Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added note limited scope of CS

...

Code Block
bgColor#ccccff
langjava
public static void processTag(String tag) {
  if (tag.equalsIgnoreCase("SCRIPT")) {
    return;
  }
  // Process tag
}

This solution is compliant because equalIgnoreCase() compares two strings, one of which is plain ASCII, and therefore its behavior is well-understood, even if the other string is not plain ASCII. Calling equalIgnoreCase() where both strings may not be ASCII is not recommended, simply because equalIgnoreCase() may not behave as expected by the developer.

Noncompliant Code Example (FileReader)

...

Failure to specify the appropriate locale when using locale-dependent methods on local-dependent data without specifying the appropriate locale may result in unexpected behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR02-J

Medium

Probable

Medium

P8

L2

Automated Detection

ToolVersionCheckerDescription
The Checker Framework

Include Page
The Checker Framework_V
The Checker Framework_V

Tainting CheckerTrust and security errors (see Chapter 8)
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
FB.I18N.DM_CONVERT_CASE
FB.I18N.DM_DEFAULT_ENCODING

PMD.Design.SimpleDateFormatNeedsLocale
PMD.Design.UseLocaleWithCaseConversions
Consider using Locale parameterized version of invoked method
Reliance on default encoding
Simple date format needs Locale
Use Locale with case conversions
Parasoft Jtest
Include Page
java:
Parasoft_V
java:
Parasoft_V
INTER.{CCL,CTLC}Implemented
SonarQube
Java Plugin
Include Page
SonarQube
Java Plugin
_V
SonarQube
Java Plugin
_V
S1449
 

Android Implementation Details

A developer can specify locale on Android using java.util.Locale.

Bibliography

...


...