SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 72

changes.mady.by.user vishal patel

Saved on

compared with

New Version 73

changes.mady.by.user vishal patel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: compressing obj rules section

...

Note that a private field of a superclass might be accessible to a subclass (for example, if both classes are members of the same class). Nevertheless, a private field is never inherited by a subclass.

Noncompliant Code Example

This noncompliant code example exposes the sensitive (x,y) coordinates through the getPoint() method of the inner class. Consequently, the AnotherClass class that belongs to the same package can access the coordinates.

Code Block
bgColor#FFcccc
class Coordinates {
  private int x;
  private int y;

  public class Point {
    public void getPoint() {
      System.out.println("(" + x + "," + y + ")");    
    }
  }
}

class AnotherClass {
  public static void main(String[] args) {
    Coordinates c = new Coordinates();
    Coordinates.Point p = c.new Point();
    p.getPoint();
  }        
}

Compliant Solution

Use the private access specifier for hiding the inner class and all contained methods and constructors. The compiler will refuse to compile AnotherClass because of its attempt to access a private nested class.

Code Block
bgColor#ccccff
class Coordinates {
  private int x;
  private int y;

  private class Point {
    private void getPoint() {
      System.out.println("(" + x + "," + y + ")");    
    }
  }
}

class AnotherClass {
  public static void main(String[] args) {
    Coordinates c = new Coordinates();
    Coordinates.Point p = c.new Point();    // fails to compile
    p.getPoint();
  }        
}

Risk Assessment

The Java Language System weakens the accessibility of sensitive, private entities in inner classes which can result in a security weakness.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

OBJ17OBJ14-J

medium

probable

medium

P8

L2

Automated Detection

Automated detection of non-private nested classes that define non-private members and constructors is straight-forward. However, this guideline applies only when those classes could potentially expose sensitive data or operations from the outer class. Detection of sensitive data or operations requires programmer assistance.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Related Guidelines

MITRE CWE: CWE-492 "Use of Inner Class Containing Sensitive Data"

Bibliography

Wiki Markup
\[[JLS 2005|AA. Bibliography#JLS 05]\] [Section 8.1.3, Inner Classes and Enclosing Instances|http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.1.3] and [Section 8.3|http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.3] "Field Declarations"
\[[Long 2005|AA. Bibliography#Long 05]\] Section 2.3, Inner Classes
\[[McGraw 2000|AA. Bibliography#McGraw 00]\]

...