SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 43

changes.mady.by.user Yitzhak Mandelbaum

Saved on

compared with

New Version 44

changes.mady.by.user Yitzhak Mandelbaum

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
static final int TOOBIG = 0x6400000; // 100MB

  // ...

  // write the files to the disk, but onlyensure that ifthe file is not insanely big
  if (entry.getSize() > TOOBIG) {
    throw new IllegalStateException("File to be unzipped is huge.");
  }
  if (entry.getSize() == -1) {
    throw new IllegalStateException("File to be unzipped might be huge.");
  }
  FileOutputStream fos = new FileOutputStream(entry.getName())FileOutputStream fos = new FileOutputStream(entry.getName());
  int total = 0;
  dest = new BufferedOutputStream(fos, BUFFER);
  while ((count = zis.read(data, 0, BUFFER)) != -1) {
    dest.write(data, 0, count);
    total += count;
  }
  dest.flush();
  dest.close();

  // ...

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

IDS04-J

low

probable

high

P2

L3

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9c2983918d54519f-ece73417-4ef04913-a3d7a6f5-7b61e07b857f907600db3bd1"><ac:plain-text-body><![CDATA[

[[Mahmoud 2002

AA. References#Mahmoud 02]]

[Compressing and Decompressing Data Using Java APIs

http://java.sun.com/developer/technicalArticles/Programming/compression/]

]]></ac:plain-text-body></ac:structured-macro>

...