790,1791,1793,1795,1797,1799,1801],{"class":117,"line":251},[115,1792,1550],{"class":132},[115,1794,158],{"class":121},[115,1796,464],{"class":132},[115,1798,486],{"class":121},[115,1800,470],{"class":469},[115,1802,473],{"class":132},[115,1804,1805,1807],{"class":117,"line":257},[115,1806,1385],{"class":121},[115,1808,524],{"class":132},[115,1810,1811],{"class":117,"line":279},[115,1812,974],{"class":132},[115,1814,1815],{"class":117,"line":294},[115,1816,343],{"class":132},[39,1818,1819],{},"The client code follows:",[106,1821,1823],{"className":108,"code":1822,"language":110,"meta":111,"style":111},"Widget nav = new Navigator(1);\nWidget widget = new Widget(1);\nLayoutManager manager = new LayoutManager();\nmanager.addWidget(nav);\nmanager.addWidget(widget);\nSystem.out.println(manager.getLayoutSize()); \u002F\u002F Prints 2\n",[43,1824,1825,1845,1863,1878,1889,1897],{"__ignoreMap":111},[115,1826,1827,1829,1832,1834,1836,1838,1840,1843],{"class":117,"line":118},[115,1828,1301],{"class":139},[115,1830,1831],{"class":132}," nav ",[115,1833,158],{"class":121},[115,1835,161],{"class":121},[115,1837,1728],{"class":190},[115,1839,224],{"class":132},[115,1841,1842],{"class":469},"1",[115,1844,231],{"class":132},[115,1846,1847,1849,1851,1853,1855,1857,1859,1861],{"class":117,"line":136},[115,1848,1301],{"class":139},[115,1850,1487],{"class":132},[115,1852,158],{"class":121},[115,1854,161],{"class":121},[115,1856,1322],{"class":190},[115,1858,224],{"class":132},[115,1860,1842],{"class":469},[115,1862,231],{"class":132},[115,1864,1865,1867,1870,1872,1874,1876],{"class":117,"line":178},[115,1866,1305],{"class":139},[115,1868,1869],{"class":132}," manager ",[115,1871,158],{"class":121},[115,1873,161],{"class":121},[115,1875,1586],{"class":190},[115,1877,212],{"class":132},[115,1879,1880,1883,1886],{"class":117,"line":184},[115,1881,1882],{"class":132},"manager.",[115,1884,1885],{"class":190},"addWidget",[115,1887,1888],{"class":132},"(nav);\n",[115,1890,1891,1893,1895],{"class":117,"line":196},[115,1892,1882],{"class":132},[115,1894,1885],{"class":190},[115,1896,1662],{"class":132},[115,1898,1899,1902,1904,1907,1910,1913],{"class":117,"line":215},[115,1900,1901],{"class":132},"System.out.",[115,1903,957],{"class":190},[115,1905,1906],{"class":132},"(manager.",[115,1908,1909],{"class":190},"getLayoutSize",[115,1911,1912],{"class":132},"()); ",[115,1914,1915],{"class":748},"\u002F\u002F Prints 2\n",[39,1917,1918,1919,1922,1923,1926],{},"The set ",[43,1920,1921],{},"layouts"," is expected to contain just one item because the number of components for both the navigator and widget being added is 1. However, the ",[43,1924,1925],{},"getLayoutSize()"," method returns 2.",[39,1928,1929,1930,1932,1933,1935,1936,1938,1939,1941],{},"The reason for this discrepancy is that the ",[43,1931,675],{}," method of ",[43,1934,1301],{}," is used only once when the widget is added to the set. When the navigator is added, the ",[43,1937,675],{}," method provided by the ",[43,1940,1710],{}," class is used.  Consequently, the set contains two different object instances.",[78,1943,995,1945,1260],{"id":1944},"compliant-solution-final-class-1",[43,1946,1259],{},[39,1948,1263,1949,1266],{},[43,1950,1301],{},[102,1952,1953],{"quality":1011},[106,1954,1956],{"className":108,"code":1955,"language":110,"meta":111,"style":111},"public final class Widget {\n \u002F\u002F ...\n}\n",[43,1957,1958,1970,1974],{"__ignoreMap":111},[115,1959,1960,1962,1964,1966,1968],{"class":117,"line":118},[115,1961,122],{"class":121},[115,1963,1398],{"class":121},[115,1965,125],{"class":121},[115,1967,1322],{"class":128},[115,1969,133],{"class":132},[115,1971,1972],{"class":117,"line":136},[115,1973,1066],{"class":748},[115,1975,1976],{"class":117,"line":178},[115,1977,343],{"class":132},[78,1979,81,1981,85],{"id":1980},"noncompliant-code-example-run",[43,1982,1983],{},"run()",[39,1985,1986,1987,1990,1991,1994,1995,1998],{},"In this noncompliant code example, class ",[43,1988,1989],{},"Worker"," and its subclass ",[43,1992,1993],{},"SubWorker"," each contain a ",[43,1996,1997],{},"startThread()"," method intended to start a thread:",[102,2000,2001],{"quality":104},[106,2002,2004],{"className":108,"code":2003,"language":110,"meta":111,"style":111},"public class Worker implements Runnable {\n Worker() { }\n public void startThread(String name) {\n new Thread(this, name).start();\n }\n @Override\n public void run() {\n System.out.println(\"Parent\");\n }\n}\n\npublic class SubWorker extends Worker {\n @Override\n public void startThread(String name) {\n super.startThread(name);\n new Thread(this, name).start(); \n }\n @Override\n public void run() {\n System.out.println(\"Child\");\n }\n}\n",[43,2005,2006,2023,2031,2049,2070,2074,2080,2091,2105,2109,2113,2117,2132,2138,2154,2167,2184,2188,2194,2204,2217,2221],{"__ignoreMap":111},[115,2007,2008,2010,2012,2015,2018,2021],{"class":117,"line":118},[115,2009,122],{"class":121},[115,2011,125],{"class":121},[115,2013,2014],{"class":128}," Worker",[115,2016,2017],{"class":121}," implements",[115,2019,2020],{"class":707}," Runnable",[115,2022,133],{"class":132},[115,2024,2025,2028],{"class":117,"line":136},[115,2026,2027],{"class":190}," Worker",[115,2029,2030],{"class":132},"() { }\n",[115,2032,2033,2035,2037,2040,2042,2044,2047],{"class":117,"line":178},[115,2034,837],{"class":121},[115,2036,304],{"class":146},[115,2038,2039],{"class":190}," startThread",[115,2041,224],{"class":132},[115,2043,152],{"class":139},[115,2045,2046],{"class":272}," name",[115,2048,276],{"class":132},[115,2050,2051,2054,2057,2059,2062,2065,2068],{"class":117,"line":184},[115,2052,2053],{"class":121}," new",[115,2055,2056],{"class":190}," Thread",[115,2058,224],{"class":132},[115,2060,2061],{"class":420},"this",[115,2063,2064],{"class":132},", name).",[115,2066,2067],{"class":190},"start",[115,2069,212],{"class":132},[115,2071,2072],{"class":117,"line":196},[115,2073,974],{"class":132},[115,2075,2076,2078],{"class":117,"line":215},[115,2077,1520],{"class":132},[115,2079,442],{"class":146},[115,2081,2082,2084,2086,2089],{"class":117,"line":234},[115,2083,837],{"class":121},[115,2085,304],{"class":146},[115,2087,2088],{"class":190}," run",[115,2090,193],{"class":132},[115,2092,2093,2096,2098,2100,2103],{"class":117,"line":251},[115,2094,2095],{"class":132}," System.out.",[115,2097,957],{"class":190},[115,2099,224],{"class":132},[115,2101,2102],{"class":227},"\"Parent\"",[115,2104,231],{"class":132},[115,2106,2107],{"class":117,"line":257},[115,2108,974],{"class":132},[115,2110,2111],{"class":117,"line":279},[115,2112,343],{"class":132},[115,2114,2115],{"class":117,"line":294},[115,2116,349],{"emptyLinePlaceholder":7},[115,2118,2119,2121,2123,2126,2128,2130],{"class":117,"line":299},[115,2120,122],{"class":121},[115,2122,125],{"class":121},[115,2124,2125],{"class":128}," SubWorker",[115,2127,704],{"class":121},[115,2129,2014],{"class":707},[115,2131,133],{"class":132},[115,2133,2134,2136],{"class":117,"line":325},[115,2135,1520],{"class":132},[115,2137,442],{"class":146},[115,2139,2140,2142,2144,2146,2148,2150,2152],{"class":117,"line":335},[115,2141,837],{"class":121},[115,2143,304],{"class":146},[115,2145,2039],{"class":190},[115,2147,224],{"class":132},[115,2149,152],{"class":139},[115,2151,2046],{"class":272},[115,2153,276],{"class":132},[115,2155,2156,2158,2161,2164],{"class":117,"line":340},[115,2157,1753],{"class":420},[115,2159,2160],{"class":132},".",[115,2162,2163],{"class":190},"startThread",[115,2165,2166],{"class":132},"(name);\n",[115,2168,2169,2171,2173,2175,2177,2179,2181],{"class":117,"line":346},[115,2170,2053],{"class":121},[115,2172,2056],{"class":190},[115,2174,224],{"class":132},[115,2176,2061],{"class":420},[115,2178,2064],{"class":132},[115,2180,2067],{"class":190},[115,2182,2183],{"class":132},"(); \n",[115,2185,2186],{"class":117,"line":352},[115,2187,974],{"class":132},[115,2189,2190,2192],{"class":117,"line":362},[115,2191,1520],{"class":132},[115,2193,442],{"class":146},[115,2195,2196,2198,2200,2202],{"class":117,"line":374},[115,2197,837],{"class":121},[115,2199,304],{"class":146},[115,2201,2088],{"class":190},[115,2203,193],{"class":132},[115,2205,2206,2208,2210,2212,2215],{"class":117,"line":386},[115,2207,2095],{"class":132},[115,2209,957],{"class":190},[115,2211,224],{"class":132},[115,2213,2214],{"class":227},"\"Child\"",[115,2216,231],{"class":132},[115,2218,2219],{"class":117,"line":393},[115,2220,974],{"class":132},[115,2222,2223],{"class":117,"line":398},[115,2224,343],{"class":132},[39,2226,2227],{},"If a client runs the following code:",[106,2229,2231],{"className":108,"code":2230,"language":110,"meta":111,"style":111},"Worker w = new SubWorker();\nw.startThread(\"thread\");\n",[43,2232,2233,2248],{"__ignoreMap":111},[115,2234,2235,2237,2240,2242,2244,2246],{"class":117,"line":118},[115,2236,1989],{"class":139},[115,2238,2239],{"class":132}," w ",[115,2241,158],{"class":121},[115,2243,161],{"class":121},[115,2245,2125],{"class":190},[115,2247,212],{"class":132},[115,2249,2250,2253,2255,2257,2260],{"class":117,"line":136},[115,2251,2252],{"class":132},"w.",[115,2254,2163],{"class":190},[115,2256,224],{"class":132},[115,2258,2259],{"class":227},"\"thread\"",[115,2261,231],{"class":132},[39,2263,2264,2265,672,2268,2271,2272,2274,2275,2277],{},"the client may expect ",[43,2266,2267],{},"Parent",[43,2269,2270],{},"Child"," to be printed. However, ",[43,2273,2270],{}," is printed twice because the overridden method ",[43,2276,1983],{}," is invoked both times that a new thread is started.",[78,2279,2281],{"id":2280},"compliant-solution","Compliant Solution",[39,2283,2284,2285,2287,2288,509],{},"This compliant solution modifies the ",[43,2286,1993],{}," class and removes the call to ",[43,2289,2290],{},"super.startThread()",[102,2292,2293],{"quality":1011},[106,2294,2296],{"className":108,"code":2295,"language":110,"meta":111,"style":111},"public class SubWorker extends Worker {\n @Override\n public void startThread(String name) {\n new Thread(this, name).start();\n }\n \u002F\u002F ...