[{"data":1,"prerenderedAt":2325},["ShallowReactive",2],{"global-navigation":3,"page-\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser05-j":28,"surround-\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser05-j":748,"sidebar-sei-cert-oracle-coding-standard-for-java":755},[4,8],{"title":5,"path":6,"_path":6,"fromAppConfig":7},"Home","\u002F",true,{"title":9,"path":10,"children":11,"_path":27,"fromAppConfig":7},"Coding Standards","\u002Fcoding-standards\u002F",[12,15,18,21,24],{"title":13,"path":14},"Android Coding Standard","\u002Fandroid-secure-coding-standard\u002F",{"title":16,"path":17},"C Coding Standard","\u002Fsei-cert-c-coding-standard\u002F",{"title":19,"path":20},"C++ Coding Standard","\u002Fsei-cert-cpp-coding-standard\u002F",{"title":22,"path":23},"Java Coding Standard","\u002Fsei-cert-oracle-coding-standard-for-java\u002F",{"title":25,"path":26},"Perl Coding Standard","\u002Fsei-cert-perl-coding-standard\u002F","\u002Fcoding-standards",{"id":29,"title":30,"body":31,"description":735,"extension":736,"meta":737,"navigation":7,"path":744,"seo":745,"stem":746,"__hash__":747},"content\u002F6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F07.ser05-j.md","SER05-J. Do not serialize instances of inner classes",{"type":32,"value":33,"toc":725},"minimark",[34,38,53,102,105,108,113,116,216,220,231,289,292,302,366,370,373,440,445,448,566,570,600,604,696,699,721],[35,36,30],"h1",{"id":37},"ser05-j-do-not-serialize-instances-of-inner-classes",[39,40,41,42,47,48,52],"p",{},"\"An inner class is a nested class that is not explicitly or implicitly declared static\" [ ",[43,44,46],"a",{"href":45},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references#RuleAA.References-JLS15","JLS 2015"," ]. Serialization of inner classes (including local and anonymous classes) is error prone. According to the Serialization Specification [ ",[43,49,51],{"href":50},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references#RuleAA.References-Sun06","Sun 2006"," ]:",[54,55,56,63,73,82],"blockquote",{},[57,58,59],"ul",{},[60,61,62],"li",{},"Serializing an inner class declared in a non-static context that contains implicit non-transient references to enclosing class instances results in serialization of its associated outer class instance.",[57,64,65],{},[60,66,67,68,72],{},"Synthetic fields generated by Java compilers to implement inner classes are implementation dependent and may vary between compilers; differences in such fields can disrupt compatibility as well as result in conflicting default ",[69,70,71],"code",{},"serialVersionUID"," values. The names assigned to local and anonymous inner classes are also implementation dependent and may differ between compilers.",[57,74,75],{},[60,76,77,78,81],{},"Because inner classes cannot declare static members other than compile-time constant fields, they cannot use the ",[69,79,80],{},"serialPersistentFields"," mechanism to designate serializable fields.",[57,83,84],{},[60,85,86,87,90,91,93,94,97,98,101],{},"Because inner classes associated with outer instances do not have zero-argument constructors (constructors of such inner classes implicitly accept the enclosing instance as a prepended parameter), they cannot implement ",[69,88,89],{},"Externalizable"," . The ",[69,92,89],{}," interface requires the implementing object to manually save and restore its state using the ",[69,95,96],{},"writeExternal()"," and ",[69,99,100],{},"readExternal()"," methods.",[39,103,104],{},"Consequently, programs must not serialize inner classes.",[39,106,107],{},"Because none of these issues apply to static member classes, serialization of static member classes is permitted.",[109,110,112],"h2",{"id":111},"noncompliant-code-example","Noncompliant Code Example",[39,114,115],{},"In this noncompliant code example, the fields contained within the outer class are serialized when the inner class is serialized:",[117,118,120],"code-block",{"quality":119},"bad",[121,122,127],"pre",{"className":123,"code":124,"language":125,"meta":126,"style":126},"language-java shiki shiki-themes github-light github-dark monokai","public class OuterSer implements Serializable {\n  private int rank;\n  class InnerSer implements Serializable {\n    protected String name;\n    \u002F\u002F ...\n  }\n}\n","java","",[69,128,129,156,169,184,197,204,210],{"__ignoreMap":126},[130,131,134,138,141,145,148,152],"span",{"class":132,"line":133},"line",1,[130,135,137],{"class":136},"sC2Qs","public",[130,139,140],{"class":136}," class",[130,142,144],{"class":143},"sz2Vg"," OuterSer",[130,146,147],{"class":136}," implements",[130,149,151],{"class":150},"s30JN"," Serializable",[130,153,155],{"class":154},"sMOD_"," {\n",[130,157,159,162,166],{"class":132,"line":158},2,[130,160,161],{"class":136},"  private",[130,163,165],{"class":164},"sq6CD"," int",[130,167,168],{"class":154}," rank;\n",[130,170,172,175,178,180,182],{"class":132,"line":171},3,[130,173,174],{"class":136},"  class",[130,176,177],{"class":143}," InnerSer",[130,179,147],{"class":136},[130,181,151],{"class":150},[130,183,155],{"class":154},[130,185,187,190,194],{"class":132,"line":186},4,[130,188,189],{"class":136},"    protected",[130,191,193],{"class":192},"sk8M1"," String",[130,195,196],{"class":154}," name;\n",[130,198,200],{"class":132,"line":199},5,[130,201,203],{"class":202},"s8-w5","    \u002F\u002F ...\n",[130,205,207],{"class":132,"line":206},6,[130,208,209],{"class":154},"  }\n",[130,211,213],{"class":132,"line":212},7,[130,214,215],{"class":154},"}\n",[109,217,219],{"id":218},"compliant-solution","Compliant Solution",[39,221,222,223,226,227,230],{},"The ",[69,224,225],{},"InnerSer"," class of this compliant solution deliberately fails to implement the ",[69,228,229],{},"Serializable"," interface:",[117,232,234],{"quality":233},"good",[121,235,237],{"className":123,"code":236,"language":125,"meta":126,"style":126},"public class OuterSer implements Serializable {\n  private int rank;\n  class InnerSer {\n    protected String name;\n    \u002F\u002F ...\n  }\n}\n",[69,238,239,253,261,269,277,281,285],{"__ignoreMap":126},[130,240,241,243,245,247,249,251],{"class":132,"line":133},[130,242,137],{"class":136},[130,244,140],{"class":136},[130,246,144],{"class":143},[130,248,147],{"class":136},[130,250,151],{"class":150},[130,252,155],{"class":154},[130,254,255,257,259],{"class":132,"line":158},[130,256,161],{"class":136},[130,258,165],{"class":164},[130,260,168],{"class":154},[130,262,263,265,267],{"class":132,"line":171},[130,264,174],{"class":136},[130,266,177],{"class":143},[130,268,155],{"class":154},[130,270,271,273,275],{"class":132,"line":186},[130,272,189],{"class":136},[130,274,193],{"class":192},[130,276,196],{"class":154},[130,278,279],{"class":132,"line":199},[130,280,203],{"class":202},[130,282,283],{"class":132,"line":206},[130,284,209],{"class":154},[130,286,287],{"class":132,"line":212},[130,288,215],{"class":154},[109,290,219],{"id":291},"compliant-solution-1",[39,293,294,295,297,298,301],{},"If an inner and outer class must both be ",[69,296,229],{}," , the inner class can be declared ",[69,299,300],{},"static"," to prevent a serialized inner class from also serializing its outer class.",[117,303,304],{"quality":233},[121,305,307],{"className":123,"code":306,"language":125,"meta":126,"style":126},"public class OuterSer implements Serializable {\n  private int rank;\n  static class InnerSer implements Serializable {\n    protected String name;\n    \u002F\u002F ...\n  }\n}\n",[69,308,309,323,331,346,354,358,362],{"__ignoreMap":126},[130,310,311,313,315,317,319,321],{"class":132,"line":133},[130,312,137],{"class":136},[130,314,140],{"class":136},[130,316,144],{"class":143},[130,318,147],{"class":136},[130,320,151],{"class":150},[130,322,155],{"class":154},[130,324,325,327,329],{"class":132,"line":158},[130,326,161],{"class":136},[130,328,165],{"class":164},[130,330,168],{"class":154},[130,332,333,336,338,340,342,344],{"class":132,"line":171},[130,334,335],{"class":136},"  static",[130,337,140],{"class":136},[130,339,177],{"class":143},[130,341,147],{"class":136},[130,343,151],{"class":150},[130,345,155],{"class":154},[130,347,348,350,352],{"class":132,"line":186},[130,349,189],{"class":136},[130,351,193],{"class":192},[130,353,196],{"class":154},[130,355,356],{"class":132,"line":199},[130,357,203],{"class":202},[130,359,360],{"class":132,"line":206},[130,361,209],{"class":154},[130,363,364],{"class":132,"line":212},[130,365,215],{"class":154},[109,367,369],{"id":368},"risk-assessment","Risk Assessment",[39,371,372],{},"Serialization of inner classes can introduce platform dependencies and can cause serialization of instances of the outer class.",[374,375,376,377,376,407],"table",{},"\n  ",[378,379,380,381,376],"thead",{},"\n    ",[382,383,384,385,384,389,384,392,384,395,384,398,384,401,384,404,380],"tr",{},"\n      ",[386,387,388],"th",{},"Rule",[386,390,391],{},"Severity",[386,393,394],{},"Likelihood",[386,396,397],{},"Detectable",[386,399,400],{},"Repairable",[386,402,403],{},"Priority",[386,405,406],{},"Level",[408,409,380,410,376],"tbody",{},[382,411,384,412,384,416,384,419,384,422,384,425,384,428,384,435,380],{},[413,414,415],"td",{},"SER05-J",[413,417,418],{},"Medium",[413,420,421],{},"Likely",[413,423,424],{},"Yes",[413,426,427],{},"No",[413,429,431],{"style":430},"color: #e74c3c;",[432,433,434],"b",{},"P12",[413,436,437],{"style":430},[432,438,439],{},"L1",[441,442,444],"h3",{"id":443},"automated-detection","Automated Detection",[39,446,447],{},"Detection of inner classes that implement serialization is straightforward.",[374,449,452],{"className":450},[451],"wrapped",[408,453,454,470,501,527],{},[382,455,458,461,464,467],{"className":456},[457],"header",[386,459,460],{},"Tool",[386,462,463],{},"Version",[386,465,466],{},"Checker",[386,468,469],{},"Description",[382,471,474,480,490,496],{"className":472},[473],"odd",[413,475,476],{},[43,477,479],{"href":478},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork","Klocwork",[413,481,482],{},[483,484,487],"div",{"className":485},[486],"content-wrapper",[39,488,489],{},"2025.2",[413,491,492],{},[493,494,495],"strong",{},"JAVA.SERIALIZE.INNER",[413,497,498],{},[499,500],"br",{},[382,502,505,511,519,524],{"className":503},[504],"even",[413,506,507],{},[43,508,510],{"href":509},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer","Security Reviewer - Static Reviewer",[413,512,513],{},[483,514,516],{"className":515},[486],[39,517,518],{},"6.02",[413,520,521],{},[493,522,523],{},"InnerClassSerializable",[413,525,526],{},"Full Implementation",[382,528,530,536,542,556],{"className":529},[473],[413,531,532],{},[43,533,535],{"href":534},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube","SonarQube",[413,537,538],{},[483,539,541],{"className":540},[486],"9.9",[413,543,544],{},[493,545,546,550,552],{},[43,547,549],{"href":548},"https:\u002F\u002Frules.sonarsource.com\u002Fjava\u002FRSPEC-2066","S2066",[499,551],{},[43,553,555],{"href":554},"https:\u002F\u002Frules.sonarsource.com\u002Fjava\u002FRSPEC-2059","S2059",[413,557,558,561,563],{},[43,559,560],{"href":548},"\"Serializable\" inner