SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 109

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 110

changes.mady.by.user Michal Rozenau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft Jtest 2020.2

...

Using simplistic concurrency primitives to process an unbounded number of requests could result in severe performance degradation, deadlock, or system resource exhaustion and DOS.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

TPS00-J

Low

Probable

High

P2

L3

Automated Detection

Sound automated detection is infeasible; heuristic checks could be useful.

ToolVersionCheckerDescription
Parasoft Jtest

Include Page
Parasoft_V
Parasoft_V

TRS.ISTARTDo not call the 'start()' method directly on Thread class instances

Related Guidelines

MITRE CWE

CWE-405, Asymmetric Resource Consumption (Amplification)
CWE-410, Insufficient Resource Pool

Bibliography

[API 2014]

Interface Executor

[Goetz 2006a]

Chapter 8, "Applying Thread Pools"

[Java Tutorials]

Thread Pools

[Lea 2000a]

Section 4.1.3, "Thread-Per-Message"
Section 4.1.4, "Worker Threads"

...


...