\n}\n",[43,2297,2298,2312,2318,2334,2350,2354,2359],{"__ignoreMap":111},[115,2299,2300,2302,2304,2306,2308,2310],{"class":117,"line":118},[115,2301,122],{"class":121},[115,2303,125],{"class":121},[115,2305,2125],{"class":128},[115,2307,704],{"class":121},[115,2309,2014],{"class":707},[115,2311,133],{"class":132},[115,2313,2314,2316],{"class":117,"line":136},[115,2315,1520],{"class":132},[115,2317,442],{"class":146},[115,2319,2320,2322,2324,2326,2328,2330,2332],{"class":117,"line":178},[115,2321,837],{"class":121},[115,2323,304],{"class":146},[115,2325,2039],{"class":190},[115,2327,224],{"class":132},[115,2329,152],{"class":139},[115,2331,2046],{"class":272},[115,2333,276],{"class":132},[115,2335,2336,2338,2340,2342,2344,2346,2348],{"class":117,"line":184},[115,2337,2053],{"class":121},[115,2339,2056],{"class":190},[115,2341,224],{"class":132},[115,2343,2061],{"class":420},[115,2345,2064],{"class":132},[115,2347,2067],{"class":190},[115,2349,212],{"class":132},[115,2351,2352],{"class":117,"line":196},[115,2353,974],{"class":132},[115,2355,2356],{"class":117,"line":215},[115,2357,2358],{"class":748}," \u002F\u002F ...\n",[115,2360,2361],{"class":117,"line":234},[115,2362,343],{"class":132},[39,2364,2365],{},"The client code is also modified to start the parent and child threads separately. This program produces the expected output:",[106,2367,2369],{"className":108,"code":2368,"language":110,"meta":111,"style":111},"Worker w1 = new Worker();\nw1.startThread(\"parent-thread\");\nWorker w2 = new SubWorker();\nw2.startThread(\"child-thread\");\n",[43,2370,2371,2386,2400,2415],{"__ignoreMap":111},[115,2372,2373,2375,2378,2380,2382,2384],{"class":117,"line":118},[115,2374,1989],{"class":139},[115,2376,2377],{"class":132}," w1 ",[115,2379,158],{"class":121},[115,2381,161],{"class":121},[115,2383,2014],{"class":190},[115,2385,212],{"class":132},[115,2387,2388,2391,2393,2395,2398],{"class":117,"line":136},[115,2389,2390],{"class":132},"w1.",[115,2392,2163],{"class":190},[115,2394,224],{"class":132},[115,2396,2397],{"class":227},"\"parent-thread\"",[115,2399,231],{"class":132},[115,2401,2402,2404,2407,2409,2411,2413],{"class":117,"line":178},[115,2403,1989],{"class":139},[115,2405,2406],{"class":132}," w2 ",[115,2408,158],{"class":121},[115,2410,161],{"class":121},[115,2412,2125],{"class":190},[115,2414,212],{"class":132},[115,2416,2417,2420,2422,2424,2427],{"class":117,"line":184},[115,2418,2419],{"class":132},"w2.",[115,2421,2163],{"class":190},[115,2423,224],{"class":132},[115,2425,2426],{"class":227},"\"child-thread\"",[115,2428,231],{"class":132},[78,2430,2432],{"id":2431},"bibliography","Bibliography",[2434,2435,2436,2447],"table",{},[2437,2438,2439],"thead",{},[2440,2441,2442,2445],"tr",{},[2443,2444],"th",{},[2443,2446],{},[2448,2449,2450,2466],"tbody",{},[2440,2451,2452,2461],{},[2453,2454,2455,2456,2460],"td",{},"[ ",[62,2457,2459],{"href":2458},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references#Rec.AA.References-API13","API 2013"," ]",[2453,2462,2463,2464],{},"Class ",[43,2465,998],{},[2440,2467,2468,2474],{},[2453,2469,2455,2470,2460],{},[62,2471,2473],{"href":2472},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references#Rec.AA.References-Hawtin06","Hawtin 2006",[2453,2475,2476],{},[62,2477,2480],{"href":2478,"rel":2479},"http:\u002F\u002Fmarkmail.org\u002Fmessage\u002F4scermxmn5oqhyii",[71],"[drlvm][kernel_classes] ThreadLocal vulnerability",[2482,2483],"hr",{},[39,2485,2486,66,2493,66,2499],{},[62,2487,2489],{"href":2488},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj56-j",[2490,2491],"img",{"src":2492},"\u002Fattachments\u002F88487545\u002F88873873.png",[62,2494,2496],{"href":2495},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002F",[2490,2497],{"src":2498},"\u002Fattachments\u002F88487545\u002F88873874.png",[62,2500,2502],{"href":2501},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj58-j",[2490,2503],{"src":2504},"\u002Fattachments\u002F88487545\u002F88873875.png",[2506,2507,2508],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sz2Vg, html code.shiki .sz2Vg{--shiki-default:#6F42C1;--shiki-default-text-decoration:inherit;--shiki-dark:#B392F0;--shiki-dark-text-decoration:inherit;--shiki-sepia:#A6E22E;--shiki-sepia-text-decoration:underline}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .sk8M1, html code.shiki .sk8M1{--shiki-default:#24292E;--shiki-default-font-style:inherit;--shiki-dark:#E1E4E8;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .srTi1, html code.shiki .srTi1{--shiki-default:#6F42C1;--shiki-dark:#B392F0;--shiki-sepia:#A6E22E}html pre.shiki code .sstjo, html code.shiki .sstjo{--shiki-default:#032F62;--shiki-dark:#9ECBFF;--shiki-sepia:#E6DB74}html pre.shiki code .sTHNf, html code.shiki .sTHNf{--shiki-default:#E36209;--shiki-default-font-style:inherit;--shiki-dark:#FFAB70;--shiki-dark-font-style:inherit;--shiki-sepia:#FD971F;--shiki-sepia-font-style:italic}html pre.shiki code .sP7S_, html code.shiki .sP7S_{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#FD971F}html pre.shiki code .s7F3e, html code.shiki .s7F3e{--shiki-default:#005CC5;--shiki-dark:#79B8FF;--shiki-sepia:#AE81FF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html pre.shiki code .s30JN, html code.shiki .s30JN{--shiki-default:#6F42C1;--shiki-default-font-style:inherit;--shiki-default-text-decoration:inherit;--shiki-dark:#B392F0;--shiki-dark-font-style:inherit;--shiki-dark-text-decoration:inherit;--shiki-sepia:#A6E22E;--shiki-sepia-font-style:italic;--shiki-sepia-text-decoration:underline}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}",{"title":111,"searchDepth":136,"depth":136,"links":2510},[2511,2513,2515,2517,2518,2519,2521,2522],{"id":80,"depth":136,"text":2512},"Noncompliant Code Example ( hashCode )",{"id":994,"depth":136,"text":2514},"Compliant Solution ( IdentityHashMap )",{"id":1256,"depth":136,"text":2516},"Compliant Solution ( final Class)",{"id":1294,"depth":136,"text":1295},{"id":1944,"depth":136,"text":2516},{"id":1980,"depth":136,"text":2520},"Noncompliant Code Example ( run() )",{"id":2280,"depth":136,"text":2281},{"id":2431,"depth":136,"text":2432},"Untrusted code can misuse APIs provided by trusted code to override methods such as Object.equals() , Object.hashCode() , and Thread.run() . These methods are valuable targets because they are commonly used behind the scenes and may interact with components in a way that is not easily discernible.","md",{"tags":2526},[2527,2528,2529,2530,2531,2532,2533,2534,2535],"review-dms","android-applicable","review-dfs","obj","1security","draft","review-dm","recommendation","security","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj57-j",{"title":30,"description":2523},"6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F09.obj57-j","xKI1vv0Ui6WBCjGIbF9P22m3ayBrjL1vvzOqgku4vpI",[2541,2544],{"title":2542,"path":2488,"stem":2543,"children":-1},"OBJ56-J. Provide sensitive mutable classes with unmodifiable wrappers","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F08.obj56-j",{"title":2545,"path":2501,"stem":2546,"children":-1},"OBJ58-J. Limit the extensibility of classes and methods with invariants","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F10.obj58-j",[2548],{"title":2549,"path":2550,"stem":2551,"children":2552},"SEI CERT Oracle Coding Standard for Java","\u002Fsei-cert-oracle-coding-standard-for-java","6.sei-cert-oracle-coding-standard-for-java\u002F1.index",[2553,2554,2694,3532,3920,4098],{"title":2549,"path":2550,"stem":2551},{"title":2555,"path":2556,"stem":2557,"children":2558},"Front Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F1.index",[2559,2560,2564,2568,2572,2618,2656],{"title":2555,"path":2556,"stem":2557},{"title":2561,"path":2562,"stem":2563},"Rules versus Recommendations (Java)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frules-versus-recommendations-java","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F2.rules-versus-recommendations-java",{"title":2565,"path":2566,"stem":2567},"Acknowledgments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Facknowledgments","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F3.acknowledgments",{"title":2569,"path":2570,"stem":2571},"Deprecations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Fdeprecations","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.deprecations",{"title":2573,"path":2574,"stem":2575,"children":2576},"Rec. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F01.index",[2577,2578,2582,2586,2590,2594,2598,2602,2606,2610,2614],{"title":2573,"path":2574,"stem":2575},{"title":2579,"path":2580,"stem":2581},"Scope","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F02.scope",{"title":2583,"path":2584,"stem":2585},"Audience","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F03.audience",{"title":2587,"path":2588,"stem":2589},"Contents and Organization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F05.contents-and-organization",{"title":2591,"path":2592,"stem":2593},"Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fguidelines","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F06.guidelines",{"title":2595,"path":2596,"stem":2597},"Usage","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F07.usage",{"title":2599,"path":2600,"stem":2601},"System Qualities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F08.system-qualities",{"title":2603,"path":2604,"stem":2605},"Priority and Levels","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F09.priority-and-levels",{"title":2607,"path":2608,"stem":2609},"Automatically Generated Code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F10.automatically-generated-code",{"title":2611,"path":2612,"stem":2613},"Source Code Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsource-code-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F11.source-code-validation",{"title":2615,"path":2616,"stem":2617},"Tool Selection and Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F12.tool-selection-and-validation",{"title":2619,"path":2620,"stem":2621,"children":2622},"Rule. Introduction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F01.index",[2623,2624,2628,2632,2636,2640,2644,2648,2652],{"title":2619,"path":2620,"stem":2621},{"title":2625,"path":2626,"stem":2627},"Input