SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 3

changes.mady.by.user Fred Long

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

According to JLS,:

"The access modifier of an overriding or hiding method must provide at least as much access as the overridden or hidden method, or a compile-time error occurs."

The allowed accesses are:

...

Code Block
bgColor#ccccff
class BadScope {
  private final void doLogic() {System.out.println("Super invoked");}
}

Risk Assessment

TODOSubclassing allows access restrictions to be weakened, possibly compromising the security of a Java application.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SCP01-J

?? medium ??

probable

?? high

P??

L??

Automated Detection

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[JLS 05|AA. Java References#JLS 05]\] Section 8.4.8.3 Requirements in Overriding and Hiding