...
The ordering problem can be dangerous when dealing with native code. For example, if object A references object B (either directly or reflectively) and the latter gets finalized first, A's finalizer may end up dereferencing dangling native pointers. To impose an explicit ordering on finalizers, make sure that B remains reachable until A's finalizer has concluded. This can be achieved by adding a reference to B in some global state variable and removing it when A's finalizer executes. An alternative is to use the java.lang.ref references.
MET12-EX1: A class may use an empty final finalizer to prevent a finalizer attack, as specified in rule OBJ11-J. Be wary of letting constructors throw exceptions.
Risk Assessment
Improper use of finalizers can result in resurrection of garbage-collection ready objects and result in denial-of-service vulnerabilities.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="006e10a19879095d-e6da8ccd-4aaa4361-9225ac34-344873a76ccb22e23f05ddc6"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [finalize() | http://java.sun.com/j2se/1.4.2/docs/api/java/lang/Object.html#finalize()] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="69cd3d109291b0dc-b8a8619c-4e4c4daa-9ac4a6dc-d96f48dd77885ea48aed718a"><ac:plain-text-body><![CDATA[ | [[Bloch 2008 | AA. Bibliography#Bloch 08]] | Item 7, Avoid finalizers | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a5fa5ee150d3bf76-051d2b13-43a0417e-b2a9bee3-117491ec69e0504bf28025ee"><ac:plain-text-body><![CDATA[ | [[Boehm 2005 | AA. Bibliography#Boehm 05]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f3368aa14ef0ffe0-da48fe3e-463f4219-8ec3b68f-c0784f758c41f6f94c939336"><ac:plain-text-body><![CDATA[ | [[Coomes 2007 | AA. Bibliography#Coomes 07]] | "Sneaky" Memory Retention | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="37c62fb49d0eb196-f0b638d2-496a4dbe-a827b0d2-54ef41606bd5b2dfcb4ccc39"><ac:plain-text-body><![CDATA[ | [[Darwin 2004 | AA. Bibliography#Darwin 04]] | Section 9.5, The Finalize Method | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c1ea3bd9c7bd7d68-11202804-431a40bf-9af797db-4fbad360a71022e7a50ec2c7"><ac:plain-text-body><![CDATA[ | [[Flanagan 2005 | AA. Bibliography#Flanagan 05]] | Section 3.3, Destroying and Finalizing Objects | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e083d0738fd00521-34e0bda3-4fdc4119-b22a946e-262146dfc8aa53b53837ddbc"><ac:plain-text-body><![CDATA[ | [[JLS 2005 | AA. Bibliography#JLS 05]] | §12.6, Finalization of Class Instances | ]]></ac:plain-text-body></ac:structured-macro> |
...