Validation and Data Sanitization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Finput-validation-and-data-sanitization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F02.input-validation-and-data-sanitization",{"title":2629,"path":2630,"stem":2631},"Leaking Sensitive Data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-sensitive-data","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F03.leaking-sensitive-data",{"title":2633,"path":2634,"stem":2635},"Type Safety","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Ftype-safety","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F04.type-safety",{"title":2637,"path":2638,"stem":2639},"Leaking Capabilities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-capabilities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F05.leaking-capabilities",{"title":2641,"path":2642,"stem":2643},"Denial of Service","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fdenial-of-service","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F06.denial-of-service",{"title":2645,"path":2646,"stem":2647},"Libraries","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Flibraries","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F07.libraries",{"title":2649,"path":2650,"stem":2651},"Concurrency, Visibility, and Memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fconcurrency-visibility-and-memory","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F08.concurrency-visibility-and-memory",{"title":2653,"path":2654,"stem":2655},"Privilege Escalation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fprivilege-escalation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F09.privilege-escalation",{"title":2657,"path":2658,"stem":2659,"children":2660},"Rule. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F01.index",[2661,2662,2665,2668,2671,2675,2678,2681,2684,2687,2691],{"title":2657,"path":2658,"stem":2659},{"title":2579,"path":2663,"stem":2664},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F02.scope",{"title":2583,"path":2666,"stem":2667},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F03.audience",{"title":2587,"path":2669,"stem":2670},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F04.contents-and-organization",{"title":2672,"path":2673,"stem":2674},"Identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fidentifiers","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F05.identifiers",{"title":2595,"path":2676,"stem":2677},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F06.usage",{"title":2599,"path":2679,"stem":2680},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F07.system-qualities",{"title":2603,"path":2682,"stem":2683},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F08.priority-and-levels",{"title":2607,"path":2685,"stem":2686},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F09.automatically-generated-code",{"title":2688,"path":2689,"stem":2690},"Conformance Testing","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fconformance-testing","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F10.conformance-testing",{"title":2615,"path":2692,"stem":2693},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F11.tool-selection-and-validation",{"title":2695,"path":2696,"stem":2697,"children":2698},"Rules","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F01.index",[2699,2700,2704,2730,2748,2794,2832,2906,2960,2986,3040,3102,3156,3214,3276,3326,3366,3424,3454,3480,3502],{"title":2695,"path":2696,"stem":2697},{"title":2701,"path":2702,"stem":2703},"Android (DRD)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fandroid-drd","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F02.android-drd",{"title":2705,"path":2706,"stem":2707,"children":2708},"Characters and Strings (STR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F1.index",[2709,2710,2714,2718,2722,2726],{"title":2705,"path":2706,"stem":2707},{"title":2711,"path":2712,"stem":2713},"STR00-J. Don't form strings containing partial characters from variable-width encodings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F2.str00-j",{"title":2715,"path":2716,"stem":2717},"STR01-J. Do not assume that a Java char fully represents a Unicode code point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F3.str01-j",{"title":2719,"path":2720,"stem":2721},"STR02-J. Specify an appropriate locale when comparing locale-dependent data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F4.str02-j",{"title":2723,"path":2724,"stem":2725},"STR03-J. Do not encode noncharacter data as a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F5.str03-j",{"title":2727,"path":2728,"stem":2729},"STR04-J. Use compatible character encodings when communicating string data between JVMs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F6.str04-j",{"title":2731,"path":2732,"stem":2733,"children":2734},"Declarations and Initialization (DCL)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F1.index",[2735,2736,2740,2744],{"title":2731,"path":2732,"stem":2733},{"title":2737,"path":2738,"stem":2739},"DCL00-J. Prevent class initialization cycles","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F2.dcl00-j",{"title":2741,"path":2742,"stem":2743},"DCL01-J. Do not reuse public identifiers from the Java Standard Library","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F3.dcl01-j",{"title":2745,"path":2746,"stem":2747},"DCL02-J. Do not modify the collection's elements during an enhanced for statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F4.dcl02-j",{"title":2749,"path":2750,"stem":2751,"children":2752},"Exceptional Behavior (ERR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F01.index",[2753,2754,2758,2762,2766,2770,2774,2778,2782,2786,2790],{"title":2749,"path":2750,"stem":2751},{"title":2755,"path":2756,"stem":2757},"ERR00-J. Do not suppress or ignore checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F02.err00-j",{"title":2759,"path":2760,"stem":2761},"ERR01-J. Do not allow exceptions to expose sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F03.err01-j",{"title":2763,"path":2764,"stem":2765},"ERR02-J. Prevent exceptions while logging data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F04.err02-j",{"title":2767,"path":2768,"stem":2769},"ERR03-J. Restore prior object state on method failure","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F05.err03-j",{"title":2771,"path":2772,"stem":2773},"ERR04-J. Do not complete abruptly from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F06.err04-j",{"title":2775,"path":2776,"stem":2777},"ERR05-J. Do not let checked exceptions escape from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F07.err05-j",{"title":2779,"path":2780,"stem":2781},"ERR06-J. Do not throw undeclared checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F08.err06-j",{"title":2783,"path":2784,"stem":2785},"ERR07-J. Do not throw RuntimeException, Exception, or Throwable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F09.err07-j",{"title":2787,"path":2788,"stem":2789},"ERR08-J. Do not catch NullPointerException or any of its ancestors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F10.err08-j",{"title":2791,"path":2792,"stem":2793},"ERR09-J. Do not allow untrusted code to terminate the JVM","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F11.err09-j",{"title":2795,"path":2796,"stem":2797,"children":2798},"Expressions (EXP)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F1.index",[2799,2800,2804,2808,2812,2816,2820,2824,2828],{"title":2795,"path":2796,"stem":2797},{"title":2801,"path":2802,"stem":2803},"EXP00-J. Do not ignore values returned by methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F2.exp00-j",{"title":2805,"path":2806,"stem":2807},"EXP01-J. Do not use a null in a case where an object is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F3.exp01-j",{"title":2809,"path":2810,"stem":2811},"EXP02-J. Do not use the Object.equals() method to compare two arrays","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F4.exp02-j",{"title":2813,"path":2814,"stem":2815},"EXP03-J. Do not use the equality operators when comparing values of boxed primitives","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F5.exp03-j",{"title":2817,"path":2818,"stem":2819},"EXP04-J. Do not pass arguments to certain Java Collections Framework methods that are a different type than the collection parameter type","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F6.exp04-j",{"title":2821,"path":2822,"stem":2823},"EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F7.exp05-j",{"title":2825,"path":2826,"stem":2827},"EXP06-J. Expressions used in assertions must not produce side effects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F8.exp06-j",{"title":2829,"path":2830,"stem":2831},"EXP07-J. Prevent loss of useful data due to weak references","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F9.exp07-j",{"title":2833,"path":2834,"stem":2835,"children":2836},"Input Output (FIO)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F01.index",[2837,2838,2842,2846,2850,2854,2858,2862,2866,2870,2874,2878,2882,2886,2890,2894,2898,2902],{"title":2833,"path":2834,"stem":2835},{"title":2839,"path":2840,"stem":2841},"FIO00-J. Do not operate on files in shared directories","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F02.fio00-j",{"title":2843,"path":2844,"stem":2845},"FIO01-J. Create files with appropriate access permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F03.fio01-j",{"title":2847,"path":2848,"stem":2849},"FIO02-J. Detect and handle file-related errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F04.fio02-j",{"title":2851,"path":2852,"stem":2853},"FIO03-J. Remove temporary files before termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F05.fio03-j",{"title":2855,"path":2856,"stem":2857},"FIO04-J. Release resources when they are no longer