SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 49

changes.mady.by.user Dean Sutherland

Saved on

compared with

New Version 50

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Wiki Markup
A nested class is any class whose declaration occurs within the body of another class or interface \[[JLS 2005|AA. Bibliography#JLS 05]\]. Nested classes are a broad set of classes that are classified as {{static}} member and inner classes. "An inner class is a nested class that is not explicitly or implicitly declared {{static}}." \[[JLS 2005|AA. Bibliography#JLS 05]\]. An inner class may be local, anonymous, or non-static.

The use of a nested class is error-prone unless the semantics are well understood. A common notion is that only the outer class can access the contents of the nested inner class(es). Not only does the nested class have access to the private fields of the outer class, the same fields can be accessed by another class in the package depending on whether the nested class is declared public or if it contains public methods/constructors. By default, the javac compiler converts the accessibility of private methods of a nested class to package-private.

Wiki Markup
Also, according to the Java Language Specification \[[JLS 2005|AA. Bibliography#JLS 05]\], sectionSection 8.3, "Field Declarations"

Note that a private field of a superclass might be accessible to a subclass (for example, if both classes are members of the same class). Nevertheless, a private field is never inherited by a subclass.

...

The Java Language System weakens the accessibility of sensitive, private entities in inner classes which may can result in a security weakness.

...

Automated detection of non-private nested classes that define non-private members and constructors is straight-forward. However, this guideline only applies only when those classes could potentially expose sensitive data or operations from the outer class. Detection of sensitive data or operations requires programmer assistance.

...

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Related Guidelines

MITRE CWE: CWE-492 "Use of Inner Class Containing Sensitive Data"

Bibliography

Wiki Markup
\[[JLS 2005|AA. Bibliography#JLS 05]\] [Section 8.1.3, Inner Classes and Enclosing Instances|http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.1.3] and 8.3 "Field Declarations"
\[[McGraw 2000|AA. Bibliography#McGraw 00]\]
\[[Long 2005|AA. Bibliography#Long 05]\] Section 2.3, Inner Classes
\[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 492|http://cwe.mitre.org/data/definitions/492.html] "Use of Inner Class Containing Sensitive Data"

...

SCP02-J. Do not reuse names      05. Scope (SCP)      SCP04-J. Reduce the scope of the SuppressWarnings annotation