classes of non-serializable classes should be \"static\"",[499,562],{},[43,564,565],{"href":554},"\"Serializable\" inner classes of \"Serializable\" classes should be static",[109,567,569],{"id":568},"related-guidelines","Related Guidelines",[374,571,572,580],{},[378,573,574],{},[382,575,576,578],{},[386,577],{},[386,579],{},[408,581,582],{},[382,583,584,592],{},[413,585,586],{},[43,587,591],{"href":588,"rel":589},"http:\u002F\u002Fcwe.mitre.org\u002F",[590],"nofollow","MITRE CWE",[413,593,594,599],{},[43,595,598],{"href":596,"rel":597},"http:\u002F\u002Fcwe.mitre.org\u002Fdata\u002Fdefinitions\u002F499.html",[590],"CWE-499"," , Serializable Class Containing Sensitive Data",[109,601,603],{"id":602},"bibliography","Bibliography",[374,605,607,616],{"className":606},[451],[608,609,610,614],"colgroup",{},[611,612],"col",{"style":613},"width: 50%",[611,615],{"style":613},[408,617,618,645,661,678],{},[382,619,621,631],{"className":620},[473],[413,622,623],{},[39,624,625,626,630],{},"[ ",[43,627,629],{"href":628},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references#RuleAA.References-API14","API 2014"," ]",[413,632,633],{},[39,634,635,639,641],{},[43,636,638],{"href":637},"https:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F8\u002Fdocs\u002Fapi\u002Fjava\u002Fio\u002FExternalizable.html","Interface Externalizable",[499,640],{},[43,642,644],{"href":643},"https:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002F8\u002Fdocs\u002Fapi\u002Fjava\u002Fio\u002FSerializable.html","Interface Serializable",[382,646,648,656],{"className":647},[504],[413,649,650],{},[39,651,625,652,630],{},[43,653,655],{"href":654},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references#RuleAA.References-Bloch08","Bloch 2008",[413,657,658],{},[39,659,660],{},"Item 74, \"Implement Serialization Judiciously\"",[382,662,664,670],{"className":663},[473],[413,665,666],{},[39,667,625,668,630],{},[43,669,46],{"href":45},[413,671,672],{},[39,673,674],{},[43,675,677],{"href":676},"http:\u002F\u002Fdocs.oracle.com\u002Fjavase\u002Fspecs\u002Fjls\u002Fse8\u002Fhtml\u002Fjls-8.html#jls-8.1.3","§8.1.3, \"Inner Classes and Enclosing Instances\"",[382,679,681,687],{"className":680},[504],[413,682,683],{},[39,684,625,685,630],{},[43,686,51],{"href":50},[413,688,689],{},[39,690,691,692],{},"Serialization Specification, ",[43,693,695],{"href":694},"http:\u002F\u002Fdownload.oracle.com\u002Fjavase\u002F6\u002Fdocs\u002Fplatform\u002Fserialization\u002Fspec\u002Fserial-arch.html#4539","Section 1.10, \"The Serializable Interface\"",[697,698],"hr",{},[39,700,701,708,709,708,715],{},[43,702,704],{"href":703},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser04-j",[705,706],"img",{"src":707},"\u002Fattachments\u002F88487702\u002F88497198.png"," ",[43,710,712],{"href":711},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002F",[705,713],{"src":714},"\u002Fattachments\u002F88487702\u002F88497196.png",[43,716,718],{"href":717},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser06-j",[705,719],{"src":720},"\u002Fattachments\u002F88487702\u002F88497197.png",[722,723,724],"style",{},"html pre.shiki code .sC2Qs, html code.shiki .sC2Qs{--shiki-default:#D73A49;--shiki-dark:#F97583;--shiki-sepia:#F92672}html pre.shiki code .sz2Vg, html code.shiki .sz2Vg{--shiki-default:#6F42C1;--shiki-default-text-decoration:inherit;--shiki-dark:#B392F0;--shiki-dark-text-decoration:inherit;--shiki-sepia:#A6E22E;--shiki-sepia-text-decoration:underline}html pre.shiki code .s30JN, html code.shiki .s30JN{--shiki-default:#6F42C1;--shiki-default-font-style:inherit;--shiki-default-text-decoration:inherit;--shiki-dark:#B392F0;--shiki-dark-font-style:inherit;--shiki-dark-text-decoration:inherit;--shiki-sepia:#A6E22E;--shiki-sepia-font-style:italic;--shiki-sepia-text-decoration:underline}html pre.shiki code .sMOD_, html code.shiki .sMOD_{--shiki-default:#24292E;--shiki-dark:#E1E4E8;--shiki-sepia:#F8F8F2}html pre.shiki code .sq6CD, html code.shiki .sq6CD{--shiki-default:#D73A49;--shiki-default-font-style:inherit;--shiki-dark:#F97583;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .sk8M1, html code.shiki .sk8M1{--shiki-default:#24292E;--shiki-default-font-style:inherit;--shiki-dark:#E1E4E8;--shiki-dark-font-style:inherit;--shiki-sepia:#66D9EF;--shiki-sepia-font-style:italic}html pre.shiki code .s8-w5, html code.shiki .s8-w5{--shiki-default:#6A737D;--shiki-dark:#6A737D;--shiki-sepia:#88846F}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html .sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}html.sepia .shiki span {color: var(--shiki-sepia);background: var(--shiki-sepia-bg);font-style: var(--shiki-sepia-font-style);font-weight: var(--shiki-sepia-font-weight);text-decoration: var(--shiki-sepia-text-decoration);}",{"title":126,"searchDepth":158,"depth":158,"links":726},[727,728,729,730,733,734],{"id":111,"depth":158,"text":112},{"id":218,"depth":158,"text":219},{"id":291,"depth":158,"text":219},{"id":368,"depth":158,"text":369,"children":731},[732],{"id":443,"depth":171,"text":444},{"id":568,"depth":158,"text":569},{"id":602,"depth":158,"text":603},"\"An inner class is a nested class that is not explicitly or implicitly declared static\" [ JLS 2015 ]. Serialization of inner classes (including local and anonymous classes) is error prone. According to the Serialization Specification [ Sun 2006 ]:","md",{"tags":738},[739,740,741,742,743],"android-applicable","android","ser","analyzable","rule","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser05-j",{"title":30,"description":735},"6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F07.ser05-j","Di53R-KDfVDF5MwUb4HbxKuYwcWrJyDmcMsh0EZ-Jkc",[749,752],{"title":750,"path":703,"stem":751,"children":-1},"SER04-J. Do not allow serialization and deserialization to bypass the security manager","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F06.ser04-j",{"title":753,"path":717,"stem":754,"children":-1},"SER06-J. Make defensive copies of private mutable components during deserialization","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F08.ser06-j",[756],{"title":757,"path":758,"stem":759,"children":760},"SEI CERT Oracle Coding Standard for Java","\u002Fsei-cert-oracle-coding-standard-for-java","6.sei-cert-oracle-coding-standard-for-java\u002F1.index",[761,762,902,1731,2130,2301],{"title":757,"path":758,"stem":759},{"title":763,"path":764,"stem":765,"children":766},"Front Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F1.index",[767,768,772,776,780,826,864],{"title":763,"path":764,"stem":765},{"title":769,"path":770,"stem":771},"Rules versus Recommendations (Java)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frules-versus-recommendations-java","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F2.rules-versus-recommendations-java",{"title":773,"path":774,"stem":775},"Acknowledgments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Facknowledgments","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F3.acknowledgments",{"title":777,"path":778,"stem":779},"Deprecations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Fdeprecations","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.deprecations",{"title":781,"path":782,"stem":783,"children":784},"Rec. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F01.index",[785,786,790,794,798,802,806,810,814,818,822],{"title":781,"path":782,"stem":783},{"title":787,"path":788,"stem":789},"Scope","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F02.scope",{"title":791,"path":792,"stem":793},"Audience","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F03.audience",{"title":795,"path":796,"stem":797},"Contents and Organization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F05.contents-and-organization",{"title":799,"path":800,"stem":801},"Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fguidelines","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F06.guidelines",{"title":803,"path":804,"stem":805},"Usage","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F07.usage",{"title":807,"path":808,"stem":809},"System Qualities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F08.system-qualities",{"title":811,"path":812,"stem":813},"Priority and Levels","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F09.priority-and-levels",{"title":815,"path":816,"stem":817},"Automatically Generated Code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F10.automatically-generated-code",{"title":819,"path":820,"stem":821},"Source Code Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Fsource-code-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F11.source-code-validation",{"title":823,"path":824,"stem":825},"Tool Selection and Validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frec-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F4.rec-preface\u002F12.tool-selection-and-validation",{"title":827,"path":828,"stem":829,"children":830},"Rule. Introduction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F01.index",[831,832,836,840,844,848,852,856,860],{"title":827,"path":828,"stem":829},{"title":833,"path":834,"stem":835},"Input Validation and Data Sanitization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Finput-validation-and-data-sanitization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F02.input-validation-and-data-sanitization",{"title":837,"path":838,"stem":839},"Leaking Sensitive Data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-sensitive-data","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F03.leaking-sensitive-data",{"title":841,"path":842,"stem":843},"Type Safety","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Ftype-safety","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F04.type-safety",{"title":845,"path":846,"stem":847},"Leaking Capabilities","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fleaking-capabilities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F05.leaking-capabilities",{"title":849,"path":850,"stem":851},"Denial of Service","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fdenial-of-service","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F06.denial-of-service",{"title":853,"path":854,"stem":855},"Libraries","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Flibraries","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F07.libraries",{"title":857,"path":858,"stem":859},"Concurrency, Visibility, and Memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fconcurrency-visibility-and-memory","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F08.concurrency-visibility-and-memory",{"title":861,"path":862,"stem":863},"Privilege