needed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F06.fio04-j",{"title":2859,"path":2860,"stem":2861},"FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F07.fio05-j",{"title":2863,"path":2864,"stem":2865},"FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F08.fio06-j",{"title":2867,"path":2868,"stem":2869},"FIO07-J. Do not let external processes block on IO buffers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F09.fio07-j",{"title":2871,"path":2872,"stem":2873},"FIO08-J. Distinguish between characters or bytes read from a stream and -1","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F10.fio08-j",{"title":2875,"path":2876,"stem":2877},"FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F11.fio09-j",{"title":2879,"path":2880,"stem":2881},"FIO10-J. Ensure the array is filled when using read() to fill an array","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F12.fio10-j",{"title":2883,"path":2884,"stem":2885},"FIO11-J. Do not convert between strings and bytes without specifying a valid character encoding","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F13.fio11-j",{"title":2887,"path":2888,"stem":2889},"FIO12-J. Provide methods to read and write little-endian data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F14.fio12-j",{"title":2891,"path":2892,"stem":2893},"FIO13-J. Do not log sensitive information outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F15.fio13-j",{"title":2895,"path":2896,"stem":2897},"FIO14-J. Perform proper cleanup at program termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F16.fio14-j",{"title":2899,"path":2900,"stem":2901},"FIO15-J. Do not reset a servlet's output stream after committing it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F17.fio15-j",{"title":2903,"path":2904,"stem":2905},"FIO16-J. Canonicalize path names before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F18.fio16-j",{"title":2907,"path":2908,"stem":2909,"children":2910},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F01.index",[2911,2912,2916,2920,2924,2928,2932,2936,2940,2944,2948,2952,2956],{"title":2907,"path":2908,"stem":2909},{"title":2913,"path":2914,"stem":2915},"IDS00-J. Prevent SQL injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F02.ids00-j",{"title":2917,"path":2918,"stem":2919},"IDS01-J. Normalize strings before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F03.ids01-j",{"title":2921,"path":2922,"stem":2923},"IDS03-J. Do not log unsanitized user input","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F04.ids03-j",{"title":2925,"path":2926,"stem":2927},"IDS04-J. Safely extract files from ZipInputStream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F05.ids04-j",{"title":2929,"path":2930,"stem":2931},"IDS06-J. Exclude unsanitized user input from format strings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F06.ids06-j",{"title":2933,"path":2934,"stem":2935},"IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F07.ids07-j",{"title":2937,"path":2938,"stem":2939},"IDS08-J. Sanitize untrusted data included in a regular expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F08.ids08-j",{"title":2941,"path":2942,"stem":2943},"IDS11-J. Perform any string modifications before validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F09.ids11-j",{"title":2945,"path":2946,"stem":2947},"IDS14-J. Do not trust the contents of hidden form fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F10.ids14-j",{"title":2949,"path":2950,"stem":2951},"IDS15-J. Do not allow sensitive information to leak outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F11.ids15-j",{"title":2953,"path":2954,"stem":2955},"IDS16-J. Prevent XML Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F12.ids16-j",{"title":2957,"path":2958,"stem":2959},"IDS17-J. Prevent XML External Entity Attacks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids17-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F13.ids17-j",{"title":2961,"path":2962,"stem":2963,"children":2964},"Java Native Interface (JNI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F1.index",[2965,2966,2970,2974,2978,2982],{"title":2961,"path":2962,"stem":2963},{"title":2967,"path":2968,"stem":2969},"JNI00-J. Define wrappers around native methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F2.jni00-j",{"title":2971,"path":2972,"stem":2973},"JNI01-J. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance (loadLibrary)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F3.jni01-j",{"title":2975,"path":2976,"stem":2977},"JNI02-J. Do not assume object references are constant or unique","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F4.jni02-j",{"title":2979,"path":2980,"stem":2981},"JNI03-J. Do not use direct pointers to Java objects in JNI code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F5.jni03-j",{"title":2983,"path":2984,"stem":2985},"JNI04-J. Do not assume that Java strings are null-terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F6.jni04-j",{"title":2987,"path":2988,"stem":2989,"children":2990},"Locking (LCK)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F01.index",[2991,2992,2996,3000,3004,3008,3012,3016,3020,3024,3028,3032,3036],{"title":2987,"path":2988,"stem":2989},{"title":2993,"path":2994,"stem":2995},"LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F02.lck00-j",{"title":2997,"path":2998,"stem":2999},"LCK01-J. Do not synchronize on objects that may be reused","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F03.lck01-j",{"title":3001,"path":3002,"stem":3003},"LCK02-J. Do not synchronize on the class object returned by getClass()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F04.lck02-j",{"title":3005,"path":3006,"stem":3007},"LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F05.lck03-j",{"title":3009,"path":3010,"stem":3011},"LCK04-J. Do not synchronize on a collection view if the backing collection is accessible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F06.lck04-j",{"title":3013,"path":3014,"stem":3015},"LCK05-J. Synchronize access to static fields that can be modified by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F07.lck05-j",{"title":3017,"path":3018,"stem":3019},"LCK06-J. Do not use an instance lock to protect shared static data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F08.lck06-j",{"title":3021,"path":3022,"stem":3023},"LCK07-J. Avoid deadlock by requesting and releasing locks in the same order","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F09.lck07-j",{"title":3025,"path":3026,"stem":3027},"LCK08-J. Ensure actively held locks are released on exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F10.lck08-j",{"title":3029,"path":3030,"stem":3031},"LCK09-J. Do not perform operations that can block while holding a lock","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F11.lck09-j",{"title":3033,"path":3034,"stem":3035},"LCK10-J. Use a correct form of the double-checked locking idiom","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F12.lck10-j",{"title":3037,"path":3038,"stem":3039},"LCK11-J. Avoid client-side locking when using classes that do not commit to their locking strategy","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F13.lck11-j",{"title":3041,"path":3042,"stem":3043,"children":3044},"Methods (MET)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F01.index",[3045,3046,3050,3054,3058,3062,3066,3070,3074,3078,3082,3086,3090,3094,3098],{"title":3041,"path":3042,"stem":3043},{"title":3047,"path":3048,"stem":3049},"MET00-J. Validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F02.met00-j",{"title":3051,"path":3052,"stem":3053},"MET01-J. Never use assertions to validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F03.met01-j",{"title":3055,"path":3056,"stem":3057},"MET02-J. Do not use deprecated or obsolete classes or methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F04.met02-j",{"title":3059,"path":3060,"stem":3061},"MET03-J. Methods that perform a security check must be declared private or final","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F05.met03-j",{"title":3063,"path":3064,"stem":3065},"MET04-J. Do not increase the accessibility of overridden or hidden methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F06.met04-j",{"title":3067,"path":3068,"stem":3069},"MET05-J. Ensure that constructors do not call overridable methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F07.met05-j",{"title":3071,"path":3072,"stem":3073},"MET06-J. Do not invoke overridable methods in clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F08.met06-j",{"title":3075,"path":3076,"stem":3077},"MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F09.met07-j",{"title":3079,"path":3080,"stem":3081},"MET08-J. Preserve the equality contract when overriding the equals() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F10.met08-j",{"title":3083,"path":3084,"stem":3085},"MET09-J. Classes that define an equals() method must also define a hashCode() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F11.met09-j",{"title":3087,"path":3088,"stem":3089},"MET10-J. Follow the general contract when implementing the compareTo() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F12.met10-j",{"title":3091,"path":3092,"stem":3093},"MET11-J. Ensure that keys used in comparison operations are immutable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F13.met11-j",{"title":3095,"path":3096,"stem":3097},"MET12-J. Do not use finalizers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F14.met12-j",{"title":3099,"path":3100,"stem":3101},"MET13-J. Do not assume that reassigning method arguments modifies the calling environment","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F15.met13-j",{"title":3103,"path":3104,"stem":3105,"children":3106},"Miscellaneous (MSC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F01.index",[3107,3108,3112,3116,3120,3124,3128,3132,3136,3140,3144,3148,3152],{"title":3103,"path":3104,"stem":3105},{"title":3109,"path":3110,"stem":3111},"MSC00-J. Use SSLSocket rather than Socket for secure data exchange","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F02.msc00-j",{"title":3113,"path":3114,"stem":3115},"MSC01-J. Do