SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 9

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 10

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A maintainer might add a debug statement or other logic , but forget to add opening and closing braces.

...

Code Block
bgColor#ffcccc
int privileges;

if (invalid_login())
  if (allow_guests())
    privileges = GUEST;
  else
    privileges = ADMINISTRATOR;

This is a vulnerability , because unauthorized users can obtain administrator privileges.

...

CERT C Secure Coding Standard: "EXP19-C. Use braces for the body of an if, for, or while statement"

Bibliography

Wiki Markup
\[[GNU 2010|AA. Bibliography#GNU 10]\] [Coding Standards, Section 5.3, "Clean Use of C Constructs"|http://www.gnu.org/prep/standards/standards.html#Syntactic-Conventions]

...