Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tip

The table below can be re-ordered, by clicking column headers.

...

Include Page
java:Parasoft_Vjava:
Parasoft_V

Checker

Guideline

CERT.DCL00.ACD DCL00-J. Prevent class initialization cycles
CERT.DCL02.ITMOD DCL02-J. Do not modify the collection's elements during an enhanced for statement
CERT.ENV02DCL51.ENV HMF ENV02 DCL51-J. Do not trust the values of environment variables shadow or obscure identifiers in subscopes
CERT.ERR00DCL52.LGE MVOS ERR00 DCL52-J. Do not suppress or ignore checked exceptions declare more than one variable per declaration
CERT.ERR00DCL57.UCATCH OVAM ERR00 DCL57-J. Do not suppress or ignore checked exceptions Avoid ambiguous overloading of variable arity methods
CERT.ERR01DCL60.ACPST ACD ERR01 DCL60-J. Do not allow exceptions to expose sensitive information Avoid cyclic dependencies between packages
CERT.ERR01ENV02.ACW ENV ERR01 ENV02-J. Do not allow exceptions to expose sensitive information trust the values of environment variables
CERT.ERR01ERR00.CETS LGE ERR01 ERR00-J. Do not allow exceptions to expose sensitive information suppress or ignore checked exceptions
CERT.ERR03ERR00.REVOBJ UCATCH ERR03 ERR00-J. Restore prior object state on method failure Do not suppress or ignore checked exceptions
CERT.ERR04ERR01.ARCF ACPST ERR04 ERR01-J. Do not complete abruptly from a finally block allow exceptions to expose sensitive information
CERT.ERR04ERR01.ATSF ACW ERR04 ERR01-J. Do not complete abruptly from a finally block allow exceptions to expose sensitive information
CERT.ERR05ERR01.ARCF CETS ERR05 ERR01-J. Do not allow exceptions to expose sensitive information
CERT.ERR03.REVOBJ ERR03-J. Restore prior object state on method failure
CERT.ERR04.ARCF ERR04-J. Do not complete abruptly let checked exceptions escape from a finally block
CERT.ERR05ERR04.ATSF ERR05 ERR04-J. Do not let checked exceptions escape complete abruptly from a finally block
CERT.ERR07ERR05.NTERR ARCF ERR07 ERR05-J. Do not let checked exceptions escape from a finally block
CERT.ERR05.ATSF ERR05-J. Do not let checked exceptions escape from a finally block
CERT.ERR07.NTERR ERR07-J. Do not throw RuntimeException, Exception, throw RuntimeException, Exception, or Throwable
CERT.ERR07.NTX ERR07-J. Do not throw RuntimeException, Exception, or Throwable
CERT.ERR08.NCNPE ERR08-J. Do not catch NullPointerException or any of its ancestors
CERT.ERR09.EXIT ERR09-J. Do not allow untrusted code to terminate the JVM
CERT.ERR09.JVM ERR09-J. Do not allow untrusted code to terminate the JVM
CERT.EXP00ERR51.AECB NCE ERR51-J. Prefer user-defined exceptions over more general exception types
CERT.ERR54.CLFIN ERR54-J. Use a try-with-resources statement to safely handle closeable resources
CERT.EXP00.AECB EXP00-J. Do not ignore values returned EXP00-J. Do not ignore values returned by methods
CERT.EXP00.NASSIG EXP00-J. Do not ignore values returned by methods
CERT.EXP01.NCMD EXP01-J. Do not use a null in a case where an object is required
CERT.EXP01.NP EXP01-J. Do not use a null in a case where an object is required
CERT.EXP02.UEIC EXP02-J. Do not use the Object.equals() method to compare two arrays
CERT.EXP03.UEIC EXP03-J. Do not use the equality operators when comparing values of boxed primitives
CERT.EXP05.CID EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression
CERT.FIO03EXP50.ATF UEIC FIO03 EXP50-J. Remove temporary files before termination Do not confuse abstract object equality with reference equality
CERT.FIO03EXP51.REMTMP ASI FIO03 EXP51-J. Remove temporary files before termination Do not perform assignments in conditional expressions
CERT.FIO04EXP52.CCR BLK FIO04 EXP52-J. Release resources when they are no longer needed Use braces for the body of an if, for, or while statement