not use an empty infinite loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F03.msc01-j",{"title":3117,"path":3118,"stem":3119},"MSC02-J. Generate strong random numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F04.msc02-j",{"title":3121,"path":3122,"stem":3123},"MSC03-J. Never hard code sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F05.msc03-j",{"title":3125,"path":3126,"stem":3127},"MSC04-J. Do not leak memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F06.msc04-j",{"title":3129,"path":3130,"stem":3131},"MSC05-J. Do not exhaust heap space","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F07.msc05-j",{"title":3133,"path":3134,"stem":3135},"MSC06-J. Do not modify the underlying collection when an iteration is in progress","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F08.msc06-j",{"title":3137,"path":3138,"stem":3139},"MSC07-J. Prevent multiple instantiations of singleton objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F09.msc07-j",{"title":3141,"path":3142,"stem":3143},"MSC08-J. Do not store nonserializable objects as attributes in an HTTP session","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F10.msc08-j",{"title":3145,"path":3146,"stem":3147},"MSC09-J. For OAuth, ensure (a) [relying party receiving user's ID in last step] is same as (b) [relying party the access token was granted to].","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F11.msc09-j",{"title":3149,"path":3150,"stem":3151},"MSC10-J. Do not use OAuth 2.0 implicit grant (unmodified) for authentication","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F12.msc10-j",{"title":3153,"path":3154,"stem":3155},"MSC11-J. Do not let session information leak within a servlet","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F13.msc11-j",{"title":3157,"path":3158,"stem":3159,"children":3160},"Numeric Types and Operations (NUM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F01.index",[3161,3162,3166,3170,3174,3178,3182,3186,3190,3194,3198,3202,3206,3210],{"title":3157,"path":3158,"stem":3159},{"title":3163,"path":3164,"stem":3165},"NUM00-J. Detect or prevent integer overflow","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F02.num00-j",{"title":3167,"path":3168,"stem":3169},"NUM01-J. Do not perform bitwise and arithmetic operations on the same data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F03.num01-j",{"title":3171,"path":3172,"stem":3173},"NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F04.num02-j",{"title":3175,"path":3176,"stem":3177},"NUM03-J. Use integer types that can fully represent the possible range of unsigned data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F05.num03-j",{"title":3179,"path":3180,"stem":3181},"NUM04-J. Do not use floating-point numbers if precise computation is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F06.num04-j",{"title":3183,"path":3184,"stem":3185},"NUM07-J. Do not attempt comparisons with NaN","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F07.num07-j",{"title":3187,"path":3188,"stem":3189},"NUM08-J. Check floating-point inputs for exceptional values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F08.num08-j",{"title":3191,"path":3192,"stem":3193},"NUM09-J. Do not use floating-point variables as loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F09.num09-j",{"title":3195,"path":3196,"stem":3197},"NUM10-J. Do not construct BigDecimal objects from floating-point literals","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F10.num10-j",{"title":3199,"path":3200,"stem":3201},"NUM11-J. Do not compare or inspect the string representation of floating-point values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F11.num11-j",{"title":3203,"path":3204,"stem":3205},"NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F12.num12-j",{"title":3207,"path":3208,"stem":3209},"NUM13-J. Avoid loss of precision when converting primitive integers to floating-point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F13.num13-j",{"title":3211,"path":3212,"stem":3213},"NUM14-J. Use shift operators correctly","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F14.num14-j",{"title":3215,"path":3216,"stem":3217,"children":3218},"Object Orientation (OBJ)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F01.index",[3219,3220,3224,3228,3232,3236,3240,3244,3248,3252,3256,3260,3264,3268,3272],{"title":3215,"path":3216,"stem":3217},{"title":3221,"path":3222,"stem":3223},"OBJ01-J. Limit accessibility of fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F02.obj01-j",{"title":3225,"path":3226,"stem":3227},"OBJ02-J. Preserve dependencies in subclasses when changing superclasses","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F03.obj02-j",{"title":3229,"path":3230,"stem":3231},"OBJ03-J. Prevent heap pollution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F04.obj03-j",{"title":3233,"path":3234,"stem":3235},"OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F05.obj04-j",{"title":3237,"path":3238,"stem":3239},"OBJ05-J. Do not return references to private mutable class members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F06.obj05-j",{"title":3241,"path":3242,"stem":3243},"OBJ06-J. Defensively copy mutable inputs and mutable internal components","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F07.obj06-j",{"title":3245,"path":3246,"stem":3247},"OBJ07-J. Sensitive classes must not let themselves be copied","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F08.obj07-j",{"title":3249,"path":3250,"stem":3251},"OBJ08-J. Do not expose private members of an outer class from within a nested class","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F09.obj08-j",{"title":3253,"path":3254,"stem":3255},"OBJ09-J. Compare classes and not class names","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F10.obj09-j",{"title":3257,"path":3258,"stem":3259},"OBJ10-J. Do not use public static nonfinal fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F11.obj10-j",{"title":3261,"path":3262,"stem":3263},"OBJ11-J. Be wary of letting constructors throw exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F12.obj11-j",{"title":3265,"path":3266,"stem":3267},"OBJ12-J. Respect object-based annotations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F13.obj12-j",{"title":3269,"path":3270,"stem":3271},"OBJ13-J. Ensure that references to mutable objects are not exposed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F14.obj13-j",{"title":3273,"path":3274,"stem":3275},"OBJ14-J. Do not use an object that has been freed.","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F15.obj14-j",{"title":3277,"path":3278,"stem":3279,"children":3280},"Platform Security (SEC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F01.index",[3281,3282,3286,3290,3294,3298,3302,3306,3310,3314,3318,3322],{"title":3277,"path":3278,"stem":3279},{"title":3283,"path":3284,"stem":3285},"SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F02.sec00-j",{"title":3287,"path":3288,"stem":3289},"SEC01-J. Do not allow tainted variables in privileged blocks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F03.sec01-j",{"title":3291,"path":3292,"stem":3293},"SEC02-J. Do not base security checks on untrusted sources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F04.sec02-j",{"title":3295,"path":3296,"stem":3297},"SEC03-J. Do not load trusted classes after allowing untrusted code to load arbitrary classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F05.sec03-j",{"title":3299,"path":3300,"stem":3301},"SEC04-J. Protect sensitive operations with security manager checks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F06.sec04-j",{"title":3303,"path":3304,"stem":3305},"SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F07.sec05-j",{"title":3307,"path":3308,"stem":3309},"SEC06-J. Do not rely on the default automatic signature verification provided by URLClassLoader and java.util.jar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F08.sec06-j",{"title":3311,"path":3312,"stem":3313},"SEC07-J. Call the superclass's getPermissions() method when writing a custom class loader","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F09.sec07-j",{"title":3315,"path":3316,"stem":3317},"SEC08-J Trusted code must discard or clean any arguments provided by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F10.sec08-j",{"title":3319,"path":3320,"stem":3321},"SEC09-J Never leak the results of certain standard API methods from trusted code to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F11.sec09-j",{"title":3323,"path":3324,"stem":3325},"SEC10-J Never permit untrusted code to invoke any API that may (possibly transitively) invoke the reflection APIs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F12.sec10-j",{"title":3327,"path":3328,"stem":3329,"children":3330},"Runtime Environment (ENV)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F1.index",[3331,3332,3336,3340,3344,3354,3358,3362],{"title":3327,"path":3328,"stem":3329},{"title":3333,"path":3334,"stem":3335},"ENV00-J. Do not sign code that performs only unprivileged operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F2.env00-j",{"title":3337,"path":3338,"stem":3339},"ENV01-J. Place all security-sensitive code in a single JAR and sign and seal it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F3.env01-j",{"title":3341,"path":3342,"stem":3343},"ENV02-J. Do not trust the values of environment variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F4.env02-j",{"title":3345,"path":3346,"stem":3347,"children":3348},"ENV03-J. Do not grant dangerous combinations of permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F1.index",[3349,3350],{"title":3345,"path":3346,"stem":3347},{"title":3351,"path":3352,"stem":3353},"DUMMY ENV03-J","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j\u002Fdummy-env03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F2.dummy-env03-j",{"title":3355,"path":3356,"stem":3357},"ENV04-J. Do not disable bytecode verification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F6.env04-j",{"title":3359,"path":3360,"stem":3361},"ENV05-J. Do