Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Returns the ordinal of the enumeration constant (its position in its enum declaration, where the initial constant is assigned an ordinal of zero). Most programmers will have no use for this method. It is designed for use by sophisticated enum-based data structures, such as EnumSet and EnumMap.

Noncompliant Code Example

This noncompliant code example declares enum Hydrocarbon and uses its ordinal() method to provide the result of the getNumberOfCarbons() method.

...

While this noncompliant code example works, its maintenance is susceptible to vulnerabilities. If the enum constants were reordered, the getNumberOfCarbon() method would return incorrect values. Also, BENZENE - which also has 6 carbons - cannot be added without violating the current enum design.

Compliant Solution

In this compliant solution, enum constants are explicitly associated with the corresponding integer values for the number of carbon atoms they contain.

Code Block
bgColor#ccccff
enum Hydrocarbon {
  METHANE(1), ETHANE(2), PROPANE(3), BUTANE(4), PENTANE(5),
  HEXANE(6), HEPTANE(7), OCTANE(8), NONANE(9), DECANE(10);

  private final int numberOfCarbons;

  Hydrocarbon(int carbons) { this.numberOfCarbons = carbons; }

  public int getNumberOfCarbons() {
    return numberOfCarbons;
  }
}

Risk Assessment

Use of ordinals to derive integer values reduces the program's maintainability and can lead to errors in the program.

Guideline

Severity

Likelihood

Remediation Cost

Priority

Level

DCL11 DCL03-J

low

probable

medium

P4

L3

Related Guidelines

C Secure Coding Standard: "INT09-C. Ensure enumeration constants map to unique values"

C++ Secure Coding Standard: "INT09-CPP. Ensure enumeration constants map to unique values"

Bibliography

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="8f900a95929e6e92-ffe72698-4e774b12-b4afa477-b94c5c1a942840389340bf01"><ac:plain-text-body><![CDATA[

[[JLS 2005

AA. Bibliography#JLS 05]

[§8.9, "Enums"

http://java.sun.com/docs/books/jls/third_edition/html/classes.html#8.9]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a70a1577dd1630d9-aac697c2-4c3f44f5-8ec681a8-cf3758dbf93038f9029c3703"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

[Enum

http://download.oracle.com/javase/6/docs/api/java/lang/Enum.html]

]]></ac:plain-text-body></ac:structured-macro>

...