SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user Kalpana Chatnani

Saved on

compared with

New Version 3

changes.mady.by.user Kalpana Chatnani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

3. The program requires more memory than is present by default in the heap

 Non Compliant Code Example

A heap error will be generated if the heap is continued to be accessed even if there is no memory left in the heap.

Code Block
  import java.io.*;
import java.util.*;

public class ShowHeapError {

    //assume that the vector has a very large number of entries. This could be possible if the query results returned from a database are stored in the vector
    Vector v = new Vector(50000);

    public void main(String[] args)Vector<String> names = new Vector<String>();
    String newName=null;
    InputStreamReader input = new InputStreamReader(System.in);
    BufferedReader reader = new BufferedReader(input);

    public void addNames(){
    	do{
    		//adding unknown number of records to a list
    		System.out.print(" To quit, enter \"quit\"\nEnter record: ");
          	try {
         ListIterator iter		newName = vreader.listIteratorreadLine();
         while (iter.hasNext())		if(!newName.equalsIgnoreCase("quit")){
          			//names are continued to be added without bothering about the size on the heap
          			names.addElement(newName);
          		}
   			} catch (IOException e) {
   			}
            System.out.println(newName);

    	}
        while (!newName.equalsIgnoreCase("quit"));
    }

    public static void main(String)iter.next()[] args) {
         ShowHeapError demo = new ShowHeapError();
         }demo.addNames();
    }
}

Compliant solution

This exception can be avoided by either making sure that there are no infinite loops or memory leaks. If the programmer knows that the application would require a lot of memory then, he can increase the heap size in Java using the following runtime run time parameters:

java -Xms<initial heap size> -Xmx<maximum heap size>

...

This setting can be done either in the Java Control Panel or on the command line. This setting cannot be controlled in the application itself.

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

FIO37-J

low medium

probable

medium

P3

L3

 Automated Detection

TODO

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website