Escalation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-introduction\u002Fprivilege-escalation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F5.rule-introduction\u002F09.privilege-escalation",{"title":865,"path":866,"stem":867,"children":868},"Rule. Preface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F01.index",[869,870,873,876,879,883,886,889,892,895,899],{"title":865,"path":866,"stem":867},{"title":787,"path":871,"stem":872},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fscope","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F02.scope",{"title":791,"path":874,"stem":875},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Faudience","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F03.audience",{"title":795,"path":877,"stem":878},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fcontents-and-organization","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F04.contents-and-organization",{"title":880,"path":881,"stem":882},"Identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fidentifiers","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F05.identifiers",{"title":803,"path":884,"stem":885},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fusage","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F06.usage",{"title":807,"path":887,"stem":888},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fsystem-qualities","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F07.system-qualities",{"title":811,"path":890,"stem":891},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fpriority-and-levels","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F08.priority-and-levels",{"title":815,"path":893,"stem":894},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fautomatically-generated-code","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F09.automatically-generated-code",{"title":896,"path":897,"stem":898},"Conformance Testing","\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Fconformance-testing","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F10.conformance-testing",{"title":823,"path":900,"stem":901},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Ffront-matter\u002Frule-preface\u002Ftool-selection-and-validation","6.sei-cert-oracle-coding-standard-for-java\u002F2.front-matter\u002F6.rule-preface\u002F11.tool-selection-and-validation",{"title":903,"path":904,"stem":905,"children":906},"Rules","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F01.index",[907,908,912,938,956,1002,1040,1114,1168,1194,1248,1310,1364,1422,1484,1534,1574,1623,1653,1679,1701],{"title":903,"path":904,"stem":905},{"title":909,"path":910,"stem":911},"Android (DRD)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fandroid-drd","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F02.android-drd",{"title":913,"path":914,"stem":915,"children":916},"Characters and Strings (STR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F1.index",[917,918,922,926,930,934],{"title":913,"path":914,"stem":915},{"title":919,"path":920,"stem":921},"STR00-J. Don't form strings containing partial characters from variable-width encodings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F2.str00-j",{"title":923,"path":924,"stem":925},"STR01-J. Do not assume that a Java char fully represents a Unicode code point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F3.str01-j",{"title":927,"path":928,"stem":929},"STR02-J. Specify an appropriate locale when comparing locale-dependent data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F4.str02-j",{"title":931,"path":932,"stem":933},"STR03-J. Do not encode noncharacter data as a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F5.str03-j",{"title":935,"path":936,"stem":937},"STR04-J. Use compatible character encodings when communicating string data between JVMs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fcharacters-and-strings-str\u002Fstr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F03.characters-and-strings-str\u002F6.str04-j",{"title":939,"path":940,"stem":941,"children":942},"Declarations and Initialization (DCL)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F1.index",[943,944,948,952],{"title":939,"path":940,"stem":941},{"title":945,"path":946,"stem":947},"DCL00-J. Prevent class initialization cycles","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F2.dcl00-j",{"title":949,"path":950,"stem":951},"DCL01-J. Do not reuse public identifiers from the Java Standard Library","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F3.dcl01-j",{"title":953,"path":954,"stem":955},"DCL02-J. Do not modify the collection's elements during an enhanced for statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fdeclarations-and-initialization-dcl\u002Fdcl02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F04.declarations-and-initialization-dcl\u002F4.dcl02-j",{"title":957,"path":958,"stem":959,"children":960},"Exceptional Behavior (ERR)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F01.index",[961,962,966,970,974,978,982,986,990,994,998],{"title":957,"path":958,"stem":959},{"title":963,"path":964,"stem":965},"ERR00-J. Do not suppress or ignore checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F02.err00-j",{"title":967,"path":968,"stem":969},"ERR01-J. Do not allow exceptions to expose sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F03.err01-j",{"title":971,"path":972,"stem":973},"ERR02-J. Prevent exceptions while logging data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F04.err02-j",{"title":975,"path":976,"stem":977},"ERR03-J. Restore prior object state on method failure","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F05.err03-j",{"title":979,"path":980,"stem":981},"ERR04-J. Do not complete abruptly from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F06.err04-j",{"title":983,"path":984,"stem":985},"ERR05-J. Do not let checked exceptions escape from a finally block","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F07.err05-j",{"title":987,"path":988,"stem":989},"ERR06-J. Do not throw undeclared checked exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F08.err06-j",{"title":991,"path":992,"stem":993},"ERR07-J. Do not throw RuntimeException, Exception, or Throwable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F09.err07-j",{"title":995,"path":996,"stem":997},"ERR08-J. Do not catch NullPointerException or any of its ancestors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F10.err08-j",{"title":999,"path":1000,"stem":1001},"ERR09-J. Do not allow untrusted code to terminate the JVM","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexceptional-behavior-err\u002Ferr09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F05.exceptional-behavior-err\u002F11.err09-j",{"title":1003,"path":1004,"stem":1005,"children":1006},"Expressions (EXP)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F1.index",[1007,1008,1012,1016,1020,1024,1028,1032,1036],{"title":1003,"path":1004,"stem":1005},{"title":1009,"path":1010,"stem":1011},"EXP00-J. Do not ignore values returned by methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F2.exp00-j",{"title":1013,"path":1014,"stem":1015},"EXP01-J. Do not use a null in a case where an object is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F3.exp01-j",{"title":1017,"path":1018,"stem":1019},"EXP02-J. Do not use the Object.equals() method to compare two arrays","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F4.exp02-j",{"title":1021,"path":1022,"stem":1023},"EXP03-J. Do not use the equality operators when comparing values of boxed primitives","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F5.exp03-j",{"title":1025,"path":1026,"stem":1027},"EXP04-J. Do not pass arguments to certain Java Collections Framework methods that are a different type than the collection parameter type","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F6.exp04-j",{"title":1029,"path":1030,"stem":1031},"EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F7.exp05-j",{"title":1033,"path":1034,"stem":1035},"EXP06-J. Expressions used in assertions must not produce side effects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F8.exp06-j",{"title":1037,"path":1038,"stem":1039},"EXP07-J. Prevent loss of useful data due to weak references","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fexpressions-exp\u002Fexp07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F06.expressions-exp\u002F9.exp07-j",{"title":1041,"path":1042,"stem":1043,"children":1044},"Input Output (FIO)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F01.index",[1045,1046,1050,1054,1058,1062,1066,1070,1074,1078,1082,1086,1090,1094,1098,1102,1106,1110],{"title":1041,"path":1042,"stem":1043},{"title":1047,"path":1048,"stem":1049},"FIO00-J. Do not operate on files in shared directories","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F02.fio00-j",{"title":1051,"path":1052,"stem":1053},"FIO01-J. Create files with appropriate access permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F03.fio01-j",{"title":1055,"path":1056,"stem":1057},"FIO02-J. Detect and handle file-related errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F04.fio02-j",{"title":1059,"path":1060,"stem":1061},"FIO03-J. Remove temporary files before termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F05.fio03-j",{"title":1063,"path":1064,"stem":1065},"FIO04-J. Release resources when they are no longer needed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F06.fio04-j",{"title":1067,"path":1068,"stem":1069},"FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F07.fio05-j",{"title":1071,"path":1072,"stem":1073},"FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F08.fio06-j",{"title":1075,"path":1076,"stem":1077},"FIO07-J. Do not let external processes block on IO buffers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F09.fio07-j",{"title":1079,"path":1080,"stem":1081},"FIO08-J. Distinguish between characters or bytes read from a stream and -1","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F10.fio08-j",{"title":1083,"path":1084,"stem":1085},"FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F11.fio09-j",{"title":1087,"path":1088,"stem":1089},"FIO10-J. Ensure the array is filled when using read() to fill an array","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F12.fio10-j",{"title":1091,"path":1092,"stem":1093},"FIO11-J. Do not convert between strings and bytes without specifying a valid character encoding","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F13.fio11-j",{"title":1095,"path":1096,"stem":1097},"FIO12-J. Provide methods to read and write little-endian data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F14.fio12-j",{"title":1099,"path":1100,"stem":1101},"FIO13-J. Do not log sensitive information outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F15.fio13-j",{"title":1103,"path":1104,"stem":1105},"FIO14-J. Perform proper cleanup at program termination","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F16.fio14-j",{"title":1107,"path":1108,"stem":1109},"FIO15-J. Do not reset a servlet's output stream after committing it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F17.fio15-j",{"title":1111,"path":1112,"stem":1113},"FIO16-J. Canonicalize path names before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-output-fio\u002Ffio16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F07.input-output-fio\u002F18.fio16-j",{"title":1115,"path":1116,"stem":1117,"children":1118},"Input