SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 7

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 8

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
public interface CallBack {
  void callMethod();
}
  
class CallBackImplMyCallBack implements CallBack {
  public void callMethod() {
    System.out.println("CallbackCallBack invoked");
  }
}
  
class Client {
  CallBack callback;
  public void registerCallbackregisterCallBack(CallBack callback) {
    this.callback = callback;
  }
 
  public void doSomething() {
    callback.callMethod();
  }

  public static void main(String[] args) {
    Client client = new Client();
    CallBack myCallbackmyCallBack = new CallBackImplMyCallBack();
    client.registerCallbackregisterCallBack( myCallbackmyCallBack);
    // ...
    client.doSomething(); // prints "CallbackCallBack invoked"
  }
}

Callback methods are often invoked with no changes in privileges. This means that they may be executed in a context that has more privileges than the context in which they are declared. If these callback methods accept data from untrusted code, privilege escalation may occur.

...