SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 4

changes.mady.by.user pranav kukreja

Saved on

compared with

New Version 5

changes.mady.by.user pranav kukreja

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
public class MyClass {

    private static byte[] data;
    public static byte[] getData() {
        return data.clone();
    }

    public static void setData(byte[] b) {
        securityCheck();
       data = b.clone();
    }
}

Risk Assessment

Unauthorized modifications to public static variables can result in unexpected behavior and can bypass important security checks and/or invoke malicious code.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

OBJ32 OBJ31-J

medium

probable

high

P4

L3

References
Avoiding Antipatterns Antipattern 5, Misusing Public Static Variables

...