SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user Tamir Sen

Saved on

compared with

New Version Current

changes.mady.by.user Jon O'Donnell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The assert() method statement is a convenient mechanism for incorporating diagnostic tests in code. Expressions used with the standard assert method should not have side effects. Typically, the The behavior of the assert method statement depends on the status of a runtime property. If definedWhen enabled, the assert method is defined to evaluate statement evaluates its expression argument and abort if the result of the expression is convertible to false. If undefinedthrows an AssertionError if false. When disabled, assert is defined to be a no-op. Consequently, ; any side effects resulting from evaluation of the expression in the assertion are lost in non-debugging versions of the code. Consequently, expressions used with the standard assert statement must not produce side effects.

Noncompliant Code Example

This noncompliant code attempts to delete all the null names from the list in an assertion. However, the Boolean expression is not evaluated when assertions are disabled.

Code Block
bgColor#ffcccc
private ArrayList<String> names;

void process(int index) {
  assert(index++ > 0 names.remove(null); //* sideSide effect */
  //* ... */
}

Compliant Solution

Avoid the The possibility of side effects in assertions .can be avoided by decoupling the Boolean expression from the assertion:

Code Block
bgColor#ccccff
private ArrayList<String> names;

void process(int index) {
  boolean nullsRemoved assert(index > 0); /* no= names.remove(null);
  assert nullsRemoved; // No side effect */
  ++index;
  /*/ ... */
}

Risk Assessment

Side effects in assertions can lead to unexpected and erroneous behaviorresult in program behavior that depends on whether assertions are enabled or disabled.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

EXP31

EXP06-J

low

Low

unlikely

Unlikely

low

Low

P3

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

Wiki Markup
This rule appears in the C+\+ and C Secure Coding Standard as&nbsp;[EXP31-CPP. Avoid side effects in assertions|https://www.securecoding.cert.org/confluence/display/cplusplus/EXP31-CPP.+Avoid+side+effects+in+assertions] and \[EXP31-C. Avoid side effects in assertions

../display/seccode/EXP31-C.+Avoid+side+effects+in+assertions]

References

Automated Detection

Automated detection of assertion operands that contain locally visible side effects is straightforward. Some analyses could require programmer assistance to determine which method invocations lack side effects.

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

JAVA.STRUCT.SE.ASSERT

Assertion Contains Side Effects (Java)

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V6055
SonarQube

Include Page
SonarQube_V
SonarQube_V

S3346Expressions used in "assert" should not produce side effects


Related Guidelines

SEI CERT C Coding Standard

PRE31-C. Avoid side effects in arguments to unsafe macros

Android Implementation Details

The assert statement is supported on the Dalvik VM but is ignored under the default configuration. Assertions may be enabled by setting the system property debug.assert via: adb shell setprop debug.assert 1 or by sending the command-line argument --enable-assert to the Dalvik VM.

Bibliography

[Java Tutorials]

Programming With Assertions

[Seacord 2015]
Image result for video iconImage Added IDS17-J. Prevent XML External Entity Attacks LiveLesson


...

Image Added Image Added Image Added Wiki Markup\[[Putting Assertions in Your Code|http://java.sun.com/j2se/1.4.2/docs/guide/lang/assert.html]\] "As a rule, the expressions contained in assertions should be free of{_}side effects"_