SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 9

changes.mady.by.user Dhruv Mohindra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added text around 2nd NCE

...

By providing overridden implementations, untrusted code may be able to glean sensitive information, cause arbitrary code to run and expose denial of service vulnerabilities.

Noncompliant Code Example (hashCode)

This noncompliant code example shows a LicenseManager class that maintains a licenseMap. The map stores a LicenseType and license value pair.

...

Code Block
bgColor#ccccff
final class LicenseType {
  // ...
}

Noncompliant Code Example

...

(equals())

This noncompliant code example consists of a Widget class that attempts to mandate that comparison of a widget having negative number of components with another yields a false result.

Code Block
bgColor#ffcccc

How many items are there in layouts in the end?

Code Block
public class Widget {
    private int noOfComponents;
    public Widget(int noOfComponents) {
        this.noOfComponents = noOfComponents;
    }
    public int getNoOfComponents() {
        return noOfComponents;
    }
    public void setNoOfComponents(int noOfComponents) {
        this.noOfComponents = noOfComponents;
    }

	// Also overrides hashCode() (code is omitted) ...

    public boolean equals(Object o) {
        if (o == null || !(o instanceof Widget)) {
            return false;
        }
		
        Widget widget = (Widget) o;
        // check for negative components
        if (noOfComponents < 0 || widget.getNoOfComponents() < 0) {
            return false;
        }
        Widget widget = (Widget) o;
        return this.noOfComponents == ((Widget) o)widget.getNoOfComponents();
    }
}

public class NavigatorLayoutManager extends Widget {
    publicprivate Navigator(int noOfComponents) {
        super(noOfComponentsSet<Widget> layouts = new HashSet<Widget>();
    }
    @Override
    public booleanvoid equalsaddWidget(ObjectWidget owidget) {
        if (o == null(!layouts.contains(widget)) {
            return falselayouts.add(widget);
        }
        return true;}
    }
}

public classint LayoutManagergetLayoutSize() {
    private Set<Widget> layouts = newreturn HashSet<Widget>layouts.size();
    public void addWidget(Widget widget) {
    }
}

LayoutManager class containing a set of widgets is used by the example. An attacker can extend the Widget class as a Navigator widget and override the equals() method.

Code Block
public class Navigator extends Widget {
    ifpublic (!layouts.contains(widget))Navigator(int noOfComponents) {
            layouts.add(widgetsuper(noOfComponents);
        }
    }@Override
    public intboolean getLayoutSizeequals(Object o) {
		// Always returns true
        return layouts.size()true;
    }
}

 A navigator having negative number of components and a widget having nonnegative number of components are added to the layout manager class's layouts set. It is expected that the set would contain only one widget, however, the getLayoutSize() method returns two.

Client code

Code Block
        Widget nav = new Navigator(-1);
        Widget widget = new Widget(10);
        LayoutManager manager = new LayoutManager();
        manager.addWidget(nav);
        manager.addWidget(widget);
        System.out.println(manager.getLayoutSize()); // prints 2

The reason for this discrepancy is that the equals() method of Widget is not used; instead the equals() method provided by the Navigator class is used. 

Noncompliant Code Example (run())

What gets printed - main or child / both / either ?

...