SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 1

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 2

changes.mady.by.user Dhruv Mohindra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Noncompliant Code Example (getClass() lock object)

Synchronizing on return values Synchronizing on return value (class object) of the Object.getClass() method, rather than a class literal can lead to unexpected behavior. Whenever the implementing class is subclassed, the subclass locks on a completely different Class object (subclass's type).

...

...


public void doSomething() {
  synchronized(getClass()) {
    // ... 
  }
}

Wiki Markup
Section 4.3.2 "The Class Object" of the Java Language specification \[[JLS 05|AA. Java References#JLS 05]\] describes how method synchronization works:

...

This does not mean that a subclass using getClass() can only synchronize on the Class object of the base class. In fact, it will lock on its own Class object, which may or may not be what the programmer had in mind. The intent should be clearly documented or annotated. Note that if a subclass does not override an accessible noncompliant superclass's method, it inherits the method which may lead to the false conclusion that the superclass's intrinsic lock is available in the subclass.

Noncompliant Code Example (getClass() lock object)

This noncompliant code example synchronizes on the class object returned by getClass().

Code Block
bgColor#FFcccc

public void doSomething() {
  synchronized(getClass()) {
    // ... 
  }
}

Compliant Solution (class name qualification)

...

The class object that is being used for synchronization should also not be accessible to untrusted code. Furthermore, care must be taken to ensure that untrusted inputs are not accepted as arguments while loading classes using Class.forname(). (See SEC05-J. Do not expose standard APIs that use the immediate caller's class loader instance to untrusted code for more information.)

Risk Assessment

Synchronizing on the class object returned by getClass() can present a false sense of thread safety and result in non-deterministic behavior.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

CON02- J

medium

probable

medium

P8

L2

Automated Detection

The following table summarizes the examples flagged as violations by FindBugs:

Noncompliant Code Example

Flagged

Checker

Message

getClass() lock object

No

WL_USING_GETCLASS_RATHER_THAN_CLASS_LITERAL

n/a

The following table summarizes the examples flagged as violations by SureLogic Flashlight:

Noncompliant Code Example

Flagged

Message

getClass() lock object

No

No data available about field accesses

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[API 06|AA. Java References#API 06]\] 
\[[Findbugs 08|AA. Java References#Findbugs 08]\]. 
\[[Pugh 08|AA. Java References#Pugh 08]\] "Synchronization"
\[[Miller 09|AA. Java References#Miller 09]\] Locking

...

VOID CON00-J. Synchronize access to shared mutable variables      11. Concurrency (CON)      CON03-J. Do not use background threads during class initialization