SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 85

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 86

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added paragraph about stack traces possibly being sensitive

...

Exception Name

Description of information leak or threat

java.io.FileNotFoundException

Underlying file system structure, user name enumeration

java.sql.SQLException

Database structure, user name enumeration

java.net.BindException

Enumeration of open ports when untrusted client can choose server port

java.util.ConcurrentModificationException

May provide information about thread-unsafe code

javax.naming.InsufficientResourcesException

Insufficient server resources (may aid DoS)

java.util.MissingResourceException

Resource enumeration

java.util.jar.JarException

Underlying file system structure

java.security.acl.NotOwnerException

Owner enumeration

java.lang.OutOfMemoryError

Denial of service (DoS)

java.lang.StackOverflowError

Denial of service (DoS)

Printing the stack trace can also result in unintentionally leaking information about the structure and state of the process to an attacker. If a Java program is run within a console, and it terminates due to an uncaught exception, the exception's message and stack trace are displayed on the console; the stack trace may itself indicate sensitive information about the program's internal structure. Therefore command-line programs must never abort due to an uncaught exception.

Noncompliant Code Example (Leaks from Exception Message and Type)

...