SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 20

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 21

changes.mady.by.user Dhruv Mohindra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="65cbe0705a4a59cb-d20daad0-4ca74bd9-bf98801c-e2c733843ea49330a80b16a5"><ac:parameter ac:name=""> normalization</ac:parameter></ac:structured-macro>
*normalization* : Lossy conversion of the data to its simplest known (and anticipated) form. "When implementations keep strings in a normalized form, they can be assured that equivalent strings have a unique binary representation" \[[Unicode 08|AA. Java References#Unicode 08]\].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5b788fd3-f80d-4f19-ad3e-78977d7a1f5c"><ac:parameter ac:name=""> normalization (URI)</ac:parameter></ac:structured-macro>
*normalization (URI)* : Normalization is the process of removing unnecessary "."  and ".." segments from the path component of a hierarchical URI. Each "." segment is simply removed. A ".." segment is removed only if it is preceded by a non-".." segment. Normalization has no effect upon opaque URIs \[[API 06|AA. Java References#API 06]\].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4a8bddcc-c8b3-41c2-b0c1-4d0842e0be9e"><ac:parameter ac:name=""> relativization (URI)</ac:parameter></ac:structured-macro>
*relativization (URI)* : "\[Relativization\] is the inverse of resolution. For example, relativizing the URI {{http://java.sun.com/j2se/1.3/docs/guide/index.html}} against the base URI {{http://java.sun.com/j2se/1.3}} yields the relative URI {{docs/guide/index.html}}." \[[API 06|AA. Java References#API 06]\].

Anchor
trusted code
trusted code

trusted code : Code that is loaded by the primordial class loader, irrespective of whether it constitutes the Java API or not. In this text, this meaning is extended to include code that is obtained from a known entity and given permissions that untrusted code lacks. By this definition, untrusted and trusted code can coexist in the namespace of a single class loader (not necessarily the primordial class loader). In such cases, the security policy must make this distinction clear by assigning appropriate privileges to trusted code, while denying the same from untrusted code.

...

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c73584951c1e3090-42224e02-41e04401-a019a852-a8a9d0a04c959aa24b4f20d0"><ac:parameter ac:name=""> volatile</ac:parameter></ac:structured-macro>
*volatile* : Declaring a variable {{volatile}} ensures that all threads see a consistent value of the variable. Volatile guarantees atomic reads and writes of values, however, it does not guarantee the atomicity of composite operations such as variable incrementation (read-modify-write sequence). "Operations on the master copies of volatile variables on behalf of a thread are performed by the main memory in exactly the order that the thread requested." \[[JVMSpec 99|AA. Java References#JVMSpec 99]\].

Wiki Markup
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="242eba4ec0d5a213-7ef81505-46e14e96-9232ae28-ed0510c50fa063c512bca2cc"><ac:parameter ac:name=""> vulnerability</ac:parameter></ac:structured-macro>
*vulnerability* : "A set of conditions that allows an attacker to violate an explicit or implicit security policy" \[[Seacord 05|AA. Java References#Seacord 05]\].