SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user Fei He

Saved on

compared with

New Version 9

changes.mady.by.user Fei He

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If the method changeValue is called in this case, the lock is obtained on a private Object that is both invisible and inaccessible from the caller. The this instance is not vulnerable from denial-of-service attack. Thread-safe class may be protected in this way by using the private lock object idiom.

Risk Assessment

Synchronizing on the whole instance can result in Denial-of-service and private object lock is preferred when possible.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

CON10 - J

medium

probable

medium

P8

L2

Reference

Wiki Markup
\[[Effective Java, Item 52|http://books.google.com/books?id=ZZOiqZQIbRMC&pg=PA210&lpg=PA210&dq=private+lock+object+idiom&source=bl&ots=UZP26thN4-&sig=QCPUutihieMlD8cNJIwPLpvBCXc&hl=en&ei=RJPzSsG0EJXilAezjuWjAw&sa=X&oi=book_result&ct=result&resnum=1&ved=0CAgQ6AEwAA#v=onepage&q=private%20lock%20object%20idiom&f=false]\]