Validation and Data Sanitization (IDS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F01.index",[1119,1120,1124,1128,1132,1136,1140,1144,1148,1152,1156,1160,1164],{"title":1115,"path":1116,"stem":1117},{"title":1121,"path":1122,"stem":1123},"IDS00-J. Prevent SQL injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F02.ids00-j",{"title":1125,"path":1126,"stem":1127},"IDS01-J. Normalize strings before validating them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F03.ids01-j",{"title":1129,"path":1130,"stem":1131},"IDS03-J. Do not log unsanitized user input","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F04.ids03-j",{"title":1133,"path":1134,"stem":1135},"IDS04-J. Safely extract files from ZipInputStream","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F05.ids04-j",{"title":1137,"path":1138,"stem":1139},"IDS06-J. Exclude unsanitized user input from format strings","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F06.ids06-j",{"title":1141,"path":1142,"stem":1143},"IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F07.ids07-j",{"title":1145,"path":1146,"stem":1147},"IDS08-J. Sanitize untrusted data included in a regular expression","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F08.ids08-j",{"title":1149,"path":1150,"stem":1151},"IDS11-J. Perform any string modifications before validation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F09.ids11-j",{"title":1153,"path":1154,"stem":1155},"IDS14-J. Do not trust the contents of hidden form fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F10.ids14-j",{"title":1157,"path":1158,"stem":1159},"IDS15-J. Do not allow sensitive information to leak outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids15-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F11.ids15-j",{"title":1161,"path":1162,"stem":1163},"IDS16-J. Prevent XML Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids16-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F12.ids16-j",{"title":1165,"path":1166,"stem":1167},"IDS17-J. Prevent XML External Entity Attacks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Finput-validation-and-data-sanitization-ids\u002Fids17-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F08.input-validation-and-data-sanitization-ids\u002F13.ids17-j",{"title":1169,"path":1170,"stem":1171,"children":1172},"Java Native Interface (JNI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F1.index",[1173,1174,1178,1182,1186,1190],{"title":1169,"path":1170,"stem":1171},{"title":1175,"path":1176,"stem":1177},"JNI00-J. Define wrappers around native methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F2.jni00-j",{"title":1179,"path":1180,"stem":1181},"JNI01-J. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance (loadLibrary)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F3.jni01-j",{"title":1183,"path":1184,"stem":1185},"JNI02-J. Do not assume object references are constant or unique","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F4.jni02-j",{"title":1187,"path":1188,"stem":1189},"JNI03-J. Do not use direct pointers to Java objects in JNI code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F5.jni03-j",{"title":1191,"path":1192,"stem":1193},"JNI04-J. Do not assume that Java strings are null-terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fjava-native-interface-jni\u002Fjni04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F09.java-native-interface-jni\u002F6.jni04-j",{"title":1195,"path":1196,"stem":1197,"children":1198},"Locking (LCK)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F01.index",[1199,1200,1204,1208,1212,1216,1220,1224,1228,1232,1236,1240,1244],{"title":1195,"path":1196,"stem":1197},{"title":1201,"path":1202,"stem":1203},"LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F02.lck00-j",{"title":1205,"path":1206,"stem":1207},"LCK01-J. Do not synchronize on objects that may be reused","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F03.lck01-j",{"title":1209,"path":1210,"stem":1211},"LCK02-J. Do not synchronize on the class object returned by getClass()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F04.lck02-j",{"title":1213,"path":1214,"stem":1215},"LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F05.lck03-j",{"title":1217,"path":1218,"stem":1219},"LCK04-J. Do not synchronize on a collection view if the backing collection is accessible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F06.lck04-j",{"title":1221,"path":1222,"stem":1223},"LCK05-J. Synchronize access to static fields that can be modified by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F07.lck05-j",{"title":1225,"path":1226,"stem":1227},"LCK06-J. Do not use an instance lock to protect shared static data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F08.lck06-j",{"title":1229,"path":1230,"stem":1231},"LCK07-J. Avoid deadlock by requesting and releasing locks in the same order","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F09.lck07-j",{"title":1233,"path":1234,"stem":1235},"LCK08-J. Ensure actively held locks are released on exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F10.lck08-j",{"title":1237,"path":1238,"stem":1239},"LCK09-J. Do not perform operations that can block while holding a lock","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F11.lck09-j",{"title":1241,"path":1242,"stem":1243},"LCK10-J. Use a correct form of the double-checked locking idiom","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F12.lck10-j",{"title":1245,"path":1246,"stem":1247},"LCK11-J. Avoid client-side locking when using classes that do not commit to their locking strategy","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Flocking-lck\u002Flck11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F10.locking-lck\u002F13.lck11-j",{"title":1249,"path":1250,"stem":1251,"children":1252},"Methods (MET)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F01.index",[1253,1254,1258,1262,1266,1270,1274,1278,1282,1286,1290,1294,1298,1302,1306],{"title":1249,"path":1250,"stem":1251},{"title":1255,"path":1256,"stem":1257},"MET00-J. Validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F02.met00-j",{"title":1259,"path":1260,"stem":1261},"MET01-J. Never use assertions to validate method arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F03.met01-j",{"title":1263,"path":1264,"stem":1265},"MET02-J. Do not use deprecated or obsolete classes or methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F04.met02-j",{"title":1267,"path":1268,"stem":1269},"MET03-J. Methods that perform a security check must be declared private or final","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F05.met03-j",{"title":1271,"path":1272,"stem":1273},"MET04-J. Do not increase the accessibility of overridden or hidden methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F06.met04-j",{"title":1275,"path":1276,"stem":1277},"MET05-J. Ensure that constructors do not call overridable methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F07.met05-j",{"title":1279,"path":1280,"stem":1281},"MET06-J. Do not invoke overridable methods in clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F08.met06-j",{"title":1283,"path":1284,"stem":1285},"MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F09.met07-j",{"title":1287,"path":1288,"stem":1289},"MET08-J. Preserve the equality contract when overriding the equals() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F10.met08-j",{"title":1291,"path":1292,"stem":1293},"MET09-J. Classes that define an equals() method must also define a hashCode() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F11.met09-j",{"title":1295,"path":1296,"stem":1297},"MET10-J. Follow the general contract when implementing the compareTo() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F12.met10-j",{"title":1299,"path":1300,"stem":1301},"MET11-J. Ensure that keys used in comparison operations are immutable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F13.met11-j",{"title":1303,"path":1304,"stem":1305},"MET12-J. Do not use finalizers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F14.met12-j",{"title":1307,"path":1308,"stem":1309},"MET13-J. Do not assume that reassigning method arguments modifies the calling environment","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmethods-met\u002Fmet13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F11.methods-met\u002F15.met13-j",{"title":1311,"path":1312,"stem":1313,"children":1314},"Miscellaneous (MSC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F01.index",[1315,1316,1320,1324,1328,1332,1336,1340,1344,1348,1352,1356,1360],{"title":1311,"path":1312,"stem":1313},{"title":1317,"path":1318,"stem":1319},"MSC00-J. Use SSLSocket rather than Socket for secure data exchange","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F02.msc00-j",{"title":1321,"path":1322,"stem":1323},"MSC01-J. Do not use an empty infinite loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F03.msc01-j",{"title":1325,"path":1326,"stem":1327},"MSC02-J. Generate strong random numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F04.msc02-j",{"title":1329,"path":1330,"stem":1331},"MSC03-J. Never hard code sensitive information","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F05.msc03-j",{"title":1333,"path":1334,"stem":1335},"MSC04-J. Do not leak memory","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F06.msc04-j",{"title":1337,"path":1338,"stem":1339},"MSC05-J. Do not exhaust heap space","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F07.msc05-j",{"title":1341,"path":1342,"stem":1343},"MSC06-J. Do not modify the underlying collection when an iteration is in progress","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F08.msc06-j",{"title":1345,"path":1346,"stem":1347},"MSC07-J. Prevent multiple instantiations of singleton objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F09.msc07-j",{"title":1349,"path":1350,"stem":1351},"MSC08-J. Do not store nonserializable objects as attributes in an HTTP session","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F10.msc08-j",{"title":1353,"path":1354,"stem":1355},"MSC09-J. For OAuth, ensure (a) [relying party receiving user's ID in last step] is same as (b) [relying party the access token was granted to].","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F11.msc09-j",{"title":1357,"path":1358,"stem":1359},"MSC10-J. Do not use OAuth 2.0 implicit grant (unmodified) for authentication","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F12.msc10-j",{"title":1361,"path":1362,"stem":1363},"MSC11-J. Do not let session information leak within a servlet","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fmiscellaneous-msc\u002Fmsc11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F12.miscellaneous-msc\u002F13.msc11-j",{"title":1365,"path":1366,"stem":1367,"children":1368},"Numeric Types and Operations (NUM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F01.index",[1369,1370,1374,1378,1382,1386,1390,1394,1398,1402,1406,1410,1414,1418],{"title":1365,"path":1366,"stem":1367},{"title":1371,"path":1372,"stem":1373},"NUM00-J. Detect or prevent integer overflow","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F02.num00-j",{"title":1375,"path":1376,"stem":1377},"NUM01-J. Do not perform bitwise and arithmetic operations on the same data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F03.num01-j",{"title":1379,"path":1380,"stem":1381},"NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F04.num02-j",{"title":1383,"path":1384,"stem":1385},"NUM03-J. Use integer types that can fully represent the possible range of unsigned data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F05.num03-j",{"title":1387,"path":1388,"stem":1389},"NUM04-J. Do not use floating-point numbers if precise computation is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F06.num04-j",{"title":1391,"path":1392,"stem":1393},"NUM07-J. Do not attempt comparisons with NaN","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F07.num07-j",{"title":1395,"path":1396,"stem":1397},"NUM08-J. Check floating-point inputs for exceptional values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F08.num08-j",{"title":1399,"path":1400,"stem":1401},"NUM09-J. Do not use floating-point variables as loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F09.num09-j",{"title":1403,"path":1404,"stem":1405},"NUM10-J. Do not construct BigDecimal objects from floating-point literals","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F10.num10-j",{"title":1407,"path":1408,"stem":1409},"NUM11-J. Do not compare or inspect the string representation of floating-point values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F11.num11-j",{"title":1411,"path":1412,"stem":1413},"NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F12.num12-j",{"title":1415,"path":1416,"stem":1417},"NUM13-J. Avoid loss of precision when converting primitive integers to floating-point","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F13.num13-j",{"title":1419,"path":1420,"stem":1421},"NUM14-J. Use shift operators correctly","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fnumeric-types-and-operations-num\u002Fnum14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F13.numeric-types-and-operations-num\u002F14.num14-j",{"title":1423,"path":1424,"stem":1425,"children":1426},"Object Orientation (OBJ)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F01.index",[1427,1428,1432,1436,1440,1444,1448,1452,1456,1460,1464,1468,1472,1476,1480],{"title":1423,"path":1424,"stem":1425},{"title":1429,"path":1430,"stem":1431},"OBJ01-J. Limit accessibility of fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F02.obj01-j",{"title":1433,"path":1434,"stem":1435},"OBJ02-J. Preserve dependencies in subclasses when changing superclasses","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F03.obj02-j",{"title":1437,"path":1438,"stem":1439},"OBJ03-J. Prevent heap pollution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F04.obj03-j",{"title":1441,"path":1442,"stem":1443},"OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F05.obj04-j",{"title":1445,"path":1446,"stem":1447},"OBJ05-J. Do not return references to private mutable class members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F06.obj05-j",{"title":1449,"path":1450,"stem":1451},"OBJ06-J. Defensively copy mutable inputs and mutable internal components","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F07.obj06-j",{"title":1453,"path":1454,"stem":1455},"OBJ07-J. Sensitive classes must not let themselves be copied","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F08.obj07-j",{"title":1457,"path":1458,"stem":1459},"OBJ08-J. Do not expose private members of an outer class from within a nested class","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F09.obj08-j",{"title":1461,"path":1462,"stem":1463},"OBJ09-J. Compare classes and not class names","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F10.obj09-j",{"title":1465,"path":1466,"stem":1467},"OBJ10-J. Do not use public static nonfinal fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F11.obj10-j",{"title":1469,"path":1470,"stem":1471},"OBJ11-J. Be wary of letting constructors throw exceptions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F12.obj11-j",{"title":1473,"path":1474,"stem":1475},"OBJ12-J. Respect object-based annotations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F13.obj12-j",{"title":1477,"path":1478,"stem":1479},"OBJ13-J. Ensure that references to mutable objects are not exposed","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj13-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F14.obj13-j",{"title":1481,"path":1482,"stem":1483},"OBJ14-J. Do not use an object that has been freed.","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fobject-orientation-obj\u002Fobj14-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F14.object-orientation-obj\u002F15.obj14-j",{"title":1485,"path":1486,"stem":1487,"children":1488},"Platform Security (SEC)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F01.index",[1489,1490,1494,1498,1502,1506,1510,1514,1518,1522,1526,1530],{"title":1485,"path":1486,"stem":1487},{"title":1491,"path":1492,"stem":1493},"SEC00-J. Do not allow privileged blocks to leak sensitive information across a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F02.sec00-j",{"title":1495,"path":1496,"stem":1497},"SEC01-J. Do not allow tainted variables in privileged blocks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F03.sec01-j",{"title":1499,"path":1500,"stem":1501},"SEC02-J. Do not base security checks on untrusted sources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F04.sec02-j",{"title":1503,"path":1504,"stem":1505},"SEC03-J. Do not load trusted classes after allowing untrusted code to load arbitrary classes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F05.sec03-j",{"title":1507,"path":1508,"stem":1509},"SEC04-J. Protect sensitive operations with security manager checks","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F06.sec04-j",{"title":1511,"path":1512,"stem":1513},"SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F07.sec05-j",{"title":1515,"path":1516,"stem":1517},"SEC06-J. Do not rely on the default automatic signature verification provided by URLClassLoader and java.util.jar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F08.sec06-j",{"title":1519,"path":1520,"stem":1521},"SEC07-J. Call the superclass's getPermissions() method when writing a custom class loader","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F09.sec07-j",{"title":1523,"path":1524,"stem":1525},"SEC08-J Trusted code must discard or clean any arguments provided by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F10.sec08-j",{"title":1527,"path":1528,"stem":1529},"SEC09-J Never leak the results of certain standard API methods from trusted code to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F11.sec09-j",{"title":1531,"path":1532,"stem":1533},"SEC10-J Never permit untrusted code to invoke any API that may (possibly transitively) invoke the reflection APIs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fplatform-security-sec\u002Fsec10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F15.platform-security-sec\u002F12.sec10-j",{"title":1535,"path":1536,"stem":1537,"children":1538},"Runtime Environment (ENV)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F1.index",[1539,1540,1544,1548,1552,1562,1566,1570],{"title":1535,"path":1536,"stem":1537},{"title":1541,"path":1542,"stem":1543},"ENV00-J. Do not sign code that performs only unprivileged operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F2.env00-j",{"title":1545,"path":1546,"stem":1547},"ENV01-J. Place all security-sensitive code in a single JAR and sign and seal it","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F3.env01-j",{"title":1549,"path":1550,"stem":1551},"ENV02-J. Do not trust the values of environment variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F4.env02-j",{"title":1553,"path":1554,"stem":1555,"children":1556},"ENV03-J. Do not grant dangerous combinations of permissions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F1.index",[1557,1558],{"title":1553,"path":1554,"stem":1555},{"title":1559,"path":1560,"stem":1561},"DUMMY ENV03-J","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv03-j\u002Fdummy-env03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F5.env03-j\u002F2.dummy-env03-j",{"title":1563,"path":1564,"stem":1565},"ENV04-J. Do not disable bytecode verification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F6.env04-j",{"title":1567,"path":1568,"stem":1569},"ENV05-J. Do not deploy an application that can be remotely monitored","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F7.env05-j",{"title":1571,"path":1572,"stem":1573},"ENV06-J. Production code must not contain debugging entry points","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fruntime-environment-env\u002Fenv06-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F16.runtime-environment-env\u002F8.env06-j",{"title":1575,"path":1576,"stem":1577,"children":1578},"Serialization (SER)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F01.index",[1579,1580,1584,1588,1592,1596,1597,1598,1599,1603,1607,1611,1615,1619],{"title":1575,"path":1576,"stem":1577},{"title":1581,"path":1582,"stem":1583},"SER00-J. Enable serialization compatibility during class evolution","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F02.ser00-j",{"title":1585,"path":1586,"stem":1587},"SER01-J. Do not deviate from the proper signatures of serialization methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F03.ser01-j",{"title":1589,"path":1590,"stem":1591},"SER02-J. Sign then seal objects before sending them outside a trust boundary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F04.ser02-j",{"title":1593,"path":1594,"stem":1595},"SER03-J. Do not serialize unencrypted sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F05.ser03-j",{"title":750,"path":703,"stem":751},{"title":30,"path":744,"stem":746},{"title":753,"path":717,"stem":754},{"title":1600,"path":1601,"stem":1602},"SER07-J. Do not use the default serialized form for classes with implementation-defined invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser07-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F09.ser07-j",{"title":1604,"path":1605,"stem":1606},"SER08-J. Minimize privileges before deserializing from a privileged context","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser08-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F10.ser08-j",{"title":1608,"path":1609,"stem":1610},"SER09-J. Do not invoke overridable methods from the readObject() method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser09-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F11.ser09-j",{"title":1612,"path":1613,"stem":1614},"SER10-J. Avoid memory and resource leaks during serialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser10-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F12.ser10-j",{"title":1616,"path":1617,"stem":1618},"SER11-J. Prevent overwriting of externalizable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser11-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F13.ser11-j",{"title":1620,"path":1621,"stem":1622},"SER12-J. Prevent deserialization of untrusted data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fserialization-ser\u002Fser12-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F17.serialization-ser\u002F14.ser12-j",{"title":1624,"path":1625,"stem":1626,"children":1627},"Thread APIs (THI)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F1.index",[1628,1629,1633,1637,1641,1645,1649],{"title":1624,"path":1625,"stem":1626},{"title":1630,"path":1631,"stem":1632},"THI00-J. Do not invoke Thread.run()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F2.thi00-j",{"title":1634,"path":1635,"stem":1636},"THI01-J. Do not invoke ThreadGroup methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F3.thi01-j",{"title":1638,"path":1639,"stem":1640},"THI02-J. Notify all waiting threads rather than a single thread","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F4.thi02-j",{"title":1642,"path":1643,"stem":1644},"THI03-J. Always invoke wait() and await() methods inside a loop","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F5.thi03-j",{"title":1646,"path":1647,"stem":1648},"THI04-J. Ensure that threads performing blocking operations can be terminated","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F6.thi04-j",{"title":1650,"path":1651,"stem":1652},"THI05-J. Do not use Thread.stop() to terminate threads","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-apis-thi\u002Fthi05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F18.thread-apis-thi\u002F7.thi05-j",{"title":1654,"path":1655,"stem":1656,"children":1657},"Thread Pools (TPS)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F1.index",[1658,1659,1663,1667,1671,1675],{"title":1654,"path":1655,"stem":1656},{"title":1660,"path":1661,"stem":1662},"TPS00-J. Use thread pools to enable graceful degradation of service during traffic bursts","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F2.tps00-j",{"title":1664,"path":1665,"stem":1666},"TPS01-J. Do not execute interdependent tasks in a bounded thread pool","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F3.tps01-j",{"title":1668,"path":1669,"stem":1670},"TPS02-J. Ensure that tasks submitted to a thread pool are interruptible","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F4.tps02-j",{"title":1672,"path":1673,"stem":1674},"TPS03-J. Ensure that tasks executing in a thread pool do not fail silently","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F5.tps03-j",{"title":1676,"path":1677,"stem":1678},"TPS04-J. Ensure ThreadLocal variables are reinitialized when using thread pools","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-pools-tps\u002Ftps04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F19.thread-pools-tps\u002F6.tps04-j",{"title":1680,"path":1681,"stem":1682,"children":1683},"Thread-Safety Miscellaneous (TSM)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F1.index",[1684,1685,1689,1693,1697],{"title":1680,"path":1681,"stem":1682},{"title":1686,"path":1687,"stem":1688},"TSM00-J. Do not override thread-safe methods with methods that are not thread-safe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F2.tsm00-j",{"title":1690,"path":1691,"stem":1692},"TSM01-J. Do not let the this reference escape during object construction","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F3.tsm01-j",{"title":1694,"path":1695,"stem":1696},"TSM02-J. Do not use background threads during class initialization","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F4.tsm02-j",{"title":1698,"path":1699,"stem":1700},"TSM03-J. Do not publish partially initialized objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fthread-safety-miscellaneous-tsm\u002Ftsm03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F20.thread-safety-miscellaneous-tsm\u002F5.tsm03-j",{"title":1702,"path":1703,"stem":1704,"children":1705},"Visibility and Atomicity (VNA)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F1.index",[1706,1707,1711,1715,1719,1723,1727],{"title":1702,"path":1703,"stem":1704},{"title":1708,"path":1709,"stem":1710},"VNA00-J. Ensure visibility when accessing shared primitive variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna00-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F2.vna00-j",{"title":1712,"path":1713,"stem":1714},"VNA01-J. Ensure visibility of shared references to immutable objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna01-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F3.vna01-j",{"title":1716,"path":1717,"stem":1718},"VNA02-J. Ensure that compound operations on shared variables are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna02-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F4.vna02-j",{"title":1720,"path":1721,"stem":1722},"VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna03-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F5.vna03-j",{"title":1724,"path":1725,"stem":1726},"VNA04-J. Ensure that calls to chained methods are atomic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna04-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F6.vna04-j",{"title":1728,"path":1729,"stem":1730},"VNA05-J. Ensure atomicity when reading and writing 64-bit values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frules\u002Fvisibility-and-atomicity-vna\u002Fvna05-j","6.sei-cert-oracle-coding-standard-for-java\u002F3.rules\u002F21.visibility-and-atomicity-vna\u002F7.vna05-j",{"title":1732,"path":1733,"stem":1734,"children":1735},"Recommendations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F01.index",[1736,1737,1750,1768,1821,1846,1875,1896,1929,1962,2023,2048,2089],{"title":1732,"path":1733,"stem":1734},{"title":913,"path":1738,"stem":1739,"children":1740},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F1.index",[1741,1742,1746],{"title":913,"path":1738,"stem":1739},{"title":1743,"path":1744,"stem":1745},"STR50-J. Use the appropriate method for counting characters in a string","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F2.str50-j",{"title":1747,"path":1748,"stem":1749},"STR51-J. Use the charset encoder and decoder classes when more control over the encoding process is required","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fcharacters-and-strings-str\u002Fstr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F02.characters-and-strings-str\u002F3.str51-j",{"title":1751,"path":1752,"stem":1753,"children":1754},"Concurrency (CON)","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F1.index",[1755,1756,1760,1764],{"title":1751,"path":1752,"stem":1753},{"title":1757,"path":1758,"stem":1759},"CON50-J. Do not assume that declaring a reference volatile guarantees safe publication of the members of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F2.con50-j",{"title":1761,"path":1762,"stem":1763},"CON51-J. Do not assume that the sleep(), yield(), or getState() methods provide synchronization semantics","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F3.con51-j",{"title":1765,"path":1766,"stem":1767},"CON52-J. Document thread-safety and use annotations where applicable","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fconcurrency-con\u002Fcon52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F03.concurrency-con\u002F4.con52-j",{"title":939,"path":1769,"stem":1770,"children":1771},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F01.index",[1772,1773,1777,1781,1785,1789,1793,1797,1801,1805,1809,1813,1817],{"title":939,"path":1769,"stem":1770},{"title":1774,"path":1775,"stem":1776},"DCL50-J. Use visually distinct identifiers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F02.dcl50-j",{"title":1778,"path":1779,"stem":1780},"DCL51-J. Do not shadow or obscure identifiers in subscopes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F03.dcl51-j",{"title":1782,"path":1783,"stem":1784},"DCL52-J. Do not declare more than one variable per declaration","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F04.dcl52-j",{"title":1786,"path":1787,"stem":1788},"DCL53-J. Minimize the scope of variables","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F05.dcl53-j",{"title":1790,"path":1791,"stem":1792},"DCL54-J. Use meaningful symbolic constants to represent literal values in program logic","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F06.dcl54-j",{"title":1794,"path":1795,"stem":1796},"DCL55-J. Properly encode relationships in constant definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F07.dcl55-j",{"title":1798,"path":1799,"stem":1800},"DCL56-J. Do not attach significance to the ordinal associated with an enum","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F08.dcl56-j",{"title":1802,"path":1803,"stem":1804},"DCL57-J. Avoid ambiguous overloading of variable arity methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F09.dcl57-j",{"title":1806,"path":1807,"stem":1808},"DCL58-J. Enable compile-time type checking of variable arity parameter types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F10.dcl58-j",{"title":1810,"path":1811,"stem":1812},"DCL59-J. Do not apply public final to constants whose value might change in later releases","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F11.dcl59-j",{"title":1814,"path":1815,"stem":1816},"DCL60-J. Avoid cyclic dependencies between packages","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F12.dcl60-j",{"title":1818,"path":1819,"stem":1820},"DCL61-J. Do not use raw types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fdeclarations-and-initialization-dcl\u002Fdcl61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F04.declarations-and-initialization-dcl\u002F13.dcl61-j",{"title":957,"path":1822,"stem":1823,"children":1824},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F1.index",[1825,1826,1830,1834,1838,1842],{"title":957,"path":1822,"stem":1823},{"title":1827,"path":1828,"stem":1829},"ERR50-J. Use exceptions only for exceptional conditions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F2.err50-j",{"title":1831,"path":1832,"stem":1833},"ERR51-J. Prefer user-defined exceptions over more general exception types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F3.err51-j",{"title":1835,"path":1836,"stem":1837},"ERR52-J. Avoid in-band error indicators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F4.err52-j",{"title":1839,"path":1840,"stem":1841},"ERR53-J. Try to gracefully recover from system errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F5.err53-j",{"title":1843,"path":1844,"stem":1845},"ERR54-J. Use a try-with-resources statement to safely handle closeable resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexceptional-behavior-err\u002Ferr54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F05.exceptional-behavior-err\u002F6.err54-j",{"title":1003,"path":1847,"stem":1848,"children":1849},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F1.index",[1850,1851,1855,1859,1863,1867,1871],{"title":1003,"path":1847,"stem":1848},{"title":1852,"path":1853,"stem":1854},"EXP50-J. Do