|
Checker
|
Guideline
|
|---|
|
CERT.DCL00.ACD
|
DCL00-J. Prevent class initialization cycles
|
|
CERT.DCL02.ITMOD
|
DCL02-J. Do not modify the collection's elements during an enhanced for statement
|
|
CERT.DCL51.HMF
|
DCL51-J. Do not shadow or obscure identifiers in subscopes
|
|
CERT.DCL52.MVOS
|
DCL52-J. Do not declare more than one variable per declaration
|
|
CERT.DCL57.OVAM
|
DCL57-J. Avoid ambiguous overloading of variable arity methods
|
|
CERT.DCL60.ACD
|
DCL60-J. Avoid cyclic dependencies between packages
|
|
CERT.ENV02.ENV
|
ENV02-J. Do not trust the values of environment variables
|
|
CERT.ERR00.LGE
|
ERR00-J. Do not suppress or ignore checked exceptions
|
|
CERT.ERR00.UCATCH
|
ERR00-J. Do not suppress or ignore checked exceptions
|
|
CERT.ERR01.ACPST
|
ERR01-J. Do not allow exceptions to expose sensitive information
|
|
CERT.ERR01.ACW
|
ERR01-J. Do not allow exceptions to expose sensitive information
|
|
CERT.ERR01.CETS
|
ERR01-J. Do not allow exceptions to expose sensitive information
|
|
CERT.ERR03.REVOBJ
|
ERR03-J. Restore prior object state on method failure
|
|
CERT.ERR04.ARCF
|
ERR04-J. Do not complete abruptly from a finally block
|
|
CERT.ERR04.ATSF
|
ERR04-J. Do not complete abruptly from a finally block
|
|
CERT.ERR05.ARCF
|
ERR05-J. Do not let checked exceptions escape from a finally block
|
|
CERT.ERR05.ATSF
|
ERR05-J. Do not let checked exceptions escape from a finally block
|
|
CERT.ERR07.NTERR
|
ERR07-J. Do not throw RuntimeException, Exception, or Throwable
|
|
CERT.ERR07.NTX
|
ERR07-J. Do not throw RuntimeException, Exception, or Throwable
|
|
CERT.ERR08.NCNPE
|
ERR08-J. Do not catch NullPointerException or any of its ancestors
|
|
CERT.ERR09.EXIT
|
ERR09-J. Do not allow untrusted code to terminate the JVM
|
|
CERT.ERR09.JVM
|
ERR09-J. Do not allow untrusted code to terminate the JVM
|
|
CERT.ERR51.NCE
|
ERR51-J. Prefer user-defined exceptions over more general exception types
|
|
CERT.ERR54.CLFIN
|
ERR54-J. Use a try-with-resources statement to safely handle closeable resources
|
|
CERT.EXP00.AECB
|
EXP00-J. Do not ignore values returned by methods
|
|
CERT.EXP00.NASSIG
|
EXP00-J. Do not ignore values returned by methods
|
|
CERT.EXP01.NCMD
|
EXP01-J. Do not use a null in a case where an object is required
|
|
CERT.EXP01.NP
|
EXP01-J. Do not use a null in a case where an object is required
|
|
CERT.EXP02.UEIC
|
EXP02-J. Do not use the Object.equals() method to compare two arrays
|
|
CERT.EXP03.UEIC
|
EXP03-J. Do not use the equality operators when comparing values of boxed primitives
|
|
CERT.EXP05.CID
|
EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression
|
|
CERT.EXP50.UEIC
|
EXP50-J. Do not confuse abstract object equality with reference equality
|
|
CERT.EXP51.ASI
|
EXP51-J. Do not perform assignments in conditional expressions
|
|
CERT.EXP52.BLK
|
EXP52-J. Use braces for the body of an if, for, or while statement
|
|
CERT.EXP53.APAREN
|
EXP53-J. Use parentheses for precedence of operation
|
|
CERT.EXP55.COMT
|
EXP55-J. Use the same type for the second and third operands in conditional expressions
|
|
CERT.FIO03.ATF
|
FIO03-J. Remove temporary files before termination
|
|
CERT.FIO03.REMTMP
|
FIO03-J. Remove temporary files before termination
|
|
CERT.FIO04.CCR
|
FIO04-J. Release resources when they are no longer needed
|
|
CERT.FIO04.CIO
|
FIO04-J. Release resources when they are no longer needed
