SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 9

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: simplified and reorganized

Java 1.5 supports the use of enumerated types; these enums look just like their C and C++ counterparts. In the Java programming language, however, enums are far more powerful than their counterparts in other languages. In Java, all enums language enumeration types have an ordinal() method, which returns the numerical position of each enum enumeration constant in its class declaration.

Wiki Markup
Section [
The Java Language Specification, in Section 
8.9, "Enums"|http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.9] of the Java Language Specification \[[JLS 2005|AA. Bibliography#JLS 05]\] does not specify the use of {{ordinal()}} in programs. However,
improper use of 
 Using the {{ordinal()
method in program logic can cause errors in programs
}} method to derive the value associated with an enum constant is error prone and should be avoided.

Wiki Markup
According to the Java API \[[API 2006|AA. Bibliography#API 06]\], {{ordinal()}} is defined as

public final int ordinal()

Returns the ordinal of the enumeration constant (its position in its enum declaration, where the initial constant is assigned an ordinal of zero). Most programmers will have no use for this method. It is designed for use by sophisticated enum-based data structures, such as EnumSet and EnumMap.

The ordinal() function is also a helper function to sophisticated enum-based data-structures EnumSet and EnumMap.

Poor program design involving ordinal() can cause programs to behave erroneously.

Noncompliant Code Example

This noncomplaint noncompliant code example declares enum Hydrocarbon and uses its ordinal() method to provide the result of the getNumberOfCarbons() method.

Code Block
bgColor#FFcccc
enum HydroCarbon {
  METHANE, ETHANE, PROPANE, BUTANE, PENTANE,
  HEXANE, HEPTANE, OCTANE, NONANE, DECANE;

  public int getNumberOfCarbons() {
    return ordinal() + 1;
  }
}
public class TestHC {
  public static void main(String args[]) {
    /* ... */
    HydroCarbon hc = HydroCarbon.HEXANE;
    int index = hc.getNumberOfCarbons();
    int noHyd = NumberOfHydrogen[index]; // Can cause ArrayIndexOutOfBoundsException
  }
}

While the enum this noncompliant code above example works, its maintenance is susceptible to vulnerabilities. If the enum constants were to be reordered, the getNumberOfCarbon() method would not return correct incorrect values. Also, BENZENE — which also has 6 carbons — cannot be added without violating the current enum design.

Compliant Solution

In this compliant solution, we explicitly associate enum constants are explicitly associated with the corresponding integer values.

Code Block
bgColor#ccccff
enum HydroCarbon {
  METHANE(1), ETHANE(2), PROPANE(3), BUTANE(4), PENTANE(5),
  HEXANE(6), BENZENE(6), HEPTANE(7), OCTANE(8), NONANE(9), DECANE(10);

  private final int numberOfCarbons;

  Hydrocarbon(int carbons) { this.numberOfCarbons = carbons; }

  public int getNumberOfCarbons() {
    return numberOfCarbons;
  }
}

Risk Assessment

Use of ordinals to derive integer values reduces the program's maintainability and can lead to errors in the program.

Guideline

Severity

Likelihood

Remediation Cost

Priority

Level

DCL11-J

low

probable

medium

P4

L3

Related Guidelines

C Secure Coding Standard: INT09-C. Ensure enumeration constants map to unique values

C++ Secure Coding Standard: INT09-CPP. Ensure enumeration constants map to unique values

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

Wiki Markup
\[[JLS 2005|AA. Bibliography#JLS 05]\] Section 8.9, "Enums"
\[[API 2006|AA. Bibliography#API 06]\] [Enum|http://download.oracle.com/javase/6/docs/api/java/lang/Enum.html]

...