...
A solution to this problem is to declare meaningfully-named constants at the start of the program whose values are set equal to the desired literals, and to refrence these constants rather than the literals themselves throughout the program. The advantages to this approach are that the constant's name can indicate the meaning or intended use of the constant, and should the constant need to be changed, this can be accomplished simply by editing the constant declaration without having to search the code for all uses of it.
final
The final keyword in Java is used to declare constants. Its effect is to render the affected variable immutable. Attempting to change the value of a final-qualified variable results in a compile-time error.
...
This code declares the value SIZE to be of type int and to have the immutable value 25. This constant can subsequently be used whenever the value 25 would be needed.
Although final is useful for creating constants, its use can lead to other problems. See OBJ03-J. Be careful about final reference for more details.
Noncompliant Code Example
The following noncompliant code calculates various dimensions of a sphere, given its radius.
...
The methods use the seemingly-random literals 12.56, 4.19, and 6.28 to represent various scaling factors used to calculate these dimensions. Someone reading this code would have no idea how they were generated or what they meant, and would therefore be unable to understand the function of this code.
Noncompliant Code Example
The following noncompliant code attempts to avoid the above issues by explicitly calculating the required constants
...
The code uses the literal "3.14" to represent the value pi. Although this removes some of the ambiguity from the literals, it complicates code maintenance. If the programmer were to decide that a more-precise value of pi was needed, he would need to find all occurances of "3.14" in the code and replace them.
Compliant Solution
In this compliant solution, a constant PI is first declared and set equal to 3.14, and is thereafter referenced in the code whenever the value pi is needed.
...
This both clarifies the code and allows easy editing, for if a different value for pi is required, the programmer can simply redefine the constant.
Exceptions
The use of symbolic constants should be restricted to cases where they improve the readability and maintainability of the code. Using them when the intent of the literal is obvious, or where the literal is not likely to change, can impair code readability. In the Compliant Solution above, the values 4.0 and 3.0 in the volume calculation are clearly scaling factors used to calculate the circle volume, and as such are not subject to change (unlike pi, they can be represented exactly, so there is no reason to change them to increase precision). Hence, replacing them with symbolic constants would be inappropriate.
Risk Assessment
Using numeric literals makes code more difficult to read, understand or edit.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
X DCL03-J | low | unlikely | high | P1 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
This rule appears in the C++ Secure Coding Standard as DCL06-CPP. Use meaningful symbolic constants to represent literal values in program logic and in the C Secure Coding Standard as DCL06-C. Use meaningful symbolic constants to represent literal values in program logic.
References
| Wiki Markup |
|---|
\[[API 06|AA. Java References#API 06]\] \[[Core Java 04|AA. Java References#Core Java 04]\] |