not confuse abstract object equality with reference equality","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F2.exp50-j",{"title":1856,"path":1857,"stem":1858},"EXP51-J. Do not perform assignments in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F3.exp51-j",{"title":1860,"path":1861,"stem":1862},"EXP52-J. Use braces for the body of an if, for, or while statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F4.exp52-j",{"title":1864,"path":1865,"stem":1866},"EXP53-J. Use parentheses for precedence of operation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F5.exp53-j",{"title":1868,"path":1869,"stem":1870},"EXP54-J. Understand the differences between bitwise and logical operators","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F6.exp54-j",{"title":1872,"path":1873,"stem":1874},"EXP55-J. Use the same type for the second and third operands in conditional expressions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fexpressions-exp\u002Fexp55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F06.expressions-exp\u002F7.exp55-j",{"title":1041,"path":1876,"stem":1877,"children":1878},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F1.index",[1879,1880,1884,1888,1892],{"title":1041,"path":1876,"stem":1877},{"title":1881,"path":1882,"stem":1883},"FIO50-J. Do not make assumptions about file creation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F2.fio50-j",{"title":1885,"path":1886,"stem":1887},"FIO51-J. Identify files using multiple file attributes","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F3.fio51-j",{"title":1889,"path":1890,"stem":1891},"FIO52-J. Do not store unencrypted sensitive information on the client side","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F4.fio52-j",{"title":1893,"path":1894,"stem":1895},"FIO53-J. Use the serialization methods writeUnshared() and readUnshared() with care","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-output-fio\u002Ffio53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F07.input-output-fio\u002F5.fio53-j",{"title":1115,"path":1897,"stem":1898,"children":1899},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F1.index",[1900,1901,1905,1909,1913,1917,1921,1925],{"title":1115,"path":1897,"stem":1898},{"title":1902,"path":1903,"stem":1904},"IDS50-J. Use conservative file naming conventions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F2.ids50-j",{"title":1906,"path":1907,"stem":1908},"IDS51-J. Properly encode or escape output","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F3.ids51-j",{"title":1910,"path":1911,"stem":1912},"IDS52-J. Prevent code injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F4.ids52-j",{"title":1914,"path":1915,"stem":1916},"IDS53-J. Prevent XPath Injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F5.ids53-j",{"title":1918,"path":1919,"stem":1920},"IDS54-J. Prevent LDAP injection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F6.ids54-j",{"title":1922,"path":1923,"stem":1924},"IDS55-J. Understand how escape characters are interpreted when strings are loaded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F7.ids55-j",{"title":1926,"path":1927,"stem":1928},"IDS56-J. Prevent arbitrary file upload","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Finput-validation-and-data-sanitization-ids\u002Fids56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F08.input-validation-and-data-sanitization-ids\u002F8.ids56-j",{"title":1249,"path":1930,"stem":1931,"children":1932},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F1.index",[1933,1934,1938,1942,1946,1950,1954,1958],{"title":1249,"path":1930,"stem":1931},{"title":1935,"path":1936,"stem":1937},"MET50-J. Avoid ambiguous or confusing uses of overloading","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F2.met50-j",{"title":1939,"path":1940,"stem":1941},"MET51-J. Do not use overloaded methods to differentiate between runtime types","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F3.met51-j",{"title":1943,"path":1944,"stem":1945},"MET52-J. Do not use the clone() method to copy untrusted method parameters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F4.met52-j",{"title":1947,"path":1948,"stem":1949},"MET53-J. Ensure that the clone() method calls super.clone()","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F5.met53-j",{"title":1951,"path":1952,"stem":1953},"MET54-J. Always provide feedback about the resulting value of a method","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F6.met54-j",{"title":1955,"path":1956,"stem":1957},"MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F7.met55-j",{"title":1959,"path":1960,"stem":1961},"MET56-J. Do not use Object.equals() to compare cryptographic keys","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmethods-met\u002Fmet56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F09.methods-met\u002F8.met56-j",{"title":1311,"path":1963,"stem":1964,"children":1965},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F01.index",[1966,1967,1971,1975,1979,1983,1987,1991,1995,1999,2003,2007,2011,2015,2019],{"title":1311,"path":1963,"stem":1964},{"title":1968,"path":1969,"stem":1970},"MSC50-J. Minimize the scope of the @SuppressWarnings annotation","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F02.msc50-j",{"title":1972,"path":1973,"stem":1974},"MSC51-J. Do not place a semicolon immediately following an if, for, or while condition","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F03.msc51-j",{"title":1976,"path":1977,"stem":1978},"MSC52-J. Finish every set of statements associated with a case label with a break statement","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F04.msc52-j",{"title":1980,"path":1981,"stem":1982},"MSC53-J. Carefully design interfaces before releasing them","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F05.msc53-j",{"title":1984,"path":1985,"stem":1986},"MSC54-J. Avoid inadvertent wrapping of loop counters","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F06.msc54-j",{"title":1988,"path":1989,"stem":1990},"MSC55-J. Use comments consistently and in a readable fashion","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F07.msc55-j",{"title":1992,"path":1993,"stem":1994},"MSC56-J. Detect and remove superfluous code and values","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F08.msc56-j",{"title":1996,"path":1997,"stem":1998},"MSC57-J. Strive for logical completeness","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F09.msc57-j",{"title":2000,"path":2001,"stem":2002},"MSC58-J. Prefer using iterators over enumerations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F10.msc58-j",{"title":2004,"path":2005,"stem":2006},"MSC59-J. Limit the lifetime of sensitive data","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc59-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F11.msc59-j",{"title":2008,"path":2009,"stem":2010},"MSC60-J. Do not use assertions to verify the absence of runtime errors","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc60-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F12.msc60-j",{"title":2012,"path":2013,"stem":2014},"MSC61-J. Do not use insecure or weak cryptographic algorithms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc61-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F13.msc61-j",{"title":2016,"path":2017,"stem":2018},"MSC62-J. Store passwords using a hash function","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc62-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F14.msc62-j",{"title":2020,"path":2021,"stem":2022},"MSC63-J. Ensure that SecureRandom is properly seeded","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fmiscellaneous-msc\u002Fmsc63-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F10.miscellaneous-msc\u002F15.msc63-j",{"title":1365,"path":2024,"stem":2025,"children":2026},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F1.index",[2027,2028,2032,2036,2040,2044],{"title":1365,"path":2024,"stem":2025},{"title":2029,"path":2030,"stem":2031},"NUM50-J. Convert integers to floating point for floating-point operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F2.num50-j",{"title":2033,"path":2034,"stem":2035},"NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F3.num51-j",{"title":2037,"path":2038,"stem":2039},"NUM52-J. Be aware of numeric promotion behavior","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F4.num52-j",{"title":2041,"path":2042,"stem":2043},"NUM53-J. Use the strictfp modifier for floating-point calculation consistency across platforms","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F5.num53-j",{"title":2045,"path":2046,"stem":2047},"NUM54-J. Do not use denormalized numbers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fnumeric-types-and-operations-num\u002Fnum54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F11.numeric-types-and-operations-num\u002F6.num54-j",{"title":1423,"path":2049,"stem":2050,"children":2051},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F01.index",[2052,2053,2057,2061,2065,2069,2073,2077,2081,2085],{"title":1423,"path":2049,"stem":2050},{"title":2054,"path":2055,"stem":2056},"OBJ50-J. Never confuse the immutability of a reference with that of the referenced object","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F02.obj50-j",{"title":2058,"path":2059,"stem":2060},"OBJ51-J. Minimize the accessibility of classes and their members","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F03.obj51-j",{"title":2062,"path":2063,"stem":2064},"OBJ52-J. Write garbage-collection-friendly code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F04.obj52-j",{"title":2066,"path":2067,"stem":2068},"OBJ53-J. Do not use direct buffers for short-lived, infrequently used objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F05.obj53-j",{"title":2070,"path":2071,"stem":2072},"OBJ54-J. Do not attempt to help the garbage collector by setting local reference variables to null","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F06.obj54-j",{"title":2074,"path":2075,"stem":2076},"OBJ55-J. Remove short-lived objects from long-lived container objects","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F07.obj55-j",{"title":2078,"path":2079,"stem":2080},"OBJ56-J. Provide sensitive mutable classes with unmodifiable wrappers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F08.obj56-j",{"title":2082,"path":2083,"stem":2084},"OBJ57-J. Do not rely on methods that can be overridden by untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F09.obj57-j",{"title":2086,"path":2087,"stem":2088},"OBJ58-J. Limit the extensibility of classes and methods with invariants","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fobject-orientation-obj\u002Fobj58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F12.object-orientation-obj\u002F10.obj58-j",{"title":1485,"path":2090,"stem":2091,"children":2092},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F01.index",[2093,2094,2098,2102,2106,2110,2114,2118,2122,2126],{"title":1485,"path":2090,"stem":2091},{"title":2095,"path":2096,"stem":2097},"SEC50-J. Avoid