not deploy an application that can be remotely monitored","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F7.env05-j",{"title":3363,"path":3364,"stem":3365},"ENV06-J. Production code must not contain debugging entry points","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F8.env06-j",{"title":3367,"path":3368,"stem":3369,"children":3370},"Serialization (SER)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F01.index",[3371,3372,3376,3380,3384,3388,3392,3396,3400,3404,3408,3412,3416,3420],{"title":3367,"path":3368,"stem":3369},{"title":3373,"path":3374,"stem":3375},"SER00-J. Enable serialization compatibility during class evolution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F02.ser00-j",{"title":3377,"path":3378,"stem":3379},"SER01-J. Do not deviate from the proper signatures of serialization methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F03.ser01-j",{"title":3381,"path":3382,"stem":3383},"SER02-J. Sign then seal objects before sending them outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F04.ser02-j",{"title":3385,"path":3386,"stem":3387},"SER03-J. Do not serialize unencrypted sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F05.ser03-j",{"title":3389,"path":3390,"stem":3391},"SER04-J. Do not allow serialization and deserialization to bypass the security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F06.ser04-j",{"title":3393,"path":3394,"stem":3395},"SER05-J. Do not serialize instances of inner classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F07.ser05-j",{"title":3397,"path":3398,"stem":3399},"SER06-J. Make defensive copies of private mutable components during deserialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F08.ser06-j",{"title":3401,"path":3402,"stem":3403},"SER07-J. Do not use the default serialized form for classes with implementation-defined invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F09.ser07-j",{"title":3405,"path":3406,"stem":3407},"SER08-J. Minimize privileges before deserializing from a privileged context","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F10.ser08-j",{"title":3409,"path":3410,"stem":3411},"SER09-J. Do not invoke overridable methods from the readObject() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F11.ser09-j",{"title":3413,"path":3414,"stem":3415},"SER10-J. Avoid memory and resource leaks during serialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F12.ser10-j",{"title":3417,"path":3418,"stem":3419},"SER11-J. Prevent overwriting of externalizable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F13.ser11-j",{"title":3421,"path":3422,"stem":3423},"SER12-J. Prevent deserialization of untrusted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F14.ser12-j",{"title":3425,"path":3426,"stem":3427,"children":3428},"Thread APIs (THI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F1.index",[3429,3430,3434,3438,3442,3446,3450],{"title":3425,"path":3426,"stem":3427},{"title":3431,"path":3432,"stem":3433},"THI00-J. Do not invoke Thread.run()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F2.thi00-j",{"title":3435,"path":3436,"stem":3437},"THI01-J. Do not invoke ThreadGroup methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F3.thi01-j",{"title":3439,"path":3440,"stem":3441},"THI02-J. Notify all waiting threads rather than a single thread","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F4.thi02-j",{"title":3443,"path":3444,"stem":3445},"THI03-J. Always invoke wait() and await() methods inside a loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F5.thi03-j",{"title":3447,"path":3448,"stem":3449},"THI04-J. Ensure that threads performing blocking operations can be terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F6.thi04-j",{"title":3451,"path":3452,"stem":3453},"THI05-J. Do not use Thread.stop() to terminate threads","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F7.thi05-j",{"title":3455,"path":3456,"stem":3457,"children":3458},"Thread Pools (TPS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F1.index",[3459,3460,3464,3468,3472,3476],{"title":3455,"path":3456,"stem":3457},{"title":3461,"path":3462,"stem":3463},"TPS00-J. Use thread pools to enable graceful degradation of service during traffic bursts","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F2.tps00-j",{"title":3465,"path":3466,"stem":3467},"TPS01-J. Do not execute interdependent tasks in a bounded thread pool","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F3.tps01-j",{"title":3469,"path":3470,"stem":3471},"TPS02-J. Ensure that tasks submitted to a thread pool are interruptible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F4.tps02-j",{"title":3473,"path":3474,"stem":3475},"TPS03-J. Ensure that tasks executing in a thread pool do not fail silently","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F5.tps03-j",{"title":3477,"path":3478,"stem":3479},"TPS04-J. Ensure ThreadLocal variables are reinitialized when using thread pools","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F6.tps04-j",{"title":3481,"path":3482,"stem":3483,"children":3484},"Thread-Safety Miscellaneous (TSM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F1.index",[3485,3486,3490,3494,3498],{"title":3481,"path":3482,"stem":3483},{"title":3487,"path":3488,"stem":3489},"TSM00-J. Do not override thread-safe methods with methods that are not thread-safe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F2.tsm00-j",{"title":3491,"path":3492,"stem":3493},"TSM01-J. Do not let the this reference escape during object construction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F3.tsm01-j",{"title":3495,"path":3496,"stem":3497},"TSM02-J. Do not use background threads during class initialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F4.tsm02-j",{"title":3499,"path":3500,"stem":3501},"TSM03-J. Do not publish partially initialized objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F5.tsm03-j",{"title":3503,"path":3504,"stem":3505,"children":3506},"Visibility and Atomicity (VNA)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F1.index",[3507,3508,3512,3516,3520,3524,3528],{"title":3503,"path":3504,"stem":3505},{"title":3509,"path":3510,"stem":3511},"VNA00-J. Ensure visibility when accessing shared primitive variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F2.vna00-j",{"title":3513,"path":3514,"stem":3515},"VNA01-J. Ensure visibility of shared references to immutable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F3.vna01-j",{"title":3517,"path":3518,"stem":3519},"VNA02-J. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F4.vna02-j",{"title":3521,"path":3522,"stem":3523},"VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F5.vna03-j",{"title":3525,"path":3526,"stem":3527},"VNA04-J. Ensure that calls to chained methods are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F6.vna04-j",{"title":3529,"path":3530,"stem":3531},"VNA05-J. Ensure atomicity when reading and writing 64-bit values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F7.vna05-j",{"title":3533,"path":3534,"stem":3535,"children":3536},"Recommendations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F01.index",[3537,3538,3551,3569,3622,3647,3676,3697,3730,3761,3822,3847,3879],{"title":3533,"path":3534,"stem":3535},{"title":2705,"path":3539,"stem":3540,"children":3541},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F1.index",[3542,3543,3547],{"title":2705,"path":3539,"stem":3540},{"title":3544,"path":3545,"stem":3546},"STR50-J. Use the appropriate method for counting characters in a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F2.str50-j",{"title":3548,"path":3549,"stem":3550},"STR51-J. Use the charset encoder and decoder classes when more control over the encoding process is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F3.str51-j",{"title":3552,"path":3553,"stem":3554,"children":3555},"Concurrency (CON)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F1.index",[3556,3557,3561,3565],{"title":3552,"path":3553,"stem":3554},{"title":3558,"path":3559,"stem":3560},"CON50-J. Do not assume that declaring a reference volatile guarantees safe publication of the members of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F2.con50-j",{"title":3562,"path":3563,"stem":3564},"CON51-J. Do not assume that the sleep(), yield(), or getState() methods provide synchronization semantics","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F3.con51-j",{"title":3566,"path":3567,"stem":3568},"CON52-J. Document thread-safety and use annotations where applicable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F4.con52-j",{"title":2731,"path":3570,"stem":3571,"children":3572},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F01.index",[3573,3574,3578,3582,3586,3590,3594,3598,3602,3606,3610,3614,3618],{"title":2731,"path":3570,"stem":3571},{"title":3575,"path":3576,"stem":3577},"DCL50-J. Use visually distinct identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F02.dcl50-j",{"title":3579,"path":3580,"stem":3581},"DCL51-J. Do not shadow or obscure identifiers in subscopes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F03.dcl51-j",{"title":3583,"path":3584,"stem":3585},"DCL52-J. Do not declare more than one variable per declaration","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F04.dcl52-j",{"title":3587,"path":3588,"stem":3589},"DCL53-J. Minimize the scope of variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F05.dcl53-j",{"title":3591,"path":3592,"stem":3593},"DCL54-J. Use meaningful symbolic constants to represent literal values in program logic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F06.dcl54-j",{"title":3595,"path":3596,"stem":3597},"DCL55-J. Properly encode relationships in constant definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F07.dcl55-j",{"title":3599,"path":3600,"stem":3601},"DCL56-J. Do not attach significance to the ordinal associated with an enum","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F08.dcl56-j",{"title":3603,"path":3604,"stem":3605},"DCL57-J. Avoid