...
Failure to internally synchronize access to static fields that can be modified by untrusted code risks incorrect synchronization because the author of the untrusted code can inadvertently or maliciously ignore the synchronization policy.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
LCK05-J | Low | Probable | Medium | P4 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
CodeSonar |
| JAVA.CONCURRENCY.UG.METH | Unguarded Method (Java) | ||||||
Parasoft Jtest |
| CERT.LCK05.IASF | Inspect accesses to "static" fields which may require synchronization |
Related Guidelines
Bibliography
...
...