SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 169

changes.mady.by.user Todd Nowacki

Saved on

compared with

New Version 170

changes.mady.by.user Tracey Tamules

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Compliance with rule LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code can reduce the likelihood of misuse by ensuring that untrusted callers cannot access the lock object.

Exceptions

VNA00-EX1EX0: Class objects are created by the virtual machine; their initialization always precedes any subsequent use. Consequently, cross-thread visibility of Class objects is already assured by default

...

The unprotected field can be observed through its graphical user interface (GUI).

Related

...

Any vulnerabilities resulting from the violation of this rule are listed on the CERT website.

Related Guidelines

MITRE CWE

CWE ID 667, "Improper Locking"

 

CWE ID 413, "Improper Resource Locking"

 

CWE ID 567, "Unsynchronized Access to Shared Data in a Multithreaded Context"

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="eae6abfa2294047c-25704bd7-41864134-8848b594-608cf7c247fdb9704217057e"><ac:plain-text-body><![CDATA[

[[Bloch 2008

AA. Bibliography#Bloch 08]]

Item 66: Synchronize access to shared mutable data

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="332e17819efee816-6d96f9ad-44824dcc-8a95bdeb-2881b242a171593dc3d9fd93"><ac:plain-text-body><![CDATA[

[[Goetz 2006

AA. Bibliography#Goetz 06]]

3.4.2. "Example: Using Volatile to Publish Immutable Objects"

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2e04a434df1a0c7f-2abd6bc3-429d44fe-82fa9fad-8c45afbf64ce0f3ca341d04f"><ac:plain-text-body><![CDATA[

[[JLS 2005

AA. Bibliography#JLS 05]]

[Chapter 17, Threads and Locks

http://java.sun.com/docs/books/jls/third_edition/html/memory.html]]]></ac:plain-text-body></ac:structured-macro>

 

Section 17.4.5 Happens-Before Order

 

Section 17.4.3 Programs and Program Order

 

Section 17.4.8 Executions and Causality Requirements

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a6066bf79045cef2-3334aa49-40a84a25-b214a2c1-f8e2d36a1f1462cbd208460a"><ac:plain-text-body><![CDATA[

[[JPL 2006

AA. Bibliography#JPL 06]]

14.10.3. "The Happens-Before Relationship"

]]></ac:plain-text-body></ac:structured-macro>

...