Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rules have a consistent structure. Each rule has a unique identifier, which is included in the title. The title of the rules and the introductory paragraphs define the conformance requirements. This is typically followed by one or more pairs of noncompliant code examples and corresponding compliant solutions. Each rule also includes a risk assessment and bibliographical references specific to that rule. When applicable, rules also list related guidelines from the following sources:

  • Wiki Markup
    [The CERT C Secure Coding Standard|seccode:CERT C Secure Coding Standard] \[[Seacord 2008|AA. Bibliography#Seacord 2008]\]
  • Wiki Markup
    [The CERT C+\+ Secure Coding Standard|cplusplus:CERT C++ Secure Coding Standard] \[[CERT 2011|AA. Bibliography#CERT 2011]\]
  • Wiki Markup
    ISO/IEC TR 24772. Information Technology — Programming Languages — Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use \[[ISO/IEC TR 24772:2010|AA. Bibliography#ISO/IEC TR 24772-2010]\]
  • Wiki Markup
    [MITRE CWE|http://cwe.mitre.org/] \[[MITRE 2011|AA. Bibliography#MITRE 2011]\]
  • Wiki Markup
    Secure Coding Guidelines for the Java Programming Language, version 2.0 \[[SCG 2007|AA. Bibliography#SCG 2007]\]
  • Wiki Markup
    Secure Coding Guidelines for the Java Programming Language, version 3.0 \[[SCG 2009|AA. Bibliography#SCG 2009]\]
  • The Elements of Java Style [Rogue 2000]