SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 4

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 5

changes.mady.by.user Ankur Goyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider Java v3.0

...

Code Block
public class BadFile extends java.io.File {
  private int count;
  public String getPath() {
    return (++count == 1) ? ""/tmp/foo"" : ""/etc/passwd"";
  }
}

Compliant Solution

Security checks should not be based on untrusted sources. This compliant solution ensures that the java.io.File object cannot be untrusted. This is achieved by declaring java.io.File as final and ensuring that a new java.io.File object is created in the openFile() method. Note that using the clone() method instead, would copy the attacker's class which is not desirable (refer to MET39-J. Do not use the clone method to copy untrusted method parameters).

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Sterbenz 06|AA. Java References#Sterbenz 06]\] 
\[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 302|http://cwe.mitre.org/data/definitions/302.html] ""Authentication Bypass by Assumed-Immutable Data""

...

SEC34-J. Do not allow tainted variables in doPrivileged blocks            02. Platform Security (SEC)            03. Declarations and Initialization (DCL)