...
Object finalizers have also been deprecated since Java 9. See MET02-J. Do not use deprecated or obsolete classes or methods for more information.
...
Tool | Version | Checker | Description | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
CodeSonar | 4.2 | FB.BAD_PRACTICE.FI_EMPTY FB.BAD_PRACTICE.FI_EXPLICIT_INVOCATION FB.BAD_PRACTICE.FI_FINALIZER_NULLS_FIELDS FB.BAD_PRACTICE.FI_FINALIZER_ONLY_NULLS_FIELDS FB.BAD_PRACTICE.FI_MISSING_SUPER_CALL FB.BAD_PRACTICE.FI_NULLIFY_SUPER FB.MALICIOUS_CODE.FI_PUBLIC_SHOULD_BE_PROTECTED FB.BAD_PRACTICE.FI_USELESS | Empty finalizer should be deleted | |||||||||||
Coverity | 7.5 | CALL_SUPER | Implemented | |||||||||||
Parasoft Jtest |
| EJB CERT.MET12.MNDF , GC
MET12.OF ,UC
| Do not define 'finalize()' method in bean classes Call 'super.finalize()' from 'finalize()' Do not use 'finalize()' methods to unregister listeners Call 'super.finalize()' in the "finally" block of 'finalize()' methods Do not call 'finalize()' explicitly Do not overload the 'finalize()' method Avoid empty 'finalize()' methods Avoid redundant 'finalize()' methods which only call the superclass' 'finalize()' method Give "finalize()" methods "protected" access | |||||||||||
SonarQube |
| S1113 S1111 S1174 S2151 S1114 | The Object.finalize() method should not be overriden The Object.finalize() method should not be called "Object.finalize()" should remain protected (versus public) when overriding "runFinalizersOnExit" should not be called "super.finalize()" should be called at the end of "Object.finalize()" implementations | SonarQube Java Plugin | Include Page | | SonarQube Java Plugin_V | SonarQube Java Plugin_V | ObjectFinalizeOverridenCheck,
Related Vulnerabilities
AXIS2-4163 describes a vulnerability in the finalize()
method in the Axis web services framework. The finalizer incorrectly calls super.finalize()
before doing its own cleanup, leading to errors in GlassFish
when the garbage collector runs.
...