SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 119

changes.mady.by.user G. Ann Campbell

Saved on

compared with

New Version Current

changes.mady.by.user Alexandre GIGLEUX

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Using incompatible encodings when communicating string data between JVMs can result in corrupted data.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR04-J

Low

Unlikely

Medium

P2

L3

Automated Detection

Sound automated detection of this vulnerability is not feasible.

ToolVersionCheckerDescription
SonarQube Java Plugin
The Checker Framework

Include Page
The Checker Framework_V
The Checker Framework_V

Tainting CheckerTrust and security errors (see Chapter 8)
SonarQube
Include Page
SonarQube
Java Plugin
_V
SonarQube
Java Plugin
_V
S1943
Forbids use of default encoding

 

Classes and methods that rely on the default system encoding should not be used


Bibliography

[API 2014]
 

[Encodings 2014]

 

[Seacord 2015]

Image result for video iconImage Modified STR04-J. Use compatible character encodings when communicating string data between JVMs LiveLesson

...


...

Image Modified Image Modified Image Modified