SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 110

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 111

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Static analysis tools that perform taint analysis can diagnose some violations of this rule.

Related Guidelines

[Seacord 2015]

SEI CERT C Coding Standard

FIO30-C. Exclude user input from format strings

SEI CERT C++ Coding Standard

VOID FIO30-CPP. Exclude user input from format strings

CERT Perl Secure Coding StandardIDS30-PL. Exclude user input from format strings

ISO/IEC TR 24772:2013

Injection [RST]

MITRE CWE

CWE-134, Uncontrolled format string

Image result for video iconImage Removed IDS06-J. Exclude unsanitized user input from format strings LiveLesson

Bibliography

[API 2006]

Class Formatter

[Seacord 2013]

Chapter 6, "Formatted Output"

[Seacord 2015] Image result for video iconImage Added IDS06-J. Exclude unsanitized user input from format strings LiveLesson

 

...