Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search
Log in
Confluence
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
Available Gadgets
About Confluence
Log in
SEI CERT Oracle Coding Standard for Java
Pages
Boards
Space shortcuts
Dashboard
Secure Coding Home
Android
C
C++
Java
Perl
Page tree
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Pages
…
SEI CERT Oracle Coding Standard for Java
4 Back Matter
Rule or Rec. CC. Analyzers
SonarQube
Page Information
Title:
SonarQube
Author:
Will Snavely
Aug 11, 2015
Last Changed by:
David Svoboda
Oct 14, 2024
Tiny Link:
(useful for email)
https://wiki.sei.cmu.edu/confluence/x/KTZGBQ
Export As:
Word
·
PDF
Incoming Links
SEI CERT Oracle Coding Standard for Java (81)
Page:
IDS00-J. Prevent SQL injection
Page:
MET53-J. Ensure that the clone() method calls super.clone()
Page:
THI03-J. Always invoke wait() and await() methods inside a loop
Page:
ERR00-J. Do not suppress or ignore checked exceptions
Page:
IDS07-J. Sanitize untrusted data passed to the Runtime.exec() method
Page:
EXP00-J. Do not ignore values returned by methods
Page:
MSC56-J. Detect and remove superfluous code and values
Page:
OBJ01-J. Limit accessibility of fields
Page:
MSC03-J. Never hard code sensitive information
Page:
DCL51-J. Do not shadow or obscure identifiers in subscopes
Page:
OBJ13-J. Ensure that references to mutable objects are not exposed
Page:
ERR09-J. Do not allow untrusted code to terminate the JVM
Page:
LCK10-J. Use a correct form of the double-checked locking idiom
Page:
LCK01-J. Do not synchronize on objects that may be reused
Page:
MET05-J. Ensure that constructors do not call overridable methods
Page:
THI02-J. Notify all waiting threads rather than a single thread
Page:
TSM02-J. Do not use background threads during class initialization
Page:
ERR07-J. Do not throw RuntimeException, Exception, or Throwable
Page:
IDS17-J. Prevent XML External Entity Attacks
Page:
OBJ06-J. Defensively copy mutable inputs and mutable internal components
Page:
NUM02-J. Ensure that division and remainder operations do not result in divide-by-zero errors
Page:
NUM51-J. Do not assume that the remainder operator always returns a nonnegative result for integral operands
Page:
DCL50-J. Use visually distinct identifiers
Page:
STR50-J. Use the appropriate method for counting characters in a string
Page:
DCL00-J. Prevent class initialization cycles
Page:
EXP06-J. Expressions used in assertions must not produce side effects
Page:
ERR05-J. Do not let checked exceptions escape from a finally block
Page:
LCK09-J. Do not perform operations that can block while holding a lock
Page:
IDS54-J. Prevent LDAP injection
Page:
MET09-J. Classes that define an equals() method must also define a hashCode() method
Page:
SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields
Page:
IDS04-J. Safely extract files from ZipInputStream
Page:
MET12-J. Do not use finalizers
Page:
EXP50-J. Do not confuse abstract object equality with reference equality
Page:
NUM10-J. Do not construct BigDecimal objects from floating-point literals
Page:
FIO02-J. Detect and handle file-related errors
Page:
EXP02-J. Do not use the Object.equals() method to compare two arrays
Page:
FIO04-J. Release resources when they are no longer needed
Page:
EXP04-J. Do not pass arguments to certain Java Collections Framework methods that are a different type than the collection parameter type
Page:
EXP03-J. Do not use the equality operators when comparing values of boxed primitives
Page:
OBJ05-J. Do not return references to private mutable class members
Page:
FIO10-J. Ensure the array is filled when using read() to fill an array
Page:
MET02-J. Do not use deprecated or obsolete classes or methods
Page:
NUM52-J. Be aware of numeric promotion behavior
Page:
STR04-J. Use compatible character encodings when communicating string data between JVMs
Page:
ERR08-J. Do not catch NullPointerException or any of its ancestors
Page:
MSC61-J. Do not use insecure or weak cryptographic algorithms
Page:
SER05-J. Do not serialize instances of inner classes
Page:
MSC02-J. Generate strong random numbers
Page:
THI01-J. Do not invoke ThreadGroup methods
Page:
SER01-J. Do not deviate from the proper signatures of serialization methods
Page:
IDS08-J. Sanitize untrusted data included in a regular expression
Page:
EXP53-J. Use parentheses for precedence of operation
Page:
LCK03-J. Do not synchronize on the intrinsic locks of high-level concurrency objects
Page:
MET55-J. Return an empty array or collection instead of a null value for methods that return an array or collection
Page:
NUM50-J. Convert integers to floating point for floating-point operations
Page:
THI00-J. Do not invoke Thread.run()
Page:
EXP51-J. Do not perform assignments in conditional expressions
Page:
VNA01-J. Ensure visibility of shared references to immutable objects
Page:
MSC52-J. Finish every set of statements associated with a case label with a break statement
Page:
LCK00-J. Use private final lock objects to synchronize classes that may interact with untrusted code
Page:
ERR01-J. Do not allow exceptions to expose sensitive information
Page:
MSC54-J. Avoid inadvertent wrapping of loop counters
Page:
SER00-J. Enable serialization compatibility during class evolution
Page:
DCL52-J. Do not declare more than one variable per declaration
Page:
OBJ10-J. Do not use public static nonfinal fields
Page:
ERR51-J. Prefer user-defined exceptions over more general exception types
Page:
STR02-J. Specify an appropriate locale when comparing locale-dependent data
Page:
LCK02-J. Do not synchronize on the class object returned by getClass()
Page:
ERR04-J. Do not complete abruptly from a finally block
Page:
EXP01-J. Do not use a null in a case where an object is required
Page:
EXP05-J. Do not follow a write by a subsequent write or read of the same object within an expression
Page:
MSC11-J. Do not let session information leak within a servlet
Page:
ENV06-J. Production code must not contain debugging entry points
Page:
ERR02-J. Prevent exceptions while logging data
Page:
MET08-J. Preserve the equality contract when overriding the equals() method
Page:
EXP52-J. Use braces for the body of an if, for, or while statement
Page:
ERR54-J. Use a try-with-resources statement to safely handle closeable resources
Page:
MSC51-J. Do not place a semicolon immediately following an if, for, or while condition
Page:
OBJ09-J. Compare classes and not class names
Page:
MSC01-J. Do not use an empty infinite loop
Hierarchy
Parent Page
Page:
Rule or Rec. CC. Analyzers
Labels
Global Labels (1)
analyzer
Recent Changes
Time
Editor
Oct 14, 2024 07:23
David Svoboda
View Changes
Feb 08, 2024 09:03
David Svoboda
View Changes
Jul 13, 2023 13:36
David Svoboda
View Changes
Jun 06, 2023 12:22
David Svoboda
View Changes
Apr 19, 2023 14:04
David Svoboda
View Page History
Outgoing Links
External Links (173)
https://rules.sonarsource.com/java/RSPEC-2076
https://rules.sonarsource.com/java/RSPEC-2077
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-2755
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1147
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1143
https://rules.sonarsource.com/java/RSPEC-2631
https://rules.sonarsource.com/java/RSPEC-2111
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1943
https://rules.sonarsource.com/java/RSPEC-2637
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-112
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-2066
https://rules.sonarsource.com/java/RSPEC-2061
https://rules.sonarsource.com/java/RSPEC-106
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-2225
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-2175
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-2693
https://rules.sonarsource.com/java/RSPEC-5042
https://rules.sonarsource.com/java/RSPEC-899
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-2059
https://rules.sonarsource.com/java/RSPEC-2057
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-3011
https://rules.sonarsource.com/java/RSPEC-2162
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-2447
https://rules.sonarsource.com/java/RSPEC-1114
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1874
https://rules.sonarsource.com/java/RSPEC-2446
https://rules.sonarsource.com/java/RSPEC-1111
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-2201
https://rules.sonarsource.com/java/RSPEC-1872
https://rules.sonarsource.com/java/RSPEC-1113
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-3014
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-881
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-2274
https://rules.sonarsource.com/java/RSPEC-2151
https://rules.sonarsource.com/java/RSPEC-1181
https://rules.sonarsource.com/java/RSPEC-2390
https://rules.sonarsource.com/java/RSPEC-2159
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-1989
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-3649
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-2384
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1174
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1699
https://rules.sonarsource.com/java/RSPEC-1698
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1696
https://rules.sonarsource.com/java/RSPEC-2386
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-3518
https://rules.sonarsource.com/java/RSPEC-1217
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-1163
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://rules.sonarsource.com/java/RSPEC-1444
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-2259
https://rules.sonarsource.com/java/RSPEC-1166
https://rules.sonarsource.com/java/RSPEC-4435
https://rules.sonarsource.com/java/RSPEC-3346
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-1449
https://rules.sonarsource.com/java/RSPEC-1206
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://rules.sonarsource.com/java/RSPEC-2886
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://www.sonarsource.com/products/codeanalyzers/sonarjav…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?p…
SEI CERT Oracle Coding Standard for Java (1)
Page:
SonarQube_V
Overview
Content Tools
{"serverDuration": 280, "requestCorrelationId": "682886bffe57e0cb"}