SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 84

changes.mady.by.user Yozo TODA

Saved on

compared with

New Version 85

changes.mady.by.user Yozo TODA

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Wiki MarkupAn exceptional condition can circumvent the release of a lock, leading to deadlock. According to the Java API \ [[API 2006|AA. References#API 06]\]

A ReentrantLock is owned by the thread last successfully locking, but not yet unlocking it. A thread invoking lock will return, successfully acquiring the lock, when the lock is not owned by another thread.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

LCK08-J

low

likely

low

P9

L2

Related Vulnerabilities

The GERONIMO-2234 issue report describes a vulnerability in the Geronimo application server. If the user single-clicks the keystore portlet, the user will lock the default keystore without warning. This causes a crash and stack trace to be produced. Futhermore, the server cannot be restarted because the lock is never cleared.

...

MITRE CWE

CWE-883. Deadlock

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6421fdab-85aa-42ec-8321-ff4533175949"><ac:plain-text-body><! [CDATA[ [[API 2006AA. References#API 06]]

Class ReentrantLock]]></ac:plain-text-body></ac:structured-macro>

...

      08. Locking (LCK)