ambiguous overloading of variable arity methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F09.dcl57-j",{"title":3607,"path":3608,"stem":3609},"DCL58-J. Enable compile-time type checking of variable arity parameter types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F10.dcl58-j",{"title":3611,"path":3612,"stem":3613},"DCL59-J. Do not apply public final to constants whose value might change in later releases","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F11.dcl59-j",{"title":3615,"path":3616,"stem":3617},"DCL60-J. Avoid cyclic dependencies between packages","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F12.dcl60-j",{"title":3619,"path":3620,"stem":3621},"DCL61-J. Do not use raw types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F13.dcl61-j",{"title":2749,"path":3623,"stem":3624,"children":3625},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F1.index",[3626,3627,3631,3635,3639,3643],{"title":2749,"path":3623,"stem":3624},{"title":3628,"path":3629,"stem":3630},"ERR50-J. Use exceptions only for exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F2.err50-j",{"title":3632,"path":3633,"stem":3634},"ERR51-J. Prefer user-defined exceptions over more general exception types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F3.err51-j",{"title":3636,"path":3637,"stem":3638},"ERR52-J. Avoid in-band error indicators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F4.err52-j",{"title":3640,"path":3641,"stem":3642},"ERR53-J. Try to gracefully recover from system errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F5.err53-j",{"title":3644,"path":3645,"stem":3646},"ERR54-J. Use a try-with-resources statement to safely handle closeable resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F6.err54-j",{"title":2795,"path":3648,"stem":3649,"children":3650},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F1.index",[3651,3652,3656,3660,3664,3668,3672],{"title":2795,"path":3648,"stem":3649},{"title":3653,"path":3654,"stem":3655},"EXP50-J. Do not confuse abstract object equality with reference equality","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F2.exp50-j",{"title":3657,"path":3658,"stem":3659},"EXP51-J. Do not perform assignments in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F3.exp51-j",{"title":3661,"path":3662,"stem":3663},"EXP52-J. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F4.exp52-j",{"title":3665,"path":3666,"stem":3667},"EXP53-J. Use parentheses for precedence of operation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F5.exp53-j",{"title":3669,"path":3670,"stem":3671},"EXP54-J. Understand the differences between bitwise and logical operators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F6.exp54-j",{"title":3673,"path":3674,"stem":3675},"EXP55-J. Use the same type for the second and third operands in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F7.exp55-j",{"title":2833,"path":3677,"stem":3678,"children":3679},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F1.index",[3680,3681,3685,3689,3693],{"title":2833,"path":3677,"stem":3678},{"title":3682,"path":3683,"stem":3684},"FIO50-J. Do not make assumptions about file creation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F2.fio50-j",{"title":3686,"path":3687,"stem":3688},"FIO51-J. Identify files using multiple file attributes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F3.fio51-j",{"title":3690,"path":3691,"stem":3692},"FIO52-J. Do not store unencrypted sensitive information on the client side","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F4.fio52-j",{"title":3694,"path":3695,"stem":3696},"FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F5.fio53-j",{"title":2907,"path":3698,"stem":3699,"children":3700},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F1.index",[3701,3702,3706,3710,3714,3718,3722,3726],{"title":2907,"path":3698,"stem":3699},{"title":3703,"path":3704,"stem":3705},"IDS50-J. Use conservative file naming conventions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F2.ids50-j",{"title":3707,"path":3708,"stem":3709},"IDS51-J. Properly encode or escape output","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F3.ids51-j",{"title":3711,"path":3712,"stem":3713},"IDS52-J. Prevent code injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F4.ids52-j",{"title":3715,"path":3716,"stem":3717},"IDS53-J. Prevent XPath Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F5.ids53-j",{"title":3719,"path":3720,"stem":3721},"IDS54-J. Prevent LDAP injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F6.ids54-j",{"title":3723,"path":3724,"stem":3725},"IDS55-J. Understand how escape characters are interpreted when strings are loaded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F7.ids55-j",{"title":3727,"path":3728,"stem":3729},"IDS56-J. Prevent arbitrary file upload","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F8.ids56-j",{"title":3041,"path":3731,"stem":3732,"children":3733},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F1.index",[3734,3735,3739,3743,3745,3749,3753,3757],{"title":3041,"path":3731,"stem":3732},{"title":3736,"path":3737,"stem":3738},"MET50-J. Avoid ambiguous or confusing uses of overloading","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F2.met50-j",{"title":3740,"path":3741,"stem":3742},"MET51-J. Do not use overloaded methods to differentiate between runtime types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F3.met51-j",{"title":65,"path":64,"stem":3744},"6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F4.met52-j",{"title":3746,"path":3747,"stem":3748},"MET53-J. Ensure that the clone() method calls super.clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F5.met53-j",{"title":3750,"path":3751,"stem":3752},"MET54-J. Always provide feedback about the resulting value of a method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F6.met54-j",{"title":3754,"path":3755,"stem":3756},"MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F7.met55-j",{"title":3758,"path":3759,"stem":3760},"MET56-J. Do not use Object.equals() to compare cryptographic keys","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F8.met56-j",{"title":3103,"path":3762,"stem":3763,"children":3764},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F01.index",[3765,3766,3770,3774,3778,3782,3786,3790,3794,3798,3802,3806,3810,3814,3818],{"title":3103,"path":3762,"stem":3763},{"title":3767,"path":3768,"stem":3769},"MSC50-J. Minimize the scope of the @SuppressWarnings annotation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F02.msc50-j",{"title":3771,"path":3772,"stem":3773},"MSC51-J. Do not place a semicolon immediately following an if, for, or while condition","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F03.msc51-j",{"title":3775,"path":3776,"stem":3777},"MSC52-J. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F04.msc52-j",{"title":3779,"path":3780,"stem":3781},"MSC53-J. Carefully design interfaces before releasing them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F05.msc53-j",{"title":3783,"path":3784,"stem":3785},"MSC54-J. Avoid inadvertent wrapping of loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F06.msc54-j",{"title":3787,"path":3788,"stem":3789},"MSC55-J. Use comments consistently and in a readable fashion","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F07.msc55-j",{"title":3791,"path":3792,"stem":3793},"MSC56-J. Detect and remove superfluous code and values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F08.msc56-j",{"title":3795,"path":3796,"stem":3797},"MSC57-J. Strive for logical completeness","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F09.msc57-j",{"title":3799,"path":3800,"stem":3801},"MSC58-J. Prefer using iterators over enumerations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F10.msc58-j",{"title":3803,"path":3804,"stem":3805},"MSC59-J. Limit the lifetime of sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F11.msc59-j",{"title":3807,"path":3808,"stem":3809},"MSC60-J. Do not use assertions to verify the absence of runtime errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F12.msc60-j",{"title":3811,"path":3812,"stem":3813},"MSC61-J. Do not use insecure or weak cryptographic algorithms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F13.msc61-j",{"title":3815,"path":3816,"stem":3817},"MSC62-J. Store passwords using a hash function","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc62-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F14.msc62-j",{"title":3819,"path":3820,"stem":3821},"MSC63-J. Ensure that SecureRandom is properly seeded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc63-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F15.msc63-j",{"title":3157,"path":3823,"stem":3824,"children":3825},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F1.index",[3826,3827,3831,3835,3839,3843],{"title":3157,"path":3823,"stem":3824},{"title":3828,"path":3829,"stem":3830},"NUM50-J. Convert integers to floating point for floating-point operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F2.num50-j",{"title":3832,"path":3833,"stem":3834},"NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F3.num51-j",{"title":3836,"path":3837,"stem":3838},"NUM52-J. Be aware of numeric promotion behavior","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F4.num52-j",{"title":3840,"path":3841,"stem":3842},"NUM53-J. Use the strictfp modifier for floating-point calculation consistency across platforms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F5.num53-j",{"title":3844,"path":3845,"stem":3846},"NUM54-J. Do not use denormalized numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F6.num54-j",{"title":3215,"path":3848,"stem":3849,"children":3850},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F01.index",[3851,3852,3856,3860,3864,3868,3872,3876,3877,3878],{"title":3215,"path":3848,"stem":3849},{"title":3853,"path":3854,"stem":3855},"OBJ50-J. Never confuse the immutability of a reference with that of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F02.obj50-j",{"title":3857,"path":3858,"stem":3859},"OBJ51-J. Minimize