SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 51

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 52

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This compliant solution logs the passenger age at a level below INFOFINEST, in this case — to prevent the passenger age from being displayed the FINEST level to prevent this information from displaying on the console.

Code Block
bgColor#ccccff
// make sure that all handlers only print log messages rated INFO or higher
Handler handlers[] = logger.getHandlers();
for (int i = 0; i < handlers.length; i++) {
  handlers[i].setLevel(Level.INFO);
}
// ...
logger.finest("Age: " + passengerAge);

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9d5f51d904acb28b-31b3a580-46ce48f4-9b049914-f8c988195008bb24323d0d12"><ac:plain-text-body><![CDATA[

[[MITRE 2009

AA. Bibliography#MITRE 09]]

[CWE ID 532

http://cwe.mitre.org/data/definitions/532.html] "Information Exposure Through Log Files"

]]></ac:plain-text-body></ac:structured-macro>

 

CWE ID 533 "Information Exposure Through Server Log Files"

 

CWE ID 359 "Privacy Violation"

 

CWE ID 542 "Information Exposure Through Cleanup Log Files"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="dc4fde34c10ca0b5-11b1a054-47424e12-8a00a394-d88ca00d10e3f3565cbe12d5"><ac:plain-text-body><![CDATA[

[[API 2006

AA. Bibliography#API 06]]

Class java.util.logging.Logger

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5e2e1fde5219b8a9-242cee3e-4f1243a3-aaa78ca9-f14ca3d075a874f03970fac6"><ac:plain-text-body><![CDATA[

[[Chess 2007

AA. Bibliography#Chess 07]]

11.1 Privacy and Regulation: Handling Private Information

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9ba7eee495d918ff-da90b521-47f74221-8e619f34-1430dcbbea2a389943844ef9"><ac:plain-text-body><![CDATA[

[[CVE 2008

AA. Bibliography#CVE 08]]

[CVE-2005-2990

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2990]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="518b0eb5684960fb-417fa39f-481e4e19-a8a7b862-44d5e995185e2b72d4bc4aef"><ac:plain-text-body><![CDATA[

[[Sun 2006

AA. Bibliography#Sun 06]]

[Java Logging Overview

http://java.sun.com/javase/6/docs/technotes/guides/logging/overview.html]

]]></ac:plain-text-body></ac:structured-macro>

...