SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 74

changes.mady.by.user Todd Nowacki

Saved on

compared with

New Version 75

changes.mady.by.user Dean Sutherland

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added normative text. Many passive sentences have been activated.

...

This statement can be misleading because it is inapplicable to instances that use values of static final fields that are initialized at a later stage. Declaring a field to be static final is insufficient to guarantee that it is fully initialized before being read.

Programs in general should — and security sensitive programs must — eliminate all class initialization cycles.

Noncompliant Code Example (Intra-Class Cycle)

...

Such initialization cycles become insidious when many fields are involved; ensure that the control flow lacks such cycles.

Although this compliant solution prevents the initialization cycle, it depends on declaration order and is consequently fragile; later maintainers of the software may be unaware that the declaration order must be maintained to preserve correctness. Consequently, such dependencies must be clearly documented in the code.

Noncompliant Code Example (Inter-Class Cycle)

This noncompliant code example declares two classes with static variables whose values depend on each other. The cycle is obvious when the classes are seen together (like they are as here), but this can easily be missed when viewing the classes are viewed separately.

Code Block
bgColor#FFcccc
class A {
    public static final int a = B.b + 1;
    // ...
}

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DCL00-J

low

unlikely

medium

P2

L3

Automated Detection

TODO

Related Guidelines

C++ Secure Coding Standard

"DCL14-CPP. Avoid assumptions about the initialization order between translation units"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="75b38a7f88eadef5-9eee11e4-4a5b4828-8924b51c-51ad5bcc36855a4342a7f970"><ac:plain-text-body><![CDATA[

[ISO/IEC TR 24772:2010

http://www.aitcnet.org/isai/]

"Initialization of Variables [LAV]"

]]></ac:plain-text-body></ac:structured-macro>

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2331f846fd1429f4-be35b445-4e974da1-b00992f8-7baf69130c080deaa07da018"><ac:plain-text-body><![CDATA[

[[JLS 2005

AA. Bibliography#JLS 05]]

[§8.3.2.1, "Initializers for Class Variables"

http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.3.2.1]

]]></ac:plain-text-body></ac:structured-macro>

 

§12.4, "Initialization of Classes and Interfaces"

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9d3cdd3c040428fa-77ddde66-40eb4589-b36d87a6-ec57fe216f719e015edc57bb"><ac:plain-text-body><![CDATA[

[[Bloch 2005

AA. Bibliography#Bloch 05]]

Puzzle 49: Larger Than Life

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="26397d269193925b-1d8189f1-43a34bc0-88adb851-02cd788dfa5eff38ba4a15f1"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID 665

http://cwe.mitre.org/data/definitions/665.html] "Improper Initialization"

]]></ac:plain-text-body></ac:structured-macro>

...