...
| Code Block | ||
|---|---|---|
| ||
class Password {
public static void main(String[] args) throws IOException {
char[] password = new char[100];
BufferedReader br = new BufferedReader(new InputStreamReader(
new FileInputStream("password.txt")));
// readsReads the password into the char array, returns the number of bytes read
int n = br.read(password);
// decryptDecrypt password, perform operations
for(int i = n - 1; i >= 0; i--) // manuallyManually clear out the password immediately after use
password[i] = 0;
br.close();
}
}
|
To further limit the exposure time of the sensitive password, follow the guideline MSC08-J. Limit the lifetime of sensitive data by replacing BufferedReader with a direct NIO buffer.
Noncompliant Code Example
This noncompliant code example hard codes hardcodes the user name and password fields in the SQL connection request.
| Code Block | ||
|---|---|---|
| ||
public final Connection getConnection() throws SQLException {
return DriverManager.getConnection("jdbc:mysql://localhost/dbName", "username", "password");
}
|
...