Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reverted from v. 151

...

This noncompliant code example exposes instances of the SomeObject someObject class to untrusted code.

Code Block
bgColor#FFCCCC
public class SomeObject {
  public synchronized void changeValue() { // Locks on the object's monitor
    // ...
  }
}

// Untrusted code
SomeObject someObject = new SomeObject();
synchronized (someObject) {
  while (true) {
    Thread.sleep(Integer.MAX_VALUE); // Indefinitely delay someObject
  }
}

The untrusted code attempts to acquire a lock on the object’s monitor and, upon succeeding, introduces an indefinite delay that prevents the synchronized changeValue() method from acquiring the same lock. Note that in the untrusted code, the attacker intentionally violates guideline LCK09-J. Do not perform operations that may block while holding a lock.

Noncompliant Code Example (

...

public Non-Final Lock Object)

This noncompliant code example locks on a public non-final object in an attempt to use a lock other than {{SomeObject}}’s intrinsic lock.

...

This noncompliant code example exposes the class object of SomeObject someObject to untrusted code.

Code Block
bgColor#FFCCCC
public class SomeObject {
  //changeValue locks on the class object's monitor
  public static synchronized void changeValueChangeValue() { 
    // ...
  }
}

// Untrusted code
synchronized (SomeObject.class) {
  while (true) {
    Thread.sleep(Integer.MAX_VALUE); // Indefinitely delay someObject
  }
}

...

Code Block
bgColor#ccccff
public class SomeObject {
  private static final Object lock = new Object(); // private final lock object

  public static void changeValueChangeValue() {
    synchronized (lock) { // Locks on the private Object
      // ...
    }
  }
}

In this compliant solution, changeValueChangeValue() obtains a lock on a private static Object that is inaccessible to the caller.

...