Object Orientation (OBJ)
Rules
- OBJ01-J. Limit accessibility of fields
- OBJ02-J. Preserve dependencies in subclasses when changing superclasses
- OBJ03-J. Prevent heap pollution
- OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
- OBJ05-J. Do not return references to private mutable class members
- OBJ06-J. Defensively copy mutable inputs and mutable internal components
- OBJ07-J. Sensitive classes must not let themselves be copied
- OBJ08-J. Do not expose private members of an outer class from within a nested class
- OBJ09-J. Compare classes and not class names
- OBJ10-J. Do not use public static nonfinal fields
- OBJ11-J. Be wary of letting constructors throw exceptions
- OBJ12-J. Respect object-based annotations
- OBJ13-J. Ensure that references to mutable objects are not exposed
- OBJ14-J. Do not use an object that has been freed.
Risk Assessment Summary
| Rule | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
| OBJ01-J | Medium | Likely | No | No | P6 | L2 |
| OBJ02-J | Medium | Probable | No | No | P4 | L3 |
| OBJ03-J | Low | Probable | Yes | No | P4 | L3 |
| OBJ04-J | Low | Likely | No | No | P3 | L3 |
| OBJ05-J | High | Probable | Yes | No | P12 | L1 |
| OBJ06-J | Medium | Probable | No | No | P4 | L3 |
| OBJ07-J | Medium | Probable | No | No | P4 | L3 |
| OBJ08-J | Medium | Probable | No | No | P4 | L3 |
| OBJ09-J | High | Unlikely | Yes | No | P6 | L2 |
| OBJ10-J | Medium | Probable | Yes | No | P8 | L2 |
| OBJ11-J | High | Probable | Yes | No | P12 | L1 |
| OBJ13-J | Medium | Likely | Yes | No | P12 | L1 |
| OBJ14-J | Medium | Likely | No | No | P6 | L2 |