|
|
CERT.FIO04.LEAKS
|
FIO04-J. Release resources when they are no longer needed
|
|
CERT.FIO05.BUFEXP
|
FIO05-J. Do not expose buffers or their backing arrays methods to untrusted code
|
|
CERT.FIO06.MULBUF
|
FIO06-J. Do not create multiple buffered wrappers on a single byte or character stream
|
|
CERT.FIO07.EXEC
|
FIO07-J. Do not let external processes block on IO buffers
|
|
CERT.FIO08.CRRV
|
FIO08-J. Distinguish between characters or bytes read from a stream and -1
|
|
CERT.FIO09.ARGWRITE
|
FIO09-J. Do not rely on the write() method to output integers outside the range 0 to 255
|
|
CERT.FIO12.PMRWLED
|
FIO12-J. Provide methods to read and write little-endian data
|
|
CERT.FIO13.CONSEN
|
FIO13-J. Do not log sensitive information outside a trust boundary
|
|
CERT.FIO13.LHII
|
FIO13-J. Do not log sensitive information outside a trust boundary
|
|
CERT.FIO13.PEO
|
FIO13-J. Do not log sensitive information outside a trust boundary
|
|
CERT.FIO13.SENS
|
FIO13-J. Do not log sensitive information outside a trust boundary
|
|
CERT.FIO14.CCR
|
FIO14-J. Perform proper cleanup at program termination
|
|
CERT.FIO14.CIO
|
FIO14-J. Perform proper cleanup at program termination
|
|
CERT.FIO14.CRWD
|
FIO14-J. Perform proper cleanup at program termination
|
|
CERT.FIO16.CDBV
|
FIO16-J. Canonicalize path names before validating them
|
|
CERT.IDS00.TDSQL
|
IDS00-J. Prevent SQL injection
|
|
CERT.IDS03.TDLOG
|
IDS03-J. Do not log unsanitized user input
|
|
CERT.IDS06.VAFS
|
IDS06-J. Exclude unsanitized user input from format strings
|
|
CERT.IDS07.EXEC
|
IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method
|
|
CERT.IDS11.VPPD
|
IDS11-J. Perform any string modifications before validation
|
|
CERT.IDS16.TDXML
|
IDS16-J. Prevent XML Injection
|
|
CERT.IDS51.TDRESP
|
IDS51-J. Properly encode or escape output
|
|
CERT.IDS51.TDXSS
|
IDS51-J. Properly encode or escape output
|
|
CERT.IDS52.TDCODE
|
IDS52-J. Prevent code injection
|
|
CERT.IDS53.TDJXPATH
|
IDS53-J. Prevent XPath Injection
|
|
CERT.IDS53.TDXPATH
|
IDS53-J. Prevent XPath Injection
|
|
CERT.IDS54.TDLDAP
|
IDS54-J. Prevent LDAP injection
|
|
CERT.JNI00.NATIW
|
JNI00-J. Define wrappers around native methods
|
|
CERT.LCK00.SOPF
|
LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code
|
|
CERT.LCK01.SCS
|
LCK01-J. Do not synchronize on objects that may be reused
|
|
CERT.LCK02.SGC
|
LCK02-J. Do not synchronize on the class object returned by getClass()
|
|
CERT.LCK04.SOBC
|
LCK04-J. Do not synchronize on a collection view if the backing collection is accessible
|
|
CERT.LCK05.IASF
|
LCK05-J. Synchronize access to static fields that can be modified by untrusted code
|
|
CERT.LCK06.INSTLOCK
|
LCK06-J. Do not use an instance lock to protect shared static data
|
|
CERT.LCK07.LORD
|
LCK07-J. Avoid deadlock by requesting and releasing locks in the same order
|
|
CERT.LCK08.LOCK
|
LCK08-J. Ensure actively held locks are released on exceptional conditions
|
|
CERT.LCK08.RLF
|
LCK08-J. Ensure actively held locks are released on exceptional conditions
|
|
CERT.LCK09.TSHL
|
LCK09-J. Do not perform operations that can block while holding a lock
|
|
CERT.LCK09.TSHL2
|
LCK09-J. Do not perform operations that can block while holding a lock
|
|
CERT.LCK10.DCL
|
LCK10-J. Use a correct form of the double-checked locking idiom
|
|
CERT.MET02.DPRAPI
|