CERT.FIO04EXP53.CIO APAREN FIO04 EXP53-J. Release resources when they are no longer needed Use parentheses for precedence of operation
CERT.FIO04EXP55.LEAKS COMT FIO04 EXP55-J. Release resources when they are no longer needed Use the same type for the second and third operands in conditional expressions
CERT.FIO05FIO03.BUFEXP ATF FIO05 FIO03-J. Do not expose buffers or their backing arrays methods to untrusted code Remove temporary files before termination
CERT.FIO06FIO03.MULBUF REMTMP FIO06 FIO03-J. Do not create multiple buffered wrappers on a single byte or character stream Remove temporary files before termination
CERT.FIO07FIO04.EXEC CCR FIO07 FIO04-J. Do not let external processes block on IO buffers Release resources when they are no longer needed
CERT.FIO08FIO04.CRRV CIO FIO08 FIO04-J. Distinguish between characters or bytes read from a stream and -1 Release resources when they are no longer needed
CERT.FIO09FIO04.ARGWRITE LEAKS FIO09 FIO04-J. Do not rely on the write() method to output integers outside the range 0 to 255 Release resources when they are no longer needed
CERT.FIO12FIO05.PMRWLED BUFEXP FIO12 FIO05-J. Provide methods to read and write little-endian data Do not expose buffers or their backing arrays methods to untrusted code
CERT.FIO13FIO06.CONSEN MULBUF FIO13 FIO06-J. Do not log sensitive information outside a trust boundary create multiple buffered wrappers on a single byte or character stream
CERT.FIO13FIO07.LHII EXEC FIO13 FIO07-J. Do not log sensitive information outside a trust boundary let external processes block on IO buffers
CERT.FIO13FIO08.PEO CRRV FIO13 FIO08-J. Do not log sensitive information outside a trust boundary Distinguish between characters or bytes read from a stream and -1
CERT.FIO13FIO09.SENS ARGWRITE FIO13 FIO09-J. Do not log sensitive information outside a trust boundary rely on the write() method to output integers outside the range 0 to 255
CERT.FIO14FIO12.CCR PMRWLED FIO14 FIO12-J. Perform proper cleanup at program termination Provide methods to read and write little-endian data
CERT.FIO14FIO13.CIO CONSEN FIO14 FIO13-J. Perform proper cleanup at program termination Do not log sensitive information outside a trust boundary
CERT.FIO14FIO13.CRWD LHII FIO14 FIO13-J. Perform proper cleanup at program termination Do not log sensitive information outside a trust boundary
CERT.FIO16FIO13.CDBV PEO FIO16 FIO13-J. Canonicalize path names before validating them Do not log sensitive information outside a trust boundary
CERT.IDS00FIO13.TDSQL SENS IDS00 FIO13-J. Prevent SQL injection Do not log sensitive information outside a trust boundary
CERT.IDS03FIO14.TDLOG CCR IDS03 FIO14-J. Do not log unsanitized user input Perform proper cleanup at program termination
CERT.IDS06FIO14.VAFS CIO IDS06 FIO14-J. Exclude unsanitized user input from format strings Perform proper cleanup at program termination
CERT.IDS07FIO14.EXEC CRWD IDS07 FIO14-J. Sanitize untrusted data passed to the Runtime.exec() method Perform proper cleanup at program termination
CERT.IDS11FIO16.VPPD CDBV IDS11 FIO16-J. Perform any string modifications before validation Canonicalize path names before validating them
CERT.IDS16IDS00.TDXML TDSQL IDS16 IDS00-J. Prevent XML Injection SQL injection
CERT.JNI00IDS03.NATIW TDLOG JNI00 IDS03-J. Define wrappers around native methods Do not log unsanitized user input
CERT.LCK00IDS06.SOPF VAFS LCK00 IDS06-J. Use private final lock objects to synchronize classes that may interact with untrusted code Exclude unsanitized user input from format strings
CERT.LCK01IDS07.SCS EXEC LCK01 IDS07-J. Do not synchronize on objects that may be reused . Sanitize untrusted data passed to the Runtime.exec() method
CERT.LCK02IDS11.SGC VPPD LCK02 IDS11-J. Do not synchronize on the class object returned by getClass() Perform any string modifications before validation
