SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 32

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 33

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Killing off Scope section

...

The @SuppressWarnings annotation can be used in the declaration of variables and methods, as well as an entire class. It is, however, very important to narrow down its scope so that other noteworthy warnings within the same scope are not silently ignored.

Noncompliant Code Example

In this noncompliant code example, the @SuppressWarnings annotation's scope encompasses the whole class. This is dangerous because all unchecked warnings within the class will be suppressed. Oversights of this nature can lead to a ClassCastException at runtime.

Code Block
bgColor#FFCCCC
@SuppressWarnings("unchecked") class Legacy {
  Set s = new HashSet();
  public final void doLogic(int a,char c) {
    s.add(a);
    s.add(c); // Type unsafe operation, ignored
  }
}

Compliant Solution

Limit the scope of the @SuppressWarnings annotation to the nearest unchecked warning generating code. In this case, it may be used in the declaration for the Set.

Code Block
bgColor#ccccff
class Legacy {
  @SuppressWarnings("unchecked")  Set s = new HashSet();
  public final void doLogic(int a,char c) {
    s.add(a); // Produces unchecked warning
    s.add(c); // Produces unchecked warning
  }
}

Noncompliant Code Example

This noncompliant code example is from the implementation of java.util.ArrayList. When the class is compiled, it emits an unchecked cast warning, as shown. Because the return statement is not a declaration, the Java Language Specification [JLS 2005] makes it impossible to suppress the warning trivially. Consequently, the @SuppressWarnings is used over method scope. This can cause issues when some functionality that performs type-unsafe operations is added to the method at a later date [Bloch 2008].

...

Code Block
// Unchecked cast warning
ArrayList.java:305: warning: [unchecked] unchecked cast found : Object[], required: T[]
return (T[]) Arrays.copyOf(elements, size, a.getClass());

Compliant Solution

When it is impossible to use the @SuppressWarnings annotation, as in the preceding noncompliant code example, declare a new variable to hold the return value and adorn it with the @SuppressWarnings annotation.

Code Block
bgColor#ccccff
// ...
@SuppressWarnings("unchecked") T[] result =
(T[]) Arrays.copyOf(elements, size, a.getClass());
return result;
// ...

Risk Assessment

Failure to reduce the scope of the @SuppressWarnings annotation can lead to runtime exceptions and break type safety guarantees.

Guideline

Severity

Likelihood

Remediation Cost

Priority

Level

SCP04-J

medium

probable

high

P4

L3

Automated Detection

This guideline cannot be statically enforced in full generality; static analysis could be possible for some interesting special cases.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

[Bloch 2008] Item 24: "Eliminate unchecked warnings"

...