the accessibility of classes and their members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F03.obj51-j",{"title":3861,"path":3862,"stem":3863},"OBJ52-J. Write garbage-collection-friendly code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F04.obj52-j",{"title":3865,"path":3866,"stem":3867},"OBJ53-J. Do not use direct buffers for short-lived, infrequently used objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F05.obj53-j",{"title":3869,"path":3870,"stem":3871},"OBJ54-J. Do not attempt to help the garbage collector by setting local reference variables to null","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F06.obj54-j",{"title":3873,"path":3874,"stem":3875},"OBJ55-J. Remove short-lived objects from long-lived container objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F07.obj55-j",{"title":2542,"path":2488,"stem":2543},{"title":30,"path":2536,"stem":2538},{"title":2545,"path":2501,"stem":2546},{"title":3277,"path":3880,"stem":3881,"children":3882},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F01.index",[3883,3884,3888,3892,3896,3900,3904,3908,3912,3916],{"title":3277,"path":3880,"stem":3881},{"title":3885,"path":3886,"stem":3887},"SEC50-J. Avoid granting excess privileges","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F02.sec50-j",{"title":3889,"path":3890,"stem":3891},"SEC51-J. Minimize privileged code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F03.sec51-j",{"title":3893,"path":3894,"stem":3895},"SEC52-J. Do not expose methods that use reduced-security checks to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F04.sec52-j",{"title":3897,"path":3898,"stem":3899},"SEC53-J. Define custom security permissions for fine-grained security","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F05.sec53-j",{"title":3901,"path":3902,"stem":3903},"SEC54-J. Create a secure sandbox using a security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F06.sec54-j",{"title":3905,"path":3906,"stem":3907},"SEC55-J. Ensure that security-sensitive methods are called with validated arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F07.sec55-j",{"title":3909,"path":3910,"stem":3911},"SEC56-J. Do not serialize direct handles to system resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F08.sec56-j",{"title":3913,"path":3914,"stem":3915},"SEC57-J. Do not let untrusted code misuse privileges of callback methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F09.sec57-j",{"title":3917,"path":3918,"stem":3919},"SEC58-J. Deserialization methods should not perform potentially dangerous operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F10.sec58-j",{"title":3921,"path":3922,"stem":3923,"children":3924},"Back Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F1.index",[3925,3926,3930,3934,3938,3942,4068,4094],{"title":3921,"path":3922,"stem":3923},{"title":3927,"path":3928,"stem":3929},"Rec. AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F2.rec-aa-references",{"title":3931,"path":3932,"stem":3933},"Rec. BB. Definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-bb-definitions","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F3.rec-bb-definitions",{"title":3935,"path":3936,"stem":3937},"Rule AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F4.rule-aa-references",{"title":3939,"path":3940,"stem":3941},"Rule BB. Glossary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-bb-glossary","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F5.rule-bb-glossary",{"title":3943,"path":3944,"stem":3945,"children":3946},"Rule or Rec. CC. Analyzers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F01.index",[3947,3948,3952,3956,3960,3964,3968,3972,3976,3980,3984,3988,3992,3996,4000,4004,4008,4012,4016,4020,4024,4028,4032,4036,4040,4044,4048,4052,4056,4060,4064],{"title":3943,"path":3944,"stem":3945},{"title":3949,"path":3950,"stem":3951},"CodeSonar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F02.codesonar",{"title":3953,"path":3954,"stem":3955},"CodeSonar_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F03.codesonar_v",{"title":3957,"path":3958,"stem":3959},"Coverity","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F04.coverity",{"title":3961,"path":3962,"stem":3963},"Coverity_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F05.coverity_v",{"title":3965,"path":3966,"stem":3967},"Eclipse","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F06.eclipse",{"title":3969,"path":3970,"stem":3971},"Eclipse_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F07.eclipse_v",{"title":3973,"path":3974,"stem":3975},"Error Prone","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F08.error-prone",{"title":3977,"path":3978,"stem":3979},"Error Prone_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F09.error-prone_v",{"title":3981,"path":3982,"stem":3983},"Findbugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F10.findbugs",{"title":3985,"path":3986,"stem":3987},"Findbugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F11.findbugs_v",{"title":3989,"path":3990,"stem":3991},"Fortify","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F12.fortify",{"title":3993,"path":3994,"stem":3995},"Fortify_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F13.fortify_v",{"title":3997,"path":3998,"stem":3999},"Klocwork","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F14.klocwork",{"title":4001,"path":4002,"stem":4003},"Klocwork_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F15.klocwork_v",{"title":4005,"path":4006,"stem":4007},"Parasoft","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F16.parasoft",{"title":4009,"path":4010,"stem":4011},"Parasoft_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F17.parasoft_v",{"title":4013,"path":4014,"stem":4015},"Pmd","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F18.pmd",{"title":4017,"path":4018,"stem":4019},"Pmd_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F19.pmd_v",{"title":4021,"path":4022,"stem":4023},"PVS-Studio","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F20.pvs-studio",{"title":4025,"path":4026,"stem":4027},"PVS-Studio_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F21.pvs-studio_v",{"title":4029,"path":4030,"stem":4031},"Security Reviewer - Static Reviewer","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F22.security-reviewer-static-reviewer",{"title":4033,"path":4034,"stem":4035},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F23.security-reviewer-static-reviewer_v",{"title":4037,"path":4038,"stem":4039},"SonarQube","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F24.sonarqube",{"title":4041,"path":4042,"stem":4043},"SonarQube_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F25.sonarqube_v",{"title":4045,"path":4046,"stem":4047},"SpotBugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F26.spotbugs",{"title":4049,"path":4050,"stem":4051},"SpotBugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F27.spotbugs_v",{"title":4053,"path":4054,"stem":4055},"The Checker Framework","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F28.the-checker-framework",{"title":4057,"path":4058,"stem":4059},"The Checker Framework_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F29.the-checker-framework_v",{"title":4061,"path":4062,"stem":4063},"ThreadSafe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F30.threadsafe",{"title":4065,"path":4066,"stem":4067},"ThreadSafe_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F31.threadsafe_v",{"title":4069,"path":4070,"stem":4071,"children":4072},"Rule or Rec. DD. Related Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F1.index",[4073,4074,4078,4082,4086,4090],{"title":4069,"path":4070,"stem":4071},{"title":4075,"path":4076,"stem":4077},"2010","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F2.2010","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F2.2010",{"title":4079,"path":4080,"stem":4081},"2013","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F3.2013","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F3.2013",{"title":4083,"path":4084,"stem":4085},"MITRE CAPEC","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-capec","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F4.mitre-capec",{"title":4087,"path":4088,"stem":4089},"MITRE CWE","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-cwe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F5.mitre-cwe",{"title":4091,"path":4092,"stem":4093},"SECURE CODING GUIDELINES FOR JAVA SE, VERSION 5.0","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fsecure-coding-guidelines-for-java-se-version-50","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F6.secure-coding-guidelines-for-java-se-version-50",{"title":4095,"path":4096,"stem":4097},"Rule or Rec. EE. Risk Assessments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-ee-risk-assessments","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F8.rule-or-rec-ee-risk-assessments",{"title":4099,"path":4100,"stem":4101,"children":4102},"Admin","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F1.index",[4103,4104,4108,4112,4116,4120],{"title":4099,"path":4100,"stem":4101},{"title":4105,"path":4106,"stem":4107},"All Guidelines with Classification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fall-guidelines-with-classification","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F2.all-guidelines-with-classification",{"title":4109,"path":4110,"stem":4111},"Normative Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fnormative-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F3.normative-guidelines",{"title":4113,"path":4114,"stem":4115},"Tech-edit","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftech-edit","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F4.tech-edit",{"title":4117,"path":4118,"stem":4119},"TODO List","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftodo-list","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F5.todo-list",{"title":4117,"path":4118,"stem":4121},"6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F6.todo-list",1775657808448]