MET02-J. Do not use deprecated or obsolete classes or methods
|
|
CERT.MET02.THRD
|
MET02-J. Do not use deprecated or obsolete classes or methods
|
|
CERT.MET04.OPM
|
MET04-J. Do not increase the accessibility of overridden or hidden methods
|
|
CERT.MET06.CLONE
|
MET06-J. Do not invoke overridable methods in clone()
|
|
CERT.MET07.AHSM
|
MET07-J. Never declare a class method that hides a method declared in a superclass or superinterface
|
|
CERT.MET08.EQREFL
|
MET08-J. Preserve the equality contract when overriding the equals() method
|
|
CERT.MET09.OVERRIDE
|
MET09-J. Classes that define an equals() method must also define a hashCode() method
|
|
CERT.MET11.IKICO
|
MET11-J. Ensure that keys used in comparison operations are immutable
|
|
CERT.MET12.EF
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.FCF
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.FCSF
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.FM
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.IFF
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.MFP
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.MNDF
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.NCF
|
MET12-J. Do not use finalizers
|
|
CERT.MET12.OF
|
MET12-J. Do not use finalizers
|
|
CERT.MET50.OVERLOAD
|
MET50-J. Avoid ambiguous or confusing uses of overloading
|
|
CERT.MET52.CIFC
|
MET52-J. Do not use the clone() method to copy untrusted method parameters
|
|
CERT.MET53.SCLONE
|
MET53-J. Ensure that the clone() method calls super.clone()
|
|
CERT.MSC01.EB
|
MSC01-J. Do not use an empty infinite loop
|
|
CERT.MSC03.AHCA
|
MSC03-J. Never hard code sensitive information
|
|
CERT.MSC03.HCCK
|
MSC03-J. Never hard code sensitive information
|
|
CERT.MSC03.HCCS
|
MSC03-J. Never hard code sensitive information
|
|
CERT.MSC04.LEAKS
|
MSC04-J. Do not leak memory
|
|
CERT.MSC06.ITMOD
|
MSC06-J. Do not modify the underlying collection when an iteration is in progress
|
|
CERT.MSC07.ILI
|
MSC07-J. Prevent multiple instantiations of singleton objects
|
|
CERT.MSC52.SBC
|
MSC52-J. Finish every set of statements associated with a case label with a break statement
|
|
CERT.MSC56.CC
|
MSC56-J. Detect and remove superfluous code and values
|
|
CERT.MSC56.SWITCH
|
MSC56-J. Detect and remove superfluous code and values
|
|
CERT.MSC56.VOVR
|
MSC56-J. Detect and remove superfluous code and values
|
|
CERT.MSC57.PDCL
|
MSC57-J. Strive for logical completeness
|
|
CERT.MSC57.PDS
|
MSC57-J. Strive for logical completeness
|
|
CERT.MSC60.ASSERT
|
MSC60-J. Do not use assertions to verify the absence of runtime errors
|
|
CERT.MSC61.AISSAJAVA
|
MSC61-J. Do not use insecure or weak cryptographic algorithms
|
|
CERT.MSC61.AISSAXML
|
MSC61-J. Do not use insecure or weak cryptographic algorithms
|
|
CERT.MSC61.CKTS
|
MSC61-J. Do not use insecure or weak cryptographic algorithms
|
|
CERT.MSC61.HCCK
|
MSC61-J. Do not use insecure or weak cryptographic algorithms
|
|
CERT.MSC61.ICA
|
MSC61-J. Do not use insecure or weak cryptographic algorithms
|
|
CERT.MSC62.PCCF
|
MSC62-J. Store passwords using a hash function
|
|
CERT.MSC62.PLAIN
|
MSC62-J. Store passwords using a hash function
|
|
CERT.MSC62.PTPT
|
MSC62-J. Store passwords using a hash function
|
|
CERT.MSC62.PWDPROP
|
MSC62-J. Store passwords using a hash function
|
|
CERT.MSC62.PWDXML
|
MSC62-J. Store passwords using a hash function
|
|
