SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 71

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 72

changes.mady.by.user Amy Gale

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added "automated detection" section

...

Failure to provide an unmodifiable, safe view of a sensitive mutable object to untrusted code can lead to malicious tampering and corruption of the object.

Automated Detection

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

FB.MALICIOUS_CODE.MS_OOI_PKGPROTECT

FB.MALICIOUS_CODE.MS_MUTABLE_COLLECTION

FB.MALICIOUS_CODE.MS_MUTABLE_COLLECTION_PKGPROTECT

FB.MALICIOUS_CODE.MS_PKGPROTECT

Field should be moved out of an interface and made package protected

Field is a mutable collection

Field is a mutable collection which should be package protected

 Field should be package protected

Bibliography

[Tutorials 2013]Unmodifiable Wrappers

...