(THIS CODING RULE OR GUIDELINE IS UNDER CONSTRUCTION)
Noncompliant Code Example
Compliant Solution
Exceptions
Risk Assessment
Failure to define wrappers around native methods can allow unprivileged callers to invoke them and exploit inherent vulnerabilities such as buffer overflows in native libraries.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
JNI01-J | P27 | L1 |
Automated Detection
Related Guidelines
CWE-111. Direct use of unsafe JNI | |
Secure Coding Guidelines for the Java Programming Language, Version 4.0 | Guideline 9-9. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance |
Bibliography
[JNI 2006] |
|
|