CERT.MSC62.UTAX
|
MSC62-J. Store passwords using a hash function
|
|
CERT.MSC62.WCPWD
|
MSC62-J. Store passwords using a hash function
|
|
CERT.MSC62.WPWD
|
MSC62-J. Store passwords using a hash function
|
|
CERT.NUM00.BSA
|
NUM00-J. Detect or prevent integer overflow
|
|
CERT.NUM00.CACO
|
NUM00-J. Detect or prevent integer overflow
|
|
CERT.NUM00.ICO
|
NUM00-J. Detect or prevent integer overflow
|
|
CERT.NUM01.BADSHIFT
|
NUM01-J. Do not perform bitwise and arithmetic operations on the same data
|
|
CERT.NUM01.NCBAV
|
NUM01-J. Do not perform bitwise and arithmetic operations on the same data
|
|
CERT.NUM02.ZERO
|
NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors
|
|
CERT.NUM04.UBD
|
NUM04-J. Do not use floating-point numbers if precise computation is required
|
|
CERT.NUM07.NAN
|
NUM07-J. Do not attempt comparisons with NaN
|
|
CERT.NUM08.FPEXC
|
NUM08-J. Check floating-point inputs for exceptional values
|
|
CERT.NUM09.FPLI
|
NUM09-J. Do not use floating-point variables as loop counters
|
|
CERT.NUM10.BBDCC
|
NUM10-J. Do not construct BigDecimal objects from floating-point literals
|
|
CERT.NUM12.CLP
|
NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data
|
|
CERT.NUM13.AIC
|
NUM13-J. Avoid loss of precision when converting primitive integers to floating-point
|
|
CERT.NUM50.IDCD
|
NUM50-J. Convert integers to floating point for floating-point operations
|
|
CERT.OBJ03.AGBPT
|
OBJ03-J. Prevent heap pollution
|
|
CERT.OBJ04.CLONE
|
OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
|
|
CERT.OBJ04.CPCL
|
OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
|
|
CERT.OBJ04.MPT
|
OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
|
|
CERT.OBJ04.MUCOP
|
OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
|
|
CERT.OBJ04.SMO
|
OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
|
|
CERT.OBJ05.CPCL
|
OBJ05-J. Do not return references to private mutable class members
|
|
CERT.OBJ05.MPT
|
OBJ05-J. Do not return references to private mutable class members
|
|
CERT.OBJ05.MUCOP
|
OBJ05-J. Do not return references to private mutable class members
|
|
CERT.OBJ05.SMO
|
OBJ05-J. Do not return references to private mutable class members
|
|
CERT.OBJ06..MPT
|
OBJ06-J. Defensively copy mutable inputs and mutable internal components
|
|
CERT.OBJ06.CPCL
|
OBJ06-J. Defensively copy mutable inputs and mutable internal components
|
|
CERT.OBJ06.MUCOP
|
OBJ06-J. Defensively copy mutable inputs and mutable internal components
|
|
CERT.OBJ06.SMO
|
OBJ06-J. Defensively copy mutable inputs and mutable internal components
|
|
CERT.OBJ07.MCNC
|
OBJ07-J. Sensitive classes must not let themselves be copied
|
|
CERT.OBJ08.INNER
|
OBJ08-J. Do not expose private members of an outer class from within a nested class
|
|
CERT.OBJ09.CMP
|
OBJ09-J. Compare classes and not class names
|
|
CERT.OBJ10.RMO
|
OBJ10-J. Do not use public static nonfinal fields
|
|
CERT.OBJ10.SPFF
|
OBJ10-J. Do not use public static nonfinal fields
|
|
CERT.OBJ11.EPNFC
|
OBJ11-J. Be wary of letting constructors throw exceptions
|
|
CERT.OBJ13.RMO
|
OBJ13-J. Ensure that references to mutable objects are not exposed
|
|
CERT.OBJ51.DPAC
|
OBJ51-J. Minimize the accessibility of classes and their members
|
|
CERT.OBJ51.DPAF
|
OBJ51-J. Minimize the accessibility of classes and their members
|
|
CERT.OBJ51.DPAM
|
OBJ51-J. Minimize the accessibility of classes and their members
