SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 9

changes.mady.by.user Ankur Goyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider Java v3.0

...

Code Block
bgColor#FFCCCC
logger.severe(""Invalid username:"" + getUserName());

Compliant Solution

...

Code Block
bgColor#ccccff
String username = getUserName();
sanitize(username);
logger.severe(""Invalid username:"" + username);

Risk Assessment

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[API 06|AA. Java References#API 06]\] 
\[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 144|http://cwe.mitre.org/data/definitions/144.html] and [CWE ID 150|http://cwe.mitre.org/data/definitions/150.html]

...

FIO36-J. Do not create multiple buffered wrappers on an InputStream            09. Input Output (FIO)            09. Input Output (FIO)