granting excess privileges","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec50-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F02.sec50-j",{"title":2099,"path":2100,"stem":2101},"SEC51-J. Minimize privileged code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec51-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F03.sec51-j",{"title":2103,"path":2104,"stem":2105},"SEC52-J. Do not expose methods that use reduced-security checks to untrusted code","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec52-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F04.sec52-j",{"title":2107,"path":2108,"stem":2109},"SEC53-J. Define custom security permissions for fine-grained security","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec53-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F05.sec53-j",{"title":2111,"path":2112,"stem":2113},"SEC54-J. Create a secure sandbox using a security manager","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec54-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F06.sec54-j",{"title":2115,"path":2116,"stem":2117},"SEC55-J. Ensure that security-sensitive methods are called with validated arguments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec55-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F07.sec55-j",{"title":2119,"path":2120,"stem":2121},"SEC56-J. Do not serialize direct handles to system resources","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec56-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F08.sec56-j",{"title":2123,"path":2124,"stem":2125},"SEC57-J. Do not let untrusted code misuse privileges of callback methods","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec57-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F09.sec57-j",{"title":2127,"path":2128,"stem":2129},"SEC58-J. Deserialization methods should not perform potentially dangerous operations","\u002Fsei-cert-oracle-coding-standard-for-java\u002Frecommendations\u002Fplatform-security-sec\u002Fsec58-j","6.sei-cert-oracle-coding-standard-for-java\u002F4.recommendations\u002F13.platform-security-sec\u002F10.sec58-j",{"title":2131,"path":2132,"stem":2133,"children":2134},"Back Matter","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F1.index",[2135,2136,2140,2144,2148,2152,2272,2297],{"title":2131,"path":2132,"stem":2133},{"title":2137,"path":2138,"stem":2139},"Rec. AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F2.rec-aa-references",{"title":2141,"path":2142,"stem":2143},"Rec. BB. Definitions","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frec-bb-definitions","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F3.rec-bb-definitions",{"title":2145,"path":2146,"stem":2147},"Rule AA. References","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-aa-references","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F4.rule-aa-references",{"title":2149,"path":2150,"stem":2151},"Rule BB. Glossary","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-bb-glossary","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F5.rule-bb-glossary",{"title":2153,"path":2154,"stem":2155,"children":2156},"Rule or Rec. CC. Analyzers","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F01.index",[2157,2158,2162,2166,2170,2174,2178,2182,2186,2190,2194,2198,2202,2206,2208,2212,2216,2220,2224,2228,2232,2236,2238,2242,2244,2248,2252,2256,2260,2264,2268],{"title":2153,"path":2154,"stem":2155},{"title":2159,"path":2160,"stem":2161},"CodeSonar","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F02.codesonar",{"title":2163,"path":2164,"stem":2165},"CodeSonar_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcodesonar_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F03.codesonar_v",{"title":2167,"path":2168,"stem":2169},"Coverity","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F04.coverity",{"title":2171,"path":2172,"stem":2173},"Coverity_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fcoverity_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F05.coverity_v",{"title":2175,"path":2176,"stem":2177},"Eclipse","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F06.eclipse",{"title":2179,"path":2180,"stem":2181},"Eclipse_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Feclipse_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F07.eclipse_v",{"title":2183,"path":2184,"stem":2185},"Error Prone","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F08.error-prone",{"title":2187,"path":2188,"stem":2189},"Error Prone_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ferror-prone_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F09.error-prone_v",{"title":2191,"path":2192,"stem":2193},"Findbugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F10.findbugs",{"title":2195,"path":2196,"stem":2197},"Findbugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffindbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F11.findbugs_v",{"title":2199,"path":2200,"stem":2201},"Fortify","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F12.fortify",{"title":2203,"path":2204,"stem":2205},"Fortify_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Ffortify_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F13.fortify_v",{"title":479,"path":478,"stem":2207},"6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F14.klocwork",{"title":2209,"path":2210,"stem":2211},"Klocwork_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fklocwork_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F15.klocwork_v",{"title":2213,"path":2214,"stem":2215},"Parasoft","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F16.parasoft",{"title":2217,"path":2218,"stem":2219},"Parasoft_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fparasoft_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F17.parasoft_v",{"title":2221,"path":2222,"stem":2223},"Pmd","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F18.pmd",{"title":2225,"path":2226,"stem":2227},"Pmd_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpmd_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F19.pmd_v",{"title":2229,"path":2230,"stem":2231},"PVS-Studio","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F20.pvs-studio",{"title":2233,"path":2234,"stem":2235},"PVS-Studio_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fpvs-studio_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F21.pvs-studio_v",{"title":510,"path":509,"stem":2237},"6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F22.security-reviewer-static-reviewer",{"title":2239,"path":2240,"stem":2241},"Security Reviewer - Static Reviewer_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsecurity-reviewer-static-reviewer_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F23.security-reviewer-static-reviewer_v",{"title":535,"path":534,"stem":2243},"6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F24.sonarqube",{"title":2245,"path":2246,"stem":2247},"SonarQube_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fsonarqube_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F25.sonarqube_v",{"title":2249,"path":2250,"stem":2251},"SpotBugs","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F26.spotbugs",{"title":2253,"path":2254,"stem":2255},"SpotBugs_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fspotbugs_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F27.spotbugs_v",{"title":2257,"path":2258,"stem":2259},"The Checker Framework","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F28.the-checker-framework",{"title":2261,"path":2262,"stem":2263},"The Checker Framework_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthe-checker-framework_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F29.the-checker-framework_v",{"title":2265,"path":2266,"stem":2267},"ThreadSafe","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F30.threadsafe",{"title":2269,"path":2270,"stem":2271},"ThreadSafe_V","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-cc-analyzers\u002Fthreadsafe_v","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F6.rule-or-rec-cc-analyzers\u002F31.threadsafe_v",{"title":2273,"path":2274,"stem":2275,"children":2276},"Rule or Rec. DD. Related Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F1.index",[2277,2278,2282,2286,2290,2293],{"title":2273,"path":2274,"stem":2275},{"title":2279,"path":2280,"stem":2281},"2010","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F2.2010","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F2.2010",{"title":2283,"path":2284,"stem":2285},"2013","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002F3.2013","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F3.2013",{"title":2287,"path":2288,"stem":2289},"MITRE CAPEC","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-capec","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F4.mitre-capec",{"title":591,"path":2291,"stem":2292},"\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fmitre-cwe","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F5.mitre-cwe",{"title":2294,"path":2295,"stem":2296},"SECURE CODING GUIDELINES FOR JAVA SE, VERSION 5.0","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-dd-related-guidelines\u002Fsecure-coding-guidelines-for-java-se-version-50","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F7.rule-or-rec-dd-related-guidelines\u002F6.secure-coding-guidelines-for-java-se-version-50",{"title":2298,"path":2299,"stem":2300},"Rule or Rec. EE. Risk Assessments","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fback-matter\u002Frule-or-rec-ee-risk-assessments","6.sei-cert-oracle-coding-standard-for-java\u002F5.back-matter\u002F8.rule-or-rec-ee-risk-assessments",{"title":2302,"path":2303,"stem":2304,"children":2305},"Admin","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F1.index",[2306,2307,2311,2315,2319,2323],{"title":2302,"path":2303,"stem":2304},{"title":2308,"path":2309,"stem":2310},"All Guidelines with Classification","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fall-guidelines-with-classification","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F2.all-guidelines-with-classification",{"title":2312,"path":2313,"stem":2314},"Normative Guidelines","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Fnormative-guidelines","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F3.normative-guidelines",{"title":2316,"path":2317,"stem":2318},"Tech-edit","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftech-edit","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F4.tech-edit",{"title":2320,"path":2321,"stem":2322},"TODO List","\u002Fsei-cert-oracle-coding-standard-for-java\u002Fadmin\u002Ftodo-list","6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F5.todo-list",{"title":2320,"path":2321,"stem":2324},"6.sei-cert-oracle-coding-standard-for-java\u002F6.admin\u002F6.todo-list",1775657821716]