SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 12

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 13

changes.mady.by.user Ankur Goyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider Java v3.0

...

Wiki Markup
At the same time, the use of {{static-final}} modifiers should not be abused. According to the Java Language Specification \[[JLS 05|AA. Java References#JLS 05]\] section 13.4.9 ""{{final}} Fields and Constants"":

Other than for true mathematical constants, we recommend that source code make very sparing use of class variables that are declared static and final. If the read-only nature of final is required, a better choice is to declare a private static variable and a suitable accessor method to get its value.

...

Wiki Markup
*DCL31-J:EX1*: According to the Java Language Specification \[[JLS 05|AA. Java References#JLS 05]\], section 9.3 ""Field (Constant) Declarations"": ""Every field declaration in the body of an interface is implicitly {{public}}, {{static}}, and {{final}}. It is permitted to redundantly specify any or all of these modifiers for such fields.""

Risk Assessment

Failing to declare mathematical constants static and final can lead to thread safety issues as well as inconsistent behavior.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

TODO

References

Wiki Markup
\[[JLS 05|AA. Java References#JLS 05]\] ""13.4.9 final Fields and Constants"", ""9.3 Field (Constant) Declarations"", ""4.12.4 final Variables"", ""8.3.1.1 static Fields""

...

DCL30-J. Do not attempt to assign to the loop variable in an enhanced for loop            03. Declarations and Initialization (DCL)            04. Expressions (EXP)