SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 134

changes.mady.by.user James Ahlborn

Saved on

compared with

New Version 135

changes.mady.by.user Pranjal Jumde

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: changing RA Table

...

"If a singleton contains a nontransient object reference field, the contents of this field will be deserialized before the singleton’s singletonâ�€�™s readResolve method is run. This allows a carefully crafted stream to 'steal' a reference to the originally deserialized singleton at the time the contents of the object reference field are deserialized" [Bloch 2008].

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC07-J

lowLow

unlikelyUnlikely

mediumMedium

P2

L3

Related Guidelines

MITRE CWE

CWE-543. Use of Singleton pattern without synchronization in a multithreaded context

...