SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 135

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 136

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Java Web Start applications and applets particular to JDK version 1.6, prior to update 4, were affected by a bug that had some noteworthy security consequences. In some isolated cases, the application or applet's attempt to establish an HTTPS connection with a server generated a NullPointerException [SDN 2008]. The resulting failure to establish a secure HTTPS connection with the server caused a denial of service. Clients were temporarily forced to use an insecure HTTP channel for data exchange.

Related Guidelines

SEI CERT C Coding Standard

EXP34-C. Do not dereference null pointers

SEI CERT C++ Coding Standard

VOID EXP34-CPP. Ensure a null pointer is not dereferenced

ISO/IEC TR 24772:2010

Null Pointer Dereference [XYH]

MITRE CWE

CWE-476. NULL pointer dereference

...

[API 2006]

Method doPrivileged()

[API 2014]Class java.util.Optional

[Hovemeyer 2007]

 

[Reasoning 2003]

Defect ID 00-0001

 

Null Pointer Dereference

[Seacord 2015] Image result for video iconImage Added EXP01-J. Never dereference null pointers LiveLesson

[SDN 2008]

Bug ID 6514454

[Urma 2014]Tired of Null Pointer Exceptions? Consider Using Java SE 8's Optional!

...