SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 162

changes.mady.by.user G. Ann Campbell

Saved on

compared with

New Version Current

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A significant number of concurrency vulnerabilities arise from locking on the wrong kind of object. It is important to consider the properties of the lock object rather than simply scavenging for objects on which to synchronize.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

LCK01-J

medium

probable

medium

P8

L2

Automated Detection

Some static analysis tools can detect violations of this rule.

ToolVersionCheckerDescription
The Checker Framework

Include Page
The Checker Framework_V
The Checker Framework_V

Lock CheckerConcurrency and lock errors (see Chapter 6)
Parasoft Jtest
9.5TRS.SCSImplementedSonarQube Java Plugin
Include Page
Parasoft_V
Parasoft_V
CERT.LCK01.SCSDo not synchronize on constant Strings
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V6070
SonarQube
Include Page
SonarQube
Java Plugin
_V
SonarQube
Java Plugin
_V
S1860
Implemented

ThreadSafe
Include Page
ThreadSafe_V
ThreadSafe_V

CCE_CC_REUSEDOBJ_SYNC

Implemented

Bibliography

[API 2006]

Class String, Collections

[Findbugs 2008]

 


[Miller 2009]

Locking

[Pugh 2008]

Synchronization

[Tutorials 2008]

Wrapper Implementations

...


...

Image Modified Image Modified Image Modified