SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 36

changes.mady.by.user Melanie Thompson

Saved on

compared with

New Version 37

changes.mady.by.user Dean Sutherland

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The conditional AND and OR operators (&& and ||, respectively) exhibit short-circuit behavior. That is, the second operand is not evaluated if only when the result can cannot be deduced solely by evaluating the first operand.

Exercise caution if when the operands following the first operand contain side effects. In the following code, the value of i is incremented only when i >= 0.

...

Although the behavior is well defined, it is not immediately obvious unclear whether i gets incremented or not.

Noncompliant Code Example

...

Code Block
bgColor#ffcccc
class BadRenameFile {
  public static void main(String[] args) {
    File fOriginal = new File("original.txt");
    File fNew = new File("new.txt");
    if (fOriginal.exists() || fOriginal.renameTo(fNew)) {
      // do something with fNew
      fNew.delete();
    }
  }
}

...

Knowledge of the short-circuit behavior can be used to enforce the desired specification. This program compliant solution traps an error if the file does not exist or when it cannot be renamed to the new file name. Operations on the new file follow.

Code Block
bgColor#ccccff
class RenameFile {
  public static void main(String[] args) {
    File fOriginal = new File("original.txt");
    File fNew = new File("new.txt");

    if (!fOriginal.exists() || !fOriginal.renameTo(fNew)) {
      // handle error
    }
    // do something with fNew
    if (!fNew.delete()) {
      // handle error  
    }
  }
}

...

This code snippet sequentially executes the subexpressions while avoiding an array indexing exception resulting from the checks that execute prior to the last subexpressionchecks for potential error conditions, before allowing the main computation to proceed. The short-circuit behavior of && guarantees that the first error condition encountered will terminate the checking process.

Risk Assessment

Failing Failure to understand the short-circuit behavior of the logical AND and OR operators may cause unintended program behavior.

Guideline

Severity

Likelihood

Remediation Cost

Priority

Level

EXP07-J

low

unlikely

medium

P2

L3

Automated Detection

TODODetection of short-circuit operators is straightforward, but sound error checking for this guideline is not feasible in the general case. Heuristic warnings may be useful.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this guideline on the CERT website.

Bibliography

Wiki Markup
\[[Flanagan 2005|AA. Bibliography#Flanagan 05]\] 2.5.6. Boolean Operators\[[JLS 2005|AA. Bibliography#JLS 05]\] Sections [15.23|http://java.sun.com/docs/books/jls/third_edition/html/expressions.html#15.23] "Conditional-And Operator &&" and [15.24|http://java.sun.com/docs/books/jls/third_edition/html/expressions.html#15.24] "Conditional-Or Operator ||"
\[[Flanagan 2005|AA. Bibliography#Flanagan 05]\] 2.5.6. Boolean Operators

...

EXP06-J. Use parentheses for precedence of operation      04. Expressions (EXP)      EXP08-J. Understand the evaluation of expressions containing non short-circuit operators