SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 3

changes.mady.by.user Fred Long

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Filled out the stub with default sections

This rule is a stub. It is also an instance of the guideline IDS00-J. Sanitize untrusted data passed across a trust boundary.

...

Noncompliant Code Example

This noncompliant code example shows an example where ...

Code Block
bgColor#FFCCCC
 

 

Compliant Solution

In this compliant solution, ...

Code Block
bgColor#CCCCFF
 

Risk Assessment

Trusting the contents of hidden form fields may lead to all sorts of nasty things.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

IDS14-J

Low

Probable

High

P2

L3

Automated Detection

TBD

Bibliography

[FindBugs 2008]Fortify Diagnostic