|
|
CERT.OBJ51.DPPC
|
OBJ51-J. Minimize the accessibility of classes and their members
|
|
CERT.OBJ51.DPPF
|
OBJ51-J. Minimize the accessibility of classes and their members
|
|
CERT.OBJ51.DPPM
|
OBJ51-J. Minimize the accessibility of classes and their members
|
|
CERT.SEC01.PRIVIL
|
SEC01-J. Do not allow tainted variables in privileged blocks
|
|
CERT.SEC02.TDRFL
|
SEC02-J. Do not base security checks on untrusted sources
|
|
CERT.SEC03.ACL
|
SEC03-J. Do not load trusted classes after allowing untrusted code to load arbitrary classes
|
|
CERT.SEC04.SCF
|
SEC04-J. Protect sensitive operations with security manager checks
|
|
CERT.SEC05.ARM
|
SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields
|
|
CERT.SEC51.PCL
|
SEC51-J. Minimize privileged code
|
|
CERT.SER00.DUID
|
SER00-J. Enable serialization compatibility during class evolution
|
|
CERT.SER01.ROWO
|
SER01-J. Do not deviate from the proper signatures of serialization methods
|
|
CERT.SER03.SIF
|
SER03-J. Do not serialize unencrypted sensitive data
|
|
CERT.SER04.SCSER
|
SER04-J. Do not allow serialization and deserialization to bypass the security manager
|
|
CERT.SER07.RRSC
|
SER07-J. Do not use the default serialized form for classes with implementation-defined invariants
|
|
CERT.SER09.VREADOBJ
|
SER09-J. Do not invoke overridable methods from the readObject() method
|
|
CERT.SER11.IRX
|
SER11-J. Prevent overwriting of externalizable objects
|
|
CERT.SER12.VOBD
|
SER12-J. Prevent deserialization of untrusted data
|
|
CERT.STR00.COS
|
STR00-J. Don't form strings containing partial characters from variable-width encodings
|
|
CERT.STR01.NCUCP
|
STR01-J. Do not assume that a Java char fully represents a Unicode code point
|
|
CERT.STR02.CCL
|
STR02-J. Specify an appropriate locale when comparing locale-dependent data
|
|
CERT.STR02.CTLC
|
STR02-J. Specify an appropriate locale when comparing locale-dependent data
|
|
CERT.THI00.IRUN
|
THI00-J. Do not invoke Thread.run()
|
|
CERT.THI01.AUTG
|
THI01-J. Do not invoke ThreadGroup methods
|
|
CERT.THI02.ANF
|
THI02-J. Notify all waiting threads rather than a single thread
|
|
CERT.THI03.UWIL
|
THI03-J. Always invoke wait() and await() methods inside a loop
|
|
CERT.THI05.THRD
|
THI05-J. Do not use Thread.stop() to terminate threads
|
|
CERT.TPS00.ISTART
|
TPS00-J. Use thread pools to enable graceful degradation of service during traffic bursts
|
|
CERT.TSM00.OSNS
|
TSM00-J. Do not override thread-safe methods with methods that are not thread-safe
|
|
CERT.TSM01.CTRE
|
TSM01-J. Do not let the this reference escape during object construction
|
|
CERT.TSM02.CSTART
|
TSM02-J. Do not use background threads during class initialization
|
|
CERT.VNA00.LORD
|
VNA00-J. Ensure visibility when accessing shared primitive variables
|
|
CERT.VNA00.MRAV
|
VNA00-J. Ensure visibility when accessing shared primitive variables
|
|
CERT.VNA02.MRAV
|
VNA02-J. Ensure that compound operations on shared variables are atomic
|
|
CERT.VNA02.SSUG
|
VNA02-J. Ensure that compound operations on shared variables are atomic
|
|
CERT.VNA03.MRAV
|
VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic
|
|
CERT.VNA03.SSUG
|
VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic
|
|
CRT.MSC02.SRD
|
MSC02-J. Generate strong random numbers
|
|
SECURITY.WSC.USC
|
MSC00-J. Use SSLSocket rather than Socket for secure data exchange
|
