SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 37

changes.mady.by.user Ankur Goyal

Saved on

compared with

New Version 38

changes.mady.by.user Ankur Goyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by NavBot

...

Code Block
bgColor#FFcccc
public class BankOperations {
  public BankOperations() {
    if (!performSSNVerification()) {
       throw new SecurityException(""Invalid SSN!""); 
    }    
  }
  
  private boolean performSSNVerification() {
    return false; // Returns true if data entered is valid, else false. Assume that the attacker just enters invalid SSN.
  }
  
  public void greet() {
    System.out.println(""Welcome user! You may now use all the features."");
  }
}

public class UserApp {
  public static void main(String[] args) {
    BankOperations bo;
    try {
      bo = new BankOperations();
    } catch(SecurityException ex) { bo = null; }
   
    Storage.store(bo);
    System.out.println(""Proceed with normal logic"");
  }
}

public class Storage {
  private static BankOperations bop;

  public static void store(BankOperations bo) {
  // Only store if it is not initialized
    if (bop == null) {  
      if (bo == null) {   
        System.out.println(""Invalid object!"");
	System.exit(1);
      }
      bop = bo;
    }
  }
}

...

Code Block
public class Interceptor extends BankOperations {
  private static Interceptor stealInstance = null;
  public static Interceptor get() {
    try {
      new Interceptor();
    } catch(Exception ex) { } // Ignore the exception
    try {
      synchronized(Interceptor.class) {
        while (stealInstance == null) {
          System.gc();
          Interceptor.class.wait(10);
        }
      }
    } catch(InterruptedException ex) { return null; }
    return stealInstance;
  }
  public void finalize() {
    synchronized(Interceptor.class) {
      stealInstance = this;
      Interceptor.class.notify();
    }
    System.out.println(""Stolen the instance in finalize of "" + this);
  }
}

public class AttackerApp { // Invoke class and gain access to the restrictive features
  public static void main(String[] args) {
    Interceptor i = Interceptor.get(); // stolen instance

    // Can store the stolen object though this should have printed ""Invalid Object!"" 
    Storage.store(i);      

    // Now invoke any instance method of BankOperations class
    i.greet();	           
    
    UserApp.main(args); // Invoke the original UserApp
  }
}

...

Code Block
bgColor#ccccff
class BankOperations {
  public volatile boolean initialized = false; // volatile flag

  public BankOperations() {
    if (!performSSNVerification()) {
       throw new SecurityException(""Invalid SSN!""); 
    }  
    else {
      initialized = true; // object construction succeeded	  
    }
  }
  
  private boolean performSSNVerification() {
    return false;
  }
  
  public void greet() {
    if(initialized == true) {
      System.out.println(""Welcome user! You may now use all the features."");
      // ...
    }
    else {
      System.out.println(""You are not permitted!"");
    }
  }
}

EX2: It is permissible to use the telescoping pattern when the overhead of the builder pattern is significant as compared to the number of parameters required to be initialized. This pattern prescribes a constructor to initialize the required parameters and individual constructors for each optional parameter that is added.

...

OBJ31-J. Do not use public static non-final variables            08. Object Orientation (OBJ)            OBJ33-J. Limit the extensibility of non-final classes and methods to only trusted subclasses