CERT.LCK04IDS16.SOBC TDXML LCK04 IDS16-J. Do not synchronize on a collection view if the backing collection is accessible Prevent XML Injection
CERT.LCK05IDS51.IASF TDRESP LCK05 IDS51-J. Synchronize access to static fields that can be modified by untrusted code Properly encode or escape output
CERT.LCK06IDS51.INSTLOCK TDXSS LCK06 IDS51-J. Do not use an instance lock to protect shared static data Properly encode or escape output
CERT.LCK07IDS52.LORD TDCODE LCK07 IDS52-J. Avoid deadlock by requesting and releasing locks in the same order Prevent code injection
CERT.LCK08IDS53.LOCK TDJXPATH LCK08 IDS53-J. Ensure actively held locks are released on exceptional conditions Prevent XPath Injection
CERT.LCK08IDS53.RLF TDXPATH LCK08 IDS53-J. Ensure actively held locks are released on exceptional conditions Prevent XPath Injection
CERT.LCK09IDS54.TSHL TDLDAP LCK09 IDS54-J. Do not perform operations that can block while holding a lock Prevent LDAP injection
CERT.LCK09JNI00.TSHL2 NATIW LCK09 JNI00-J. Do not perform operations that can block while holding a lock Define wrappers around native methods
CERT.LCK10LCK00.DCL SOPF LCK10 LCK00-J. Use a correct form of the double-checked locking idiom private final lock objects to synchronize classes that may interact with untrusted code
CERT.MET02LCK01.DPRAPI SCS MET02 LCK01-J. Do not use deprecated or obsolete classes or methods synchronize on objects that may be reused
CERT.MET02LCK02.THRD SGC MET02 LCK02-J. Do not use deprecated or obsolete classes or methods synchronize on the class object returned by getClass()
CERT.MET04LCK04.OPM SOBC MET04 LCK04-J. Do not increase the accessibility of overridden or hidden methods synchronize on a collection view if the backing collection is accessible
CERT.MET06LCK05.CLONE IASF MET06 LCK05-J. Do not invoke overridable methods in clone() Synchronize access to static fields that can be modified by untrusted code
CERT.MET07LCK06.AHSM INSTLOCK MET07 LCK06-J. Never declare a class method that hides a method declared in a superclass or superinterface Do not use an instance lock to protect shared static data
CERT.MET08LCK07.EQREFL LORD MET08 LCK07-J. Preserve the equality contract when overriding the equals() method Avoid deadlock by requesting and releasing locks in the same order
CERT.MET09LCK08.OVERRIDE LOCK MET09 LCK08-J. Classes that define an equals() method must also define a hashCode() method Ensure actively held locks are released on exceptional conditions
CERT.MET11LCK08.IKICO RLF MET11 LCK08-J. Ensure that keys used in comparison operations are immutable actively held locks are released on exceptional conditions
CERT.MET12LCK09.EF TSHL MET12 LCK09-J. Do not use finalizers perform operations that can block while holding a lock
CERT.MET12LCK09.FCF TSHL2 MET12 LCK09-J. Do not use finalizers perform operations that can block while holding a lock
CERT.MET12LCK10.FCSF DCL MET12 LCK10-J. Do not use finalizers Use a correct form of the double-checked locking idiom
CERT.MET12MET02.FM DPRAPI MET12 MET02-J. Do not use finalizers deprecated or obsolete classes or methods
CERT.MET12MET02.IFF THRD MET12 MET02-J. Do not use finalizers deprecated or obsolete classes or methods
CERT.MET12MET04.MFP OPM MET12 MET04-J. Do not use finalizers increase the accessibility of overridden or hidden methods
CERT.MET12MET06.MNDF CLONE MET12 MET06-J. Do not use finalizers invoke overridable methods in clone()
CERT.MET12MET07.NCF AHSM MET12 MET07-J. Do not use finalizers Never declare a class method that hides a method declared in a superclass or superinterface
CERT.MET12MET08.OF EQREFL MET12 MET08-J. Do not use finalizers Preserve the equality contract when overriding the equals() method
CERT.MSC01MET09.EB OVERRIDE MSC01 MET09-J. Do not use an empty infinite loop Classes that define an equals() method must also define a hashCode() method
CERT.MSC03MET11.AHCA IKICO MSC03 MET11-J. Never hard code sensitive information Ensure that keys used in comparison operations are immutable
CERT.MSC03MET12.HCCK EF MSC03 MET12-J. Never hard code sensitive information Do not use finalizers
CERT.MSC03MET12.HCCS FCF MSC03 MET12-J. Never hard code sensitive information Do not use finalizers
CERT.MSC04MET12.LEAKS FCSF MSC04 MET12-J. Do not leak memory use finalizers
CERT.MSC06MET12.ITMOD FM MSC06 MET12-J. Do not modify the underlying collection when an iteration is in progress use finalizers
CERT.MSC07MET12.ILI IFF MSC07 MET12-J. Prevent multiple instantiations of singleton objects Do not use finalizers
CERT.NUM00MET12.BSA MFP NUM00 MET12-J. Detect or prevent integer overflow Do not use finalizers
CERT.NUM00MET12.CACO MNDF NUM00 MET12-J. Detect or prevent integer overflow Do not use finalizers
CERT.NUM00MET12.ICO NCF NUM00 MET12-J. Detect or prevent integer overflow Do not use finalizers
CERT.NUM01MET12.BADSHIFT OF NUM01 MET12-J. Do not perform bitwise and arithmetic operations on the same data use finalizers
CERT.NUM01MET50.NCBAV OVERLOAD NUM01 MET50-J. Do not perform bitwise and arithmetic operations on the same data Avoid ambiguous or confusing uses of overloading
CERT.NUM02MET52.ZERO CIFC NUM02 MET52-J. Ensure that division and remainder operations do not result in divide-by-zero errors Do not use the clone() method to copy untrusted method parameters
CERT.NUM04MET53.UBD SCLONE NUM04 MET53-J. Do not use floating-point numbers if precise computation is required Ensure that the clone() method calls super.clone()
CERT.NUM07MSC01.NAN EB NUM07 MSC01-J. Do not attempt comparisons with NaN use an empty infinite loop
CERT.NUM08MSC03.FPEXC AHCA NUM08 MSC03-J. Check floating-point inputs for exceptional values Never hard code sensitive information
CERT.NUM09MSC03.FPLI HCCK NUM09 MSC03-J. Do not use floating-point variables as loop counters
CERT.NUM10.BBDCC NUM10-J. Do not construct BigDecimal objects from floating-point literals
CERT.NUM12.CLP NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data
CERT.NUM13.AIC NUM13-J. Avoid loss of precision when converting primitive integers to floating-point
CERT.OBJ03.AGBPT OBJ03-J. Prevent heap pollution
CERT.OBJ04.CLONE OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.CPCL OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.MPT OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.MUCOP OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.SMO OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ05.CPCL OBJ05-J. Do not return references to private mutable class members
CERT.OBJ05.MPT OBJ05-J. Do not return references to private mutable class members
CERT.OBJ05.MUCOP OBJ05-J. Do not return references to private mutable class members
CERT.OBJ05.SMO OBJ05-J. Do not return references to private mutable class members
CERT.OBJ06..MPT OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ06.CPCL OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ06.MUCOP OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ06.SMO OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ07.MCNC OBJ07-J. Sensitive classes must not let themselves be copied
CERT.OBJ08.INNER OBJ08-J. Do not expose private members of an outer class from within a nested class
CERT.OBJ09.CMP OBJ09-J. Compare classes and not class names
CERT.OBJ10.RMO OBJ10-J. Do not use public static nonfinal fields
CERT.OBJ10.SPFF OBJ10-J. Do not use public static nonfinal fields
Never hard code sensitive information
CERT.MSC03.HCCS MSC03-J. Never hard code sensitive information
CERT.MSC04.LEAKS MSC04-J. Do not leak memory
CERT.MSC06.ITMOD MSC06-J. Do not modify the underlying collection when an iteration is in progress
CERT.MSC07.ILI MSC07-J. Prevent multiple instantiations of singleton objects
CERT.MSC52.SBC MSC52-J. Finish every set of statements associated with a case label with a break statement
CERT.MSC56.CC MSC56-J. Detect and remove superfluous code and values
CERT.MSC56.SWITCH MSC56-J. Detect and remove superfluous code and values
CERT.MSC56.VOVR MSC56-J. Detect and remove superfluous code and values
CERT.MSC57.PDCL MSC57-J. Strive for logical completeness
CERT.MSC57.PDS MSC57-J. Strive for logical completeness
CERT.MSC60.ASSERT MSC60-J. Do not use assertions to verify the absence of runtime errors
CERT.MSC61.AISSAJAVA MSC61-J. Do not use insecure or weak cryptographic algorithms
CERT.MSC61.AISSAXML MSC61-J. Do not use insecure or weak cryptographic algorithms
CERT.MSC61.CKTS MSC61-J. Do not use insecure or weak cryptographic algorithms
CERT.MSC61.HCCK MSC61-J. Do not use insecure or weak cryptographic algorithms
CERT.MSC61.ICA MSC61-J. Do not use insecure or weak cryptographic algorithms
CERT.MSC62.PCCF MSC62-J. Store passwords using a hash function
CERT.MSC62.PLAIN MSC62-J. Store passwords using a hash function
CERT.MSC62.PTPT MSC62-J. Store passwords using a hash function
CERT.MSC62.PWDPROP MSC62-J. Store passwords using a hash function
CERT.MSC62.PWDXML MSC62-J. Store passwords using a hash function
CERT.MSC62.UTAX MSC62-J. Store passwords using a hash function
CERT.MSC62.WCPWD MSC62-J. Store passwords using a hash function
CERT.MSC62.WPWD MSC62-J. Store passwords using a hash function
CERT.NUM00.BSA NUM00-J. Detect or prevent integer overflow
CERT.NUM00.CACO NUM00-J. Detect or prevent integer overflow
CERT.NUM00.ICO NUM00-J. Detect or prevent integer overflow
CERT.NUM01.BADSHIFT NUM01-J. Do not perform bitwise and arithmetic operations on the same data
CERT.NUM01.NCBAV NUM01-J. Do not perform bitwise and arithmetic operations on the same data
CERT.NUM02.ZERO NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors
CERT.NUM04.UBD NUM04-J. Do not use floating-point numbers if precise computation is required
CERT.NUM07.NAN NUM07-J. Do not attempt comparisons with NaN
CERT.NUM08.FPEXC NUM08-J. Check floating-point inputs for exceptional values
CERT.NUM09.FPLI NUM09-J. Do not use floating-point variables as loop counters
CERT.NUM10.BBDCC NUM10-J. Do not construct BigDecimal objects from floating-point literals
CERT.NUM12.CLP NUM12-J. Ensure conversions of numeric types to narrower types do not result in lost or misinterpreted data
CERT.NUM13.AIC NUM13-J. Avoid loss of precision when converting primitive integers to floating-point
CERT.NUM50.IDCD NUM50-J. Convert integers to floating point for floating-point operations
CERT.OBJ03.AGBPT OBJ03-J. Prevent heap pollution
CERT.OBJ04.CLONE OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.CPCL OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.MPT OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.MUCOP OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ04.SMO OBJ04-J. Provide mutable classes with copy functionality to safely allow passing instances to untrusted code
CERT.OBJ05.CPCL OBJ05-J. Do not return references to private mutable class members
CERT.OBJ05.MPT OBJ05-J. Do not return references to private mutable class members
CERT.OBJ05.MUCOP OBJ05-J. Do not return references to private mutable class members
CERT.OBJ05.SMO OBJ05-J. Do not return references to private mutable class members
CERT.OBJ06..MPT OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ06.CPCL OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ06.MUCOP OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ06.SMO OBJ06-J. Defensively copy mutable inputs and mutable internal components
CERT.OBJ07.MCNC OBJ07-J. Sensitive classes must not let themselves be copied
CERT.OBJ08.INNER OBJ08-J. Do not expose private members of an outer class from within a nested class
CERT.OBJ09.CMP OBJ09-J. Compare classes and not class names
CERT.OBJ10.RMO OBJ10-J. Do not use public static nonfinal fields
CERT.OBJ10.SPFF OBJ10-J. Do not use public static nonfinal fields
CERT.OBJ11.EPNFC OBJ11-J. Be wary of letting constructors throw exceptions
CERT.OBJ13.RMO OBJ13-J. Ensure that references to mutable objects are not exposed
CERT.OBJ51.DPAC OBJ51-J. Minimize the accessibility of classes and their members
CERT.OBJ51.DPAF OBJ51-J. Minimize the accessibility of classes and their members
CERT.OBJ51.DPAM OBJ51-J. Minimize the accessibility of classes and their members
CERT.OBJ51.DPPC OBJ51-J. Minimize the accessibility of classes and their members
CERT.OBJ51.DPPF OBJ51-J. Minimize the accessibility of classes and their members
CERT.OBJ51.DPPM OBJ51-J. Minimize the accessibility of classes and their members CERT.OBJ11.EPNFC OBJ11-J. Be wary of letting constructors throw exceptions
CERT.SEC01.PRIVIL SEC01-J. Do not allow tainted variables in privileged blocks
CERT.SEC02.TDRFL SEC02-J. Do not base security checks on untrusted sources
CERT.SEC03.ACL SEC03-J. Do not load trusted classes after allowing untrusted code to load arbitrary classes
CERT.SEC04.SCF SEC04-J. Protect sensitive operations with security manager checks
CERT.SEC05.ARM SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields
CERT.SEC51.PCL SEC51-J. Minimize privileged code
CERT.SER00.DUID SER00-J. Enable serialization compatibility during class evolution
CERT.SER01.ROWO SER01-J. Do not deviate from the proper signatures of serialization methods
CERT.SER03.SIF SER03-J. Do not serialize unencrypted sensitive data
CERT.SER04.SCSER SER04-J. Do not allow serialization and deserialization to bypass the security manager
CERT.SER07.RRSC SER07-J. Do not use the default serialized form for classes with implementation-defined invariants
CERT.SER09.VREADOBJ SER09-J. Do not invoke overridable methods from the readObject() method
CERT.SER11.IRX SER11-J. Prevent overwriting of externalizable objects
CERT.SER12.VOBD SER12-J. Prevent deserialization of untrusted data
CERT.STR00.COS STR00-J. Don't form strings containing partial characters from variable-width encodings
CERT.STR01.NCUCP STR01-J. Do not assume that a Java char fully represents a Unicode code point
CERT.STR02.CCL STR02-J. Specify an appropriate locale when comparing locale-dependent data
CERT.STR02.CTLC STR02-J. Specify an appropriate locale when comparing locale-dependent data
CERT.THI00.IRUN THI00-J. Do not invoke Thread.run()
CERT.THI01.AUTG THI01-J. Do not invoke ThreadGroup methods
CERT.THI02.ANF THI02-J. Notify all waiting threads rather than a single thread
CERT.THI03.UWIL THI03-J. Always invoke wait() and await() methods inside a loop
CERT.THI05.THRD THI05-J. Do not use Thread.stop() to terminate threads
CERT.TPS00.ISTART TPS00-J. Use thread pools to enable graceful degradation of service during traffic bursts
CERT.TSM00.OSNS TSM00-J. Do not override thread-safe methods with methods that are not thread-safe
CERT.TSM01.CTRE TSM01-J. Do not let the this reference escape during object construction
CERT.TSM02.CSTART TSM02-J. Do not use background threads during class initialization
CERT.VNA00.LORD VNA00-J. Ensure visibility when accessing shared primitive variables
CERT.VNA00.MRAV VNA00-J. Ensure visibility when accessing shared primitive variables
CERT.VNA02.MRAV VNA02-J. Ensure that compound operations on shared variables are atomic
CERT.VNA02.SSUG VNA02-J. Ensure that compound operations on shared variables are atomic
CERT.VNA03.MRAV VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic
CERT.VNA03.SSUG VNA03-J. Do not assume that a group of calls to independently atomic methods is atomic
CRT.MSC02.SRD MSC02-J. Generate strong random numbers
SECURITY.WSC.USC MSC00-J. Use SSLSocket rather than Socket for secure data exchange