SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 44

changes.mady.by.user Yitzhak Mandelbaum

Saved on

compared with

New Version 45

changes.mady.by.user Yitzhak Mandelbaum

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reverted from v. 43

...

Code Block
bgColor#ccccff
static final int TOOBIG = 0x6400000; // 100MB

  // ...

  // write the files to the disk, but ensureonly thatif the file is not insanely big
  FileOutputStream fos = new FileOutputStream(entry.getName());
  int total = 0if (entry.getSize() > TOOBIG) {
    throw new IllegalStateException("File to be unzipped is huge.");
  }
  if (entry.getSize() == -1) {
    throw new IllegalStateException("File to be unzipped might be huge.");
  }
  FileOutputStream fos = new FileOutputStream(entry.getName());
  dest = new BufferedOutputStream(fos, BUFFER);
  while ((count = zis.read(data, 0, BUFFER)) != -1) {
    dest.write(data, 0, count);
    total += count;
  }
  dest.flush();
  dest.close();

  // ...

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

IDS04-J

low

probable

high

P2

L3

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="65350c043cf6d7fd-4d9718bd-42a34185-a98d8bab-5357279865258b6ae7af37d8"><ac:plain-text-body><![CDATA[

[[Mahmoud 2002

AA. References#Mahmoud 02]]

[Compressing and Decompressing Data Using Java APIs

http://java.sun.com/developer/technicalArticles/Programming/compression/]

]]></ac:plain-text-body></ac:structured-macro>

...