The java.util.Collections
interface's documentation [[API 06]] warns about the consequences of synchronizing on any view over a collection object, rather than synchronizing on the collection object itself.
It is imperative that the user manually synchronize on the returned map when iterating over any of its collection views... Failure to follow this advice may result in non-deterministic behavior.
Synchronize on the original Collection
object when using synchronization wrappers to enforce atomicity ([CON07-J. Do not assume that a group of calls to independently atomic methods is atomic]).
This also applies to java.util.Map
objects, even though Maps are technically not Collections. – Good point but I think you mean the Collections interface. Acc to interface map API: "This interface is a member of the Java Collections Framework". Moreover it has collection views as stated in the API ref.
Noncompliant Code Example (collection view)
This noncompliant code example incorrectly synchronizes on the set
view of the synchronized map (map
) instead of the collection object [[Tutorials 08]].
// map has package-private accessibility final Map<Integer, String> map = Collections.synchronizedMap(new HashMap<Integer, String>()); private final Set<Integer> set = map.keySet(); public void doSomething() { synchronized(set) { // Incorrectly synchronizes on set for (Integer k : set) { // ... } } }
Compliant Solution (collection lock object)
This compliant solution synchronizes on the original Collection
object map
instead of the Collection
view set
.
// map has package-private accessibility final Map<Integer, String> map = Collections.synchronizedMap(new HashMap<Integer, String>()); private final Set<Integer> set = map.keySet(); public void doSomething() { synchronized(map) { // Synchronize on map, not set for (Integer k : set) { // ... } } }
Risk Assessment
Synchronizing on a collection view instead of the collection object may cause non-deterministic behavior.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
CON40-J |
medium |
probable |
medium |
P8 |
L2 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
[[API 06]] Class Collections
[[Tutorials 08]] Wrapper Implementations
Issue Tracking
Review List
[!The CERT Sun Microsystems Secure Coding Standard for Java^button_arrow_left.png!] [!The CERT Sun Microsystems Secure Coding Standard for Java^button_arrow_up.png!] [!The CERT Sun Microsystems Secure Coding Standard